Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78a98b8d-81ac-4e41-a012-084be89be1cb.roa
File: 78a98b8d-81ac-4e41-a012-084be89be1cb.roa (raw, json)
Hash identifier: TG9JXeu61DD5CTKe45U1Dp3s3XGhX/U3/H5JIfMkOQc=
Subject key identifier: 7B:CF:43:7D:D9:90:0A:31:BE:5E:D1:1D:A2:C5:EB:3E:22:7A:18:6A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0A8211712183AC68060281B2D5F50AE3189C93BA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78a98b8d-81ac-4e41-a012-084be89be1cb.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.112.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:82:11:71:21:83:ac:68:06:02:81:b2:d5:f5:0a:e3:18:9c:93:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=5845e76e535625548738775999afb38902343b4ec6acc3e05f3cbaca7a9e7b0c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:1a:96:8a:f3:70:80:3b:45:68:f1:48:4b:5a:
b9:5c:72:f1:2e:92:65:63:4f:8f:f7:97:d6:bc:b0:
c5:56:91:ed:6f:b6:d1:ab:ea:3f:c8:1e:1c:48:7e:
18:bd:f0:ce:e0:0c:07:d7:22:68:ac:c9:69:8f:4e:
29:dc:97:82:7a:9f:09:b5:7e:70:b8:33:45:3d:29:
eb:a4:a0:e4:bb:e1:7b:be:03:0d:eb:b8:be:0a:4f:
91:3e:d9:fd:54:f5:6a:ae:71:3f:14:24:85:51:ec:
eb:00:ef:b4:68:ba:42:32:eb:5e:9f:22:dd:61:82:
1f:4d:65:1e:d7:44:d1:d0:45:0d:8a:f9:86:b2:9f:
d0:4e:23:2a:68:e2:c1:92:20:30:46:d8:48:55:d0:
ee:9d:ed:18:5f:30:fe:bc:2f:33:7e:03:88:67:e5:
ae:0d:d6:cd:26:cc:1c:c3:6b:e9:2f:c0:6a:4e:67:
cb:10:b4:7e:eb:60:b2:52:e8:6c:06:69:f4:9b:f1:
60:88:b0:69:ca:bb:6c:c1:0d:c9:2b:49:2a:41:b6:
30:ce:66:3c:31:36:ea:82:bd:ac:fc:50:14:9a:8f:
2f:fd:34:f1:43:0d:5c:2f:89:43:69:54:67:13:24:
cd:ac:27:0a:f6:19:88:22:6b:1d:5c:29:d6:89:86:
99:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:CF:43:7D:D9:90:0A:31:BE:5E:D1:1D:A2:C5:EB:3E:22:7A:18:6A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78a98b8d-81ac-4e41-a012-084be89be1cb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.112.0.0/15
Signature Algorithm: sha256WithRSAEncryption
8d:8c:f6:9c:db:f3:9f:f4:5e:8b:ef:df:83:6d:9b:b3:52:ba:
71:6b:bd:dc:90:82:56:33:48:fa:d8:13:b4:10:ec:2e:78:00:
52:a8:40:67:9e:37:29:39:a6:38:b8:85:7e:1c:13:10:f8:ea:
f8:cd:cb:71:64:eb:70:6f:d5:bf:84:f1:72:b1:26:04:b3:8f:
5a:8e:a6:28:60:77:5f:28:5b:a7:c9:81:5d:80:eb:e1:23:b2:
78:aa:c2:0b:94:10:49:25:28:86:06:c7:0b:93:ab:5d:53:8b:
69:9d:45:85:42:15:34:0c:44:a0:bd:cc:7f:71:ba:61:db:70:
e1:60:b7:ce:c7:f1:39:b2:6c:32:e8:ce:83:aa:5b:58:6f:d3:
98:9b:91:04:ff:54:ff:07:8e:a8:43:50:7d:9c:e4:5b:7b:af:
7d:4f:7a:83:6a:df:1f:3e:59:5e:50:73:e0:ea:53:f0:b0:61:
6f:fd:97:25:a4:41:fb:91:45:61:a0:0c:62:2c:82:12:6f:c0:
9c:ab:39:4a:9b:94:e4:db:7b:30:75:74:e4:e0:a5:b5:3e:21:
7d:2b:23:6e:5a:93:62:4d:d6:b9:13:22:2e:86:25:6a:81:11:
89:31:cb:b9:92:69:4e:f9:11:62:50:1c:4e:01:b4:b9:8e:31:
d4:ee:26:a5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCoIRcSGDrGgGAoGy1fUK4xick7owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4NDVlNzZlNTM1NjI1NTQ4NzM4Nzc1OTk5YWZiMzg5MDIzNDNiNGVjNmFj
YzNlMDVmM2NiYWNhN2E5ZTdiMGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKwalorzcIA7RWjxSEtauVxy8S6SZWNPj/eX1rywxVaR7W+20avqP8geHEh+
GL3wzuAMB9ciaKzJaY9OKdyXgnqfCbV+cLgzRT0p66Sg5Lvhe74DDeu4vgpPkT7Z
/VT1aq5xPxQkhVHs6wDvtGi6QjLrXp8i3WGCH01lHtdE0dBFDYr5hrKf0E4jKmji
wZIgMEbYSFXQ7p3tGF8w/rwvM34DiGflrg3WzSbMHMNr6S/Aak5nyxC0futgslLo
bAZp9JvxYIiwacq7bMENyStJKkG2MM5mPDE26oK9rPxQFJqPL/008UMNXC+JQ2lU
ZxMkzawnCvYZiCJrHVwp1omGmSsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR7z0N9
2ZAKMb5e0R2ixes+InoYajAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzhhOThiOGQtODFhYy00ZTQxLWEwMTItMDg0YmU4OWJlMWNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNwMA0G
CSqGSIb3DQEBCwUAA4IBAQCNjPac2/Of9F6L79+DbZuzUrpxa73ckIJWM0j62BO0
EOwueABSqEBnnjcpOaY4uIV+HBMQ+Or4zctxZOtwb9W/hPFysSYEs49ajqYoYHdf
KFunyYFdgOvhI7J4qsILlBBJJSiGBscLk6tdU4tpnUWFQhU0DESgvcx/cbph23Dh
YLfOx/E5smwy6M6DqltYb9OYm5EE/1T/B46oQ1B9nORbe699T3qDat8fPlleUHPg
6lPwsGFv/ZclpEH7kUVhoAxiLIISb8CcqzlKm5Tk23swdXTk4KW1PiF9KyNuWpNi
Tda5EyIuhiVqgRGJMcu5kmlO+RFiUBxOAbS5jjHU7ial
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org