Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/55ede288-20da-46a9-b532-c24cfd455a05.roa
File: 55ede288-20da-46a9-b532-c24cfd455a05.roa (raw, json)
Hash identifier: a2apwE2QENKlm4lq30221b47bl29U1uiDVGCrx4xuEw=
Subject key identifier: F5:F5:EA:A7:16:99:2D:56:BD:0F:42:8A:6A:64:F9:02:FC:03:2F:C6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6519307D7FF47321B0B1CF8F6C51375134084B6A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/55ede288-20da-46a9-b532-c24cfd455a05.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.128.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:19:30:7d:7f:f4:73:21:b0:b1:cf:8f:6c:51:37:51:34:08:4b:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=8edf7556493548970d6d900926a93a9316f2d41106d8c0a7e954e51a216187d0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f4:d9:50:58:c8:25:76:ec:cc:2e:b3:3f:21:
17:a7:fc:a4:3d:68:e1:dd:08:f4:16:a2:7f:aa:00:
6b:3c:34:e9:35:09:0b:70:9f:99:5e:8a:a4:4e:31:
ce:6a:4e:87:9e:cf:02:8c:4b:51:9b:b2:2f:5a:b1:
a9:a2:67:4f:fb:aa:89:28:18:97:58:0d:1f:9b:ac:
62:f2:21:1f:51:e5:f5:33:e5:ce:29:4b:a3:19:31:
bc:2e:eb:ca:f1:8c:a0:85:74:20:bd:0d:30:ab:7a:
51:33:4a:a4:2d:59:7b:aa:31:03:ea:23:6e:c3:ed:
9d:86:06:f1:e3:fe:75:5b:7e:69:02:59:19:88:a8:
83:7d:70:b0:81:bf:d3:35:69:6b:ef:57:0b:a5:48:
34:a5:ea:27:1c:93:82:a0:3f:c2:68:79:d8:29:59:
10:ba:15:08:08:7a:8b:4e:54:af:a4:19:91:62:3f:
42:4e:3c:87:f8:5e:24:a8:71:59:93:5c:2a:a5:4e:
5a:e3:8e:17:90:99:fb:ff:af:de:ab:40:49:fc:4f:
db:df:ff:e9:17:38:4f:4a:16:34:f6:e7:66:f4:0d:
f4:c6:10:40:3e:25:15:79:b0:64:a3:2f:a7:f8:91:
d6:89:7e:fc:cc:9a:e6:22:06:dd:a7:bb:1e:d6:58:
ca:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:F5:EA:A7:16:99:2D:56:BD:0F:42:8A:6A:64:F9:02:FC:03:2F:C6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/55ede288-20da-46a9-b532-c24cfd455a05.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.128.0.0/16
Signature Algorithm: sha256WithRSAEncryption
49:dc:cf:9a:54:45:55:bd:4f:00:fd:03:6f:07:04:14:78:4e:
4f:bd:46:da:02:10:ed:66:63:0d:97:a1:de:ca:c3:50:7b:c1:
b8:44:68:63:c7:54:89:05:dd:56:56:f3:03:20:d4:17:c3:f9:
e2:7e:e7:92:91:92:a1:22:90:6f:23:cb:59:17:57:4f:86:11:
f6:a1:ab:ce:ed:48:08:64:c2:02:52:56:b4:b6:b1:6b:a4:f9:
57:3f:be:17:c0:f6:fd:46:11:5b:0b:be:c0:a6:c8:23:e9:2a:
e0:b1:8d:d3:16:76:33:8c:94:19:25:f1:33:67:9e:77:4e:88:
af:b1:3a:eb:ff:56:e7:eb:c7:4f:9c:24:80:ba:8a:a5:fd:2b:
1e:2b:ee:d9:d5:72:15:55:2f:13:93:12:ad:2a:8e:2f:2e:25:
06:09:7d:31:40:af:f0:5f:67:e5:93:0a:51:10:d0:6c:73:ce:
9a:d1:17:fe:27:70:88:2c:f1:d2:97:68:49:c6:2f:93:2f:d7:
7e:cd:a2:6d:50:d5:06:92:16:63:7f:5c:e7:31:77:8a:eb:e2:
f7:10:79:ef:4e:21:81:eb:45:8b:a4:1d:ec:6f:15:11:f2:cc:
9b:50:22:0f:d8:e7:07:86:ef:be:91:6a:9c:66:a4:2d:41:a8:
97:52:64:5f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZRkwfX/0cyGwsc+PbFE3UTQIS2owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlZGY3NTU2NDkzNTQ4OTcwZDZkOTAwOTI2YTkzYTkzMTZmMmQ0MTEwNmQ4
YzBhN2U5NTRlNTFhMjE2MTg3ZDAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKf02VBYyCV27Mwusz8hF6f8pD1o4d0I9Baif6oAazw06TUJC3CfmV6KpE4x
zmpOh57PAoxLUZuyL1qxqaJnT/uqiSgYl1gNH5usYvIhH1Hl9TPlzilLoxkxvC7r
yvGMoIV0IL0NMKt6UTNKpC1Ze6oxA+ojbsPtnYYG8eP+dVt+aQJZGYiog31wsIG/
0zVpa+9XC6VINKXqJxyTgqA/wmh52ClZELoVCAh6i05Ur6QZkWI/Qk48h/heJKhx
WZNcKqVOWuOOF5CZ+/+v3qtASfxP29//6Rc4T0oWNPbnZvQN9MYQQD4lFXmwZKMv
p/iR1ol+/Mya5iIG3ae7HtZYyg8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT19eqn
FpktVr0PQopqZPkC/AMvxjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTVlZGUyODgtMjBkYS00NmE5LWI1MzItYzI0Y2ZkNDU1YTA1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOAMA0G
CSqGSIb3DQEBCwUAA4IBAQBJ3M+aVEVVvU8A/QNvBwQUeE5PvUbaAhDtZmMNl6He
ysNQe8G4RGhjx1SJBd1WVvMDINQXw/nifueSkZKhIpBvI8tZF1dPhhH2oavO7UgI
ZMICUla0trFrpPlXP74XwPb9RhFbC77Apsgj6SrgsY3TFnYzjJQZJfEzZ553Toiv
sTrr/1bn68dPnCSAuoql/SseK+7Z1XIVVS8TkxKtKo4vLiUGCX0xQK/wX2flkwpR
ENBsc86a0Rf+J3CILPHSl2hJxi+TL9d+zaJtUNUGkhZjf1znMXeK6+L3EHnvTiGB
60WLpB3sbxUR8sybUCIP2OcHhu++kWqcZqQtQaiXUmRf
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:13 2024 by rpki-client on console-ams.rpki-client.org