Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa
File: 709c8cf6-9d5d-47d6-8b70-40eff8390658.roa (raw, json)
Hash identifier: y8Va+vaRIIydXomkmnUI1n2OeU/LvvanZvsAmyZJ3uQ=
Subject key identifier: F7:8D:A7:3E:A7:9E:0C:86:3A:96:89:2C:98:4A:4A:A7:D7:01:30:5B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 615D07FE6D10B000B35857E70247208FDB18F829
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.220.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:5d:07:fe:6d:10:b0:00:b3:58:57:e7:02:47:20:8f:db:18:f8:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=a39febf21176cf59dc794fc44c459dce989c4deb13ea1fcdf35429d0672ca150, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:fd:60:5d:e8:24:07:fc:ad:2c:d0:c6:61:e9:
7f:21:87:65:14:0b:b5:39:0e:b7:c0:e7:9d:1f:c4:
3e:92:d2:eb:f9:44:fa:cb:6c:63:94:95:04:0b:1e:
33:0b:18:0e:45:dc:8e:1e:a9:07:69:3e:be:b8:ed:
d2:5d:8c:54:dd:1e:a5:b9:53:cf:78:c1:ff:5f:88:
d6:15:d8:2a:99:5f:37:e6:a4:6b:62:3d:fc:1c:3b:
0e:93:a6:59:d4:23:ac:38:70:1e:06:3d:04:b1:39:
f0:e9:67:92:bd:58:b5:b9:e4:79:cb:91:6c:63:91:
0c:4c:ed:d3:8d:f3:91:3c:bb:ed:08:2e:70:bc:8c:
40:64:4a:14:2f:76:62:a0:0e:3d:3f:a6:d1:f0:35:
2e:76:64:52:97:44:1b:41:4f:5a:9e:88:7c:1f:a9:
be:86:98:bd:ad:41:88:29:a2:09:e5:ad:c0:21:82:
1a:e6:28:96:4b:21:32:bb:f8:e8:32:23:e4:1f:54:
c7:9b:a9:01:19:62:2c:75:18:d2:64:e4:1c:ea:1a:
63:6c:16:aa:30:33:32:1b:24:a7:13:b7:b2:2d:da:
79:09:10:78:76:98:5b:1a:36:d1:6b:93:5c:fd:2f:
e9:13:a8:6f:5d:82:4f:53:a9:09:08:c2:7e:46:1d:
bd:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:8D:A7:3E:A7:9E:0C:86:3A:96:89:2C:98:4A:4A:A7:D7:01:30:5B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.220.0.0/15
Signature Algorithm: sha256WithRSAEncryption
95:6e:34:47:3e:9e:d7:2c:c9:93:7a:99:8f:87:79:fd:48:91:
d6:63:91:81:f4:54:c4:eb:f8:95:d5:31:e9:ea:73:8e:ce:f2:
93:c1:2b:21:3e:31:37:fb:44:5c:2d:c5:ea:9c:92:93:14:ef:
0d:9b:c6:be:a4:c1:52:8c:15:42:51:f9:42:08:a5:e4:ba:9f:
78:01:ec:22:3c:37:2c:67:91:64:e6:e1:e9:a1:35:b2:39:35:
f7:0e:1b:69:5b:d6:b8:a4:f5:b2:0a:04:91:82:0a:19:c6:b7:
69:58:bc:90:fd:16:87:2b:42:5b:07:c2:73:b2:af:9b:f6:ea:
67:2c:87:ce:fc:10:29:48:5b:23:1d:c3:c8:a2:ac:29:fa:06:
66:b5:84:0d:6e:25:e5:94:53:a5:46:50:f3:36:03:be:50:69:
dc:e0:ad:36:cf:2b:36:7c:b4:ea:73:f1:86:a5:ac:ea:75:ae:
e8:cf:a4:52:3f:46:dc:6b:c4:70:a1:5a:44:66:60:0a:44:2f:
1d:fe:fe:a5:3a:61:e3:35:bb:d0:f6:85:1e:82:d3:54:1b:31:
33:1f:3a:85:a3:ef:5d:5b:5b:93:83:a8:89:d8:2d:95:6d:1d:
41:a9:f9:0c:83:9a:9c:aa:88:64:91:3b:b5:9f:c0:07:af:46:
80:e8:40:f3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYV0H/m0QsACzWFfnAkcgj9sY+CkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzOWZlYmYyMTE3NmNmNTlkYzc5NGZjNDRjNDU5ZGNlOTg5YzRkZWIxM2Vh
MWZjZGYzNTQyOWQwNjcyY2ExNTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANb9YF3oJAf8rSzQxmHpfyGHZRQLtTkOt8DnnR/EPpLS6/lE+stsY5SVBAse
MwsYDkXcjh6pB2k+vrjt0l2MVN0epblTz3jB/1+I1hXYKplfN+aka2I9/Bw7DpOm
WdQjrDhwHgY9BLE58Olnkr1YtbnkecuRbGORDEzt043zkTy77QgucLyMQGRKFC92
YqAOPT+m0fA1LnZkUpdEG0FPWp6IfB+pvoaYva1BiCmiCeWtwCGCGuYolkshMrv4
6DIj5B9Ux5upARliLHUY0mTkHOoaY2wWqjAzMhskpxO3si3aeQkQeHaYWxo20WuT
XP0v6ROob12CT1OpCQjCfkYdvT8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT3jac+
p54MhjqWiSyYSkqn1wEwWzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzA5YzhjZjYtOWQ1ZC00N2Q2LThiNzAtNDBlZmY4MzkwNjU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPcMA0G
CSqGSIb3DQEBCwUAA4IBAQCVbjRHPp7XLMmTepmPh3n9SJHWY5GB9FTE6/iV1THp
6nOOzvKTwSshPjE3+0RcLcXqnJKTFO8Nm8a+pMFSjBVCUflCCKXkup94AewiPDcs
Z5Fk5uHpoTWyOTX3DhtpW9a4pPWyCgSRggoZxrdpWLyQ/RaHK0JbB8Jzsq+b9upn
LIfO/BApSFsjHcPIoqwp+gZmtYQNbiXllFOlRlDzNgO+UGnc4K02zys2fLTqc/GG
pazqda7oz6RSP0bca8RwoVpEZmAKRC8d/v6lOmHjNbvQ9oUegtNUGzEzHzqFo+9d
W1uTg6iJ2C2VbR1BqfkMg5qcqohkkTu1n8AHr0aA6EDz
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org