Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5bd93f6c-9c20-4393-a8f8-1424eaa1dcbe.roa
File: 5bd93f6c-9c20-4393-a8f8-1424eaa1dcbe.roa (raw, json)
Hash identifier: +8C64Ong7cOQo6mV2DPYh4591t/PBIXF5TdWPycSHpI=
Subject key identifier: 70:57:E7:70:11:07:27:10:1C:46:E4:89:95:75:69:7B:CA:73:73:49
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1BD8FFBD3B706C59C6D6BEDD8E6F950D2589202F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5bd93f6c-9c20-4393-a8f8-1424eaa1dcbe.roa
Signing time: Fri 24 May 2024 00:00:00 +0000
ROA not before: Fri 24 May 2024 00:00:00 +0000
ROA not after: Fri 28 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.20.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:d8:ff:bd:3b:70:6c:59:c6:d6:be:dd:8e:6f:95:0d:25:89:20:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 24 00:00:00 2024 GMT
Not After : Jun 28 23:59:59 2024 GMT
Subject: serialNumber=82d7962cd65eb02a19ec78b43336261e06e65379a5ab5606251618101d881683, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:d5:d7:32:a6:d7:7a:f7:06:3e:de:c9:aa:8e:
56:43:6f:73:dd:16:26:79:95:18:35:1f:b0:6b:90:
10:e0:d7:86:e6:62:aa:6f:73:1f:67:92:69:fa:62:
4f:45:23:65:da:0a:d6:ca:01:69:ed:c4:66:c4:4b:
00:87:d0:85:7e:01:10:21:00:4b:d0:fb:65:58:63:
0d:0a:78:77:bc:a1:24:4e:e5:93:0e:2e:8a:f2:82:
0d:9f:04:d5:03:b2:2f:48:98:f1:d2:89:91:d4:a8:
48:91:ba:17:a2:ab:e9:fb:ef:c7:24:89:41:e9:56:
9d:17:3c:d4:c8:0a:9a:6d:f3:cc:2f:bc:99:47:10:
47:d0:65:e9:72:3d:44:eb:69:5e:9a:c3:a5:9e:5d:
7d:21:fb:9b:41:c8:fe:e4:92:f3:69:d5:a2:0c:1b:
08:f8:49:dc:9c:f4:eb:6d:0d:0e:44:a6:11:f0:cd:
a3:23:51:18:94:a9:0d:4c:45:73:7b:c9:28:a6:c6:
6a:02:ff:a0:73:b9:03:55:ad:c1:57:3d:c7:7a:ca:
83:5d:b4:26:7b:88:ff:0c:c7:f9:61:e7:50:d3:ee:
e6:45:40:ce:73:0e:ec:40:f0:cd:b2:56:cd:4c:43:
20:76:5e:ad:80:ff:f3:cd:74:8e:2b:23:c5:63:f6:
2b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:57:E7:70:11:07:27:10:1C:46:E4:89:95:75:69:7B:CA:73:73:49
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5bd93f6c-9c20-4393-a8f8-1424eaa1dcbe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.20.0.0/16
Signature Algorithm: sha256WithRSAEncryption
69:2a:2a:4d:6d:14:71:c8:ac:51:bf:cb:32:96:9e:fb:9b:65:
6a:a6:11:b3:cb:78:03:98:41:93:89:08:f4:5a:c4:a6:94:79:
0b:7a:24:9e:7c:17:33:89:20:3d:ee:45:57:b9:3a:9b:71:84:
9e:a9:61:12:4f:01:0d:13:4b:49:1f:30:e7:c7:dc:bb:27:d1:
32:5c:67:ee:88:b2:8d:36:0d:ea:90:8c:29:4b:fa:46:22:aa:
aa:d4:d3:54:a1:10:07:2d:3e:cd:b9:8d:5e:d1:4e:4c:95:b7:
51:d0:97:bf:03:07:55:17:b8:06:6b:7e:f8:51:f7:c8:ff:a1:
22:ef:3c:ad:51:e3:4e:13:ef:f4:7c:c3:98:b5:4e:73:72:88:
94:49:68:1d:79:f2:68:29:3e:3a:b4:3f:56:b9:7f:1d:0d:de:
e7:10:93:57:f2:c2:5c:96:02:7e:0e:5b:19:ec:dc:8b:2f:6a:
12:ad:4a:54:de:b3:07:43:3d:3c:52:d7:7a:24:7b:4b:fc:65:
e2:55:f1:51:b8:75:7e:92:42:ac:2c:72:79:6f:59:1c:6b:32:
3a:26:40:bb:99:28:fd:69:7a:fa:4c:ff:02:f0:0a:51:1c:72:
26:c3:ee:2a:b9:49:87:09:34:67:03:02:cb:04:ec:a1:68:fd:
c9:80:01:25
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUG9j/vTtwbFnG1r7djm+VDSWJIC8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjQwMDAwMDBaFw0yNDA2MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDgyZDc5NjJjZDY1ZWIwMmExOWVjNzhiNDMzMzYyNjFlMDZlNjUzNzlhNWFi
NTYwNjI1MTYxODEwMWQ4ODE2ODMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANnV1zKm13r3Bj7eyaqOVkNvc90WJnmVGDUfsGuQEODXhuZiqm9zH2eSafpi
T0UjZdoK1soBae3EZsRLAIfQhX4BECEAS9D7ZVhjDQp4d7yhJE7lkw4uivKCDZ8E
1QOyL0iY8dKJkdSoSJG6F6Kr6fvvxySJQelWnRc81MgKmm3zzC+8mUcQR9Bl6XI9
ROtpXprDpZ5dfSH7m0HI/uSS82nVogwbCPhJ3Jz0620NDkSmEfDNoyNRGJSpDUxF
c3vJKKbGagL/oHO5A1WtwVc9x3rKg120JnuI/wzH+WHnUNPu5kVAznMO7EDwzbJW
zUxDIHZerYD/8810jisjxWP2K8MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRwV+dw
EQcnEBxG5ImVdWl7ynNzSTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWJkOTNmNmMtOWMyMC00MzkzLWE4ZjgtMTQyNGVhYTFkY2JlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMUMA0G
CSqGSIb3DQEBCwUAA4IBAQBpKipNbRRxyKxRv8sylp77m2VqphGzy3gDmEGTiQj0
WsSmlHkLeiSefBcziSA97kVXuTqbcYSeqWESTwENE0tJHzDnx9y7J9EyXGfuiLKN
Ng3qkIwpS/pGIqqq1NNUoRAHLT7NuY1e0U5MlbdR0Je/AwdVF7gGa374UffI/6Ei
7zytUeNOE+/0fMOYtU5zcoiUSWgdefJoKT46tD9WuX8dDd7nEJNX8sJclgJ+DlsZ
7NyLL2oSrUpU3rMHQz08Utd6JHtL/GXiVfFRuHV+kkKsLHJ5b1kcazI6JkC7mSj9
aXr6TP8C8ApRHHImw+4quUmHCTRnAwLLBOyhaP3JgAEl
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org