Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/70f878ce-a193-47ae-b517-318c2b88892f.roa
File: 70f878ce-a193-47ae-b517-318c2b88892f.roa (raw, json)
Hash identifier: 49GzQ9ltWMdlcqOZ0mm34Kl3g9v+wLK/VMIU1m0K0W8=
Subject key identifier: F9:46:E6:5D:30:E7:7E:A8:A4:0C:C6:41:1C:B2:FD:1F:C7:F4:42:5A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4D61AA4D229D67CE784BC0ACA06950CD1E22635D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/70f878ce-a193-47ae-b517-318c2b88892f.roa
Signing time: Tue 04 Jun 2024 00:00:00 +0000
ROA not before: Tue 04 Jun 2024 00:00:00 +0000
ROA not after: Tue 09 Jul 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:61:aa:4d:22:9d:67:ce:78:4b:c0:ac:a0:69:50:cd:1e:22:63:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 4 00:00:00 2024 GMT
Not After : Jul 9 23:59:59 2024 GMT
Subject: serialNumber=8b00b240b291d35235577bd3bc71e7b2e399d8b5760ef44faebad2bf5dc283fb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c4:3d:da:12:e1:4c:f8:f0:19:00:78:fb:9d:
96:a7:44:b7:4a:28:00:a7:c2:35:6c:a2:1d:ec:6c:
a6:9c:8e:04:bb:39:42:88:6c:bb:11:1c:5b:91:40:
6d:0b:fc:69:44:c7:d0:88:53:a0:fb:ea:40:6c:78:
29:8d:b8:2d:a7:b9:16:ac:08:ae:8b:ce:56:5e:72:
69:9e:10:28:2e:a1:c9:41:9a:7c:f5:e8:74:3c:a1:
0b:63:7d:b9:7e:dc:a5:87:ae:05:cd:dd:d1:e8:b8:
44:30:6a:40:09:13:bc:ec:49:21:c0:7a:9e:29:ed:
34:e9:92:ae:95:d1:9c:19:98:c7:17:30:f0:fa:df:
e3:62:cf:e7:7d:d5:ef:e0:f1:9a:5f:fd:61:c3:15:
b2:57:95:9b:c9:fc:43:51:3c:a8:fd:d9:0c:6b:0f:
33:b5:93:36:95:fc:c7:00:a9:b6:21:2f:fb:14:43:
4c:68:15:fd:0c:b2:41:15:e5:8b:0d:48:b5:b4:a9:
be:8b:bb:ea:e9:15:6e:33:2f:5a:ed:9d:23:25:96:
4a:f0:7b:ef:93:82:26:5f:29:f5:13:7e:82:0d:85:
57:c0:d6:53:08:46:30:ac:13:70:69:8a:38:ac:cc:
51:d1:53:3e:74:55:43:e8:49:19:1c:34:3f:5a:d4:
01:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:46:E6:5D:30:E7:7E:A8:A4:0C:C6:41:1C:B2:FD:1F:C7:F4:42:5A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/70f878ce-a193-47ae-b517-318c2b88892f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.96.0/21
Signature Algorithm: sha256WithRSAEncryption
7b:e6:a9:d6:40:30:02:b4:e7:ba:5f:9d:5d:6f:20:7d:ca:ee:
4f:83:29:e3:1f:3e:85:b7:ae:a1:d7:70:f4:19:ea:3c:99:81:
3e:9a:63:99:aa:77:7c:f5:bc:99:eb:00:40:4d:89:ec:cb:69:
40:94:5b:26:e8:6a:53:e2:f5:03:6a:c5:63:f7:ea:e1:ea:9d:
9a:9f:d0:f4:88:74:a3:c4:0a:28:b4:8b:91:e7:1e:6d:2f:08:
2c:c0:dd:aa:e8:3c:aa:e1:05:44:9c:f4:9a:3b:f6:88:ba:01:
27:a4:3c:64:b1:80:31:7f:dd:55:67:32:4e:ea:42:7a:ee:da:
24:da:2e:c8:be:f5:40:bc:a6:33:bc:88:2a:39:f4:ce:3f:84:
b7:c4:89:d0:a5:0b:26:5a:d3:d0:ae:b7:30:67:98:2b:02:48:
0b:80:a5:5e:f3:54:2c:db:7d:09:75:78:a9:b1:a5:f9:7e:5b:
3d:0a:f7:cc:66:f6:9f:ba:c8:e6:da:a0:a3:f5:03:ab:eb:e2:
f9:c3:11:55:e1:0e:dc:16:bd:15:07:61:3d:2f:19:9d:6e:6b:
75:46:47:46:05:0a:85:b3:8a:4f:41:e0:42:9c:a3:bd:cb:cb:
58:d0:86:9a:7d:7a:ab:a5:c6:ad:01:d1:28:11:fa:85:82:61:
68:cc:fe:ea
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUTWGqTSKdZ854S8CsoGlQzR4iY10wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MDQwMDAwMDBaFw0yNDA3MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDhiMDBiMjQwYjI5MWQzNTIzNTU3N2JkM2JjNzFlN2IyZTM5OWQ4YjU3NjBl
ZjQ0ZmFlYmFkMmJmNWRjMjgzZmIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKnEPdoS4Uz48BkAePudlqdEt0ooAKfCNWyiHexsppyOBLs5QohsuxEcW5FA
bQv8aUTH0IhToPvqQGx4KY24Lae5FqwIrovOVl5yaZ4QKC6hyUGafPXodDyhC2N9
uX7cpYeuBc3d0ei4RDBqQAkTvOxJIcB6nintNOmSrpXRnBmYxxcw8Prf42LP533V
7+Dxml/9YcMVsleVm8n8Q1E8qP3ZDGsPM7WTNpX8xwCptiEv+xRDTGgV/QyyQRXl
iw1ItbSpvou76ukVbjMvWu2dIyWWSvB775OCJl8p9RN+gg2FV8DWUwhGMKwTcGmK
OKzMUdFTPnRVQ+hJGRw0P1rUAecCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT5RuZd
MOd+qKQMxkEcsv0fx/RCWjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzBmODc4Y2UtYTE5My00N2FlLWI1MTctMzE4YzJiODg4OTJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAYDAN
BgkqhkiG9w0BAQsFAAOCAQEAe+ap1kAwArTnul+dXW8gfcruT4Mp4x8+hbeuoddw
9BnqPJmBPppjmap3fPW8mesAQE2J7MtpQJRbJuhqU+L1A2rFY/fq4eqdmp/Q9Ih0
o8QKKLSLkecebS8ILMDdqug8quEFRJz0mjv2iLoBJ6Q8ZLGAMX/dVWcyTupCeu7a
JNouyL71QLymM7yIKjn0zj+Et8SJ0KULJlrT0K63MGeYKwJIC4ClXvNULNt9CXV4
qbGl+X5bPQr3zGb2n7rI5tqgo/UDq+vi+cMRVeEO3Ba9FQdhPS8ZnW5rdUZHRgUK
hbOKT0HgQpyjvcvLWNCGmn16q6XGrQHRKBH6hYJhaMz+6g==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org