Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7121a047-d001-4dca-a807-79f5c57d8a70.roa
File: 7121a047-d001-4dca-a807-79f5c57d8a70.roa (raw, json)
Hash identifier: 50akX/8gTVgHmomqy/5ca5KKZuMcVkOfxwIOBS2W0qc=
Subject key identifier: 16:0A:DE:6D:CE:C4:6F:0C:DD:25:97:25:3D:15:DE:15:D0:EB:61:1D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0D162E4CD3EA65EB9587C8CC987B5CCF7D2EB326
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7121a047-d001-4dca-a807-79f5c57d8a70.roa
Signing time: Mon 10 Jun 2024 00:00:00 +0000
ROA not before: Mon 10 Jun 2024 00:00:00 +0000
ROA not after: Mon 15 Jul 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.240.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:16:2e:4c:d3:ea:65:eb:95:87:c8:cc:98:7b:5c:cf:7d:2e:b3:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 10 00:00:00 2024 GMT
Not After : Jul 15 23:59:59 2024 GMT
Subject: serialNumber=e702cef6a8919a3a820b729d0bc4e0cfb36472673610df597e0ad914f779f4b5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:58:33:ec:06:38:34:83:95:81:81:1b:c7:fb:
cf:d7:5e:f3:cd:06:61:82:66:fc:c1:c2:78:d6:c1:
bf:3e:54:d9:8a:d1:4b:df:ba:ed:79:15:46:e7:c3:
a3:00:07:84:09:11:8b:e7:59:d4:23:df:7f:12:ac:
86:49:31:28:73:1a:f0:d6:00:d8:3b:8a:97:4c:21:
5e:b7:9c:c6:1f:d0:45:45:ee:59:cf:a6:69:75:14:
9d:e1:9d:63:ef:17:52:2f:f1:77:dc:80:d9:97:a7:
ca:b2:ef:55:bb:f7:7f:80:56:70:07:37:ad:56:4f:
a6:f7:7d:69:3b:91:ad:28:16:24:74:a2:82:cd:52:
ca:c9:bf:92:68:e6:04:9c:0c:a5:0e:a7:2d:f0:b7:
6f:ae:bc:d6:e6:f6:30:ac:d0:e9:8f:62:2d:5c:06:
8b:ae:59:11:2b:20:03:09:df:55:e6:58:76:26:d0:
4c:91:5b:70:ed:92:ac:fe:b4:89:9f:65:56:b6:82:
f9:3a:fa:d6:8b:3c:f9:b2:42:bc:cf:aa:7a:84:c3:
ce:45:82:b1:16:32:09:e8:d7:a8:54:1f:92:06:98:
eb:51:0c:10:2d:8e:fa:5e:cf:63:b0:90:4c:7e:91:
9e:a0:49:63:4c:7b:a4:cb:0b:e6:0d:db:76:4f:e8:
4f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:0A:DE:6D:CE:C4:6F:0C:DD:25:97:25:3D:15:DE:15:D0:EB:61:1D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7121a047-d001-4dca-a807-79f5c57d8a70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.240.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3e:55:20:27:ae:12:74:a0:5e:ac:4f:05:04:0f:46:ac:e2:86:
8c:6e:c9:35:15:f6:12:44:1b:f6:e5:87:9d:6b:4f:51:6a:3f:
37:26:33:18:88:a6:04:ab:7e:7f:e1:95:36:ec:4c:42:c5:2d:
54:20:83:3b:6b:4a:c4:4c:9e:61:b6:16:fe:c8:4c:3f:d2:c1:
2a:72:47:4a:3b:26:13:60:51:56:f8:67:a0:b7:87:6b:1e:d6:
e7:5b:c1:32:10:a1:00:58:0a:9d:72:55:4b:a0:0e:2c:4e:f9:
e1:fe:a8:11:90:0a:fb:55:1d:1a:91:ae:fc:9d:55:54:c7:6b:
42:4d:c0:4b:46:7d:c5:d3:98:c6:7a:6e:4c:12:d1:1e:8e:16:
df:24:2c:19:36:36:b6:8e:0f:0b:a4:1f:d5:4e:6d:17:16:c6:
e2:e2:4a:c6:18:af:b6:c2:0d:39:94:26:43:55:78:0c:f3:d7:
ab:64:6e:a6:ab:5f:72:10:32:33:4b:3b:53:2d:c0:fd:66:a6:
71:1b:78:ad:b7:08:28:dc:f0:b1:b2:ef:cc:4a:c0:8a:ac:67:
f5:23:6d:d3:26:b1:a9:3a:79:6b:a0:07:f7:5a:54:28:2e:a3:
4c:81:d7:b9:ba:64:0c:50:ff:6d:08:6f:8e:e8:11:3d:c7:cd:
c2:27:6d:50
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUDRYuTNPqZeuVh8jMmHtcz30usyYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTAwMDAwMDBaFw0yNDA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3MDJjZWY2YTg5MTlhM2E4MjBiNzI5ZDBiYzRlMGNmYjM2NDcyNjczNjEw
ZGY1OTdlMGFkOTE0Zjc3OWY0YjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMpYM+wGODSDlYGBG8f7z9de880GYYJm/MHCeNbBvz5U2YrRS9+67XkVRufD
owAHhAkRi+dZ1CPffxKshkkxKHMa8NYA2DuKl0whXrecxh/QRUXuWc+maXUUneGd
Y+8XUi/xd9yA2ZenyrLvVbv3f4BWcAc3rVZPpvd9aTuRrSgWJHSigs1Sysm/kmjm
BJwMpQ6nLfC3b6681ub2MKzQ6Y9iLVwGi65ZESsgAwnfVeZYdibQTJFbcO2SrP60
iZ9lVraC+Tr61os8+bJCvM+qeoTDzkWCsRYyCejXqFQfkgaY61EMEC2O+l7PY7CQ
TH6RnqBJY0x7pMsL5g3bdk/oTy0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQWCt5t
zsRvDN0llyU9Fd4V0OthHTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzEyMWEwNDctZDAwMS00ZGNhLWE4MDctNzlmNWM1N2Q4YTcwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADPwMA0G
CSqGSIb3DQEBCwUAA4IBAQA+VSAnrhJ0oF6sTwUED0as4oaMbsk1FfYSRBv25Yed
a09Raj83JjMYiKYEq35/4ZU27ExCxS1UIIM7a0rETJ5hthb+yEw/0sEqckdKOyYT
YFFW+Gegt4drHtbnW8EyEKEAWAqdclVLoA4sTvnh/qgRkAr7VR0aka78nVVUx2tC
TcBLRn3F05jGem5MEtEejhbfJCwZNja2jg8LpB/VTm0XFsbi4krGGK+2wg05lCZD
VXgM89erZG6mq19yEDIzSztTLcD9ZqZxG3ittwgo3PCxsu/MSsCKrGf1I23TJrGp
OnlroAf3WlQoLqNMgde5umQMUP9tCG+O6BE9x83CJ21Q
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org