Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80cad565-cf8b-4dae-8fb9-5e370577b884.roa
File: 80cad565-cf8b-4dae-8fb9-5e370577b884.roa (raw, json)
Hash identifier: oEWWwxuePxHMK0b0kdkJEWkYm3sTDOWT6pUasJkoP+Y=
Subject key identifier: 96:0B:BE:48:63:60:02:9A:15:56:63:BA:A0:73:25:CC:8A:F4:79:A2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4051CCBAF45F2F3469CAFAD00C5415078D381445
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80cad565-cf8b-4dae-8fb9-5e370577b884.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.127.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:51:cc:ba:f4:5f:2f:34:69:ca:fa:d0:0c:54:15:07:8d:38:14:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=cf63df2413eef10d059c06f343a23f31990e7ecfa5dec31ef21c7e180beac80f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ac:cc:43:db:bd:c1:20:e5:92:75:6b:fc:81:
8d:ed:f7:cd:51:bd:32:1a:6b:16:d4:7e:8c:c8:c6:
0f:1a:13:b6:4e:cd:93:b2:d5:3a:44:f4:3a:4d:1a:
cc:0c:5e:20:11:53:1a:ee:18:83:55:71:56:1c:0b:
f9:73:2d:c3:27:e8:71:95:f1:86:7a:34:4a:a9:a3:
21:3b:02:b5:f9:ae:45:12:b7:56:32:3e:1d:22:15:
8c:78:1e:36:4d:ec:47:3f:b5:81:ee:29:00:38:04:
c2:7f:fc:6d:96:58:69:fc:db:52:4c:d5:91:61:08:
6e:db:b2:2f:94:77:49:3c:1f:06:92:95:ab:33:ea:
a2:77:90:90:92:bc:83:bc:d0:4b:df:bb:82:9c:c4:
57:68:9e:56:34:8b:ec:65:fd:c0:f1:2b:66:c4:f8:
27:ce:af:a0:e9:f4:2e:f8:27:25:bd:9a:06:c8:6c:
6c:62:0c:72:b5:92:20:f5:f8:3a:82:4b:8f:d2:ad:
a7:56:99:14:7c:89:e6:60:ff:f2:25:3e:59:ef:a7:
d3:43:43:49:0d:92:74:ee:18:f7:09:cd:07:0b:48:
50:fd:df:55:de:d9:76:d4:a1:14:27:78:45:b3:ee:
36:cd:61:8e:2f:01:95:8c:d8:68:33:24:aa:59:77:
36:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:0B:BE:48:63:60:02:9A:15:56:63:BA:A0:73:25:CC:8A:F4:79:A2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80cad565-cf8b-4dae-8fb9-5e370577b884.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.127.0.0/16
Signature Algorithm: sha256WithRSAEncryption
75:d0:b0:6a:37:63:4b:a6:71:87:99:c8:f2:4e:67:eb:eb:56:
3f:ce:43:65:43:98:96:6a:b7:06:43:8e:35:cc:68:6e:1e:77:
a5:08:11:7f:ff:29:68:82:8e:35:5b:23:eb:3f:19:cb:74:63:
65:ed:5c:85:01:aa:e9:f2:90:c7:8b:a7:89:72:c0:9f:98:a1:
e2:b7:f2:6e:51:83:c7:c5:73:e3:38:50:39:15:bb:3c:74:a3:
75:4d:9e:5b:cd:24:b7:61:0e:4c:4d:aa:d9:d4:58:85:3e:fd:
a4:9c:e7:c8:8f:f6:3c:72:b6:c0:24:f7:73:df:50:ed:de:3d:
47:d7:ba:a9:00:91:00:1c:25:3c:57:66:24:17:8f:ba:a6:4e:
b0:19:0a:fe:19:1a:e1:41:0f:46:11:e5:d2:02:cc:51:fd:0d:
7f:8e:dd:42:76:c3:ad:7a:2d:48:30:a6:83:08:51:1d:8d:3c:
5c:ab:cd:0d:5c:99:ac:b3:08:15:da:4f:5a:ce:fe:4e:88:c2:
3d:27:97:96:8e:4c:ab:61:f9:05:ee:a9:e4:c4:6e:53:5f:6c:
b4:16:18:f0:18:32:fd:fa:5c:34:30:6a:4c:00:a5:40:f2:6c:
c0:d1:02:00:9a:8e:d6:97:10:d3:09:46:ce:43:6e:82:e2:cf:
63:28:1b:31
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQFHMuvRfLzRpyvrQDFQVB404FEUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmNjNkZjI0MTNlZWYxMGQwNTljMDZmMzQzYTIzZjMxOTkwZTdlY2ZhNWRl
YzMxZWYyMWM3ZTE4MGJlYWM4MGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI+szEPbvcEg5ZJ1a/yBje33zVG9MhprFtR+jMjGDxoTtk7Nk7LVOkT0Ok0a
zAxeIBFTGu4Yg1VxVhwL+XMtwyfocZXxhno0SqmjITsCtfmuRRK3VjI+HSIVjHge
Nk3sRz+1ge4pADgEwn/8bZZYafzbUkzVkWEIbtuyL5R3STwfBpKVqzPqoneQkJK8
g7zQS9+7gpzEV2ieVjSL7GX9wPErZsT4J86voOn0LvgnJb2aBshsbGIMcrWSIPX4
OoJLj9Ktp1aZFHyJ5mD/8iU+We+n00NDSQ2SdO4Y9wnNBwtIUP3fVd7ZdtShFCd4
RbPuNs1hji8BlYzYaDMkqll3Ng8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSWC75I
Y2ACmhVWY7qgcyXMivR5ojAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODBjYWQ1NjUtY2Y4Yi00ZGFlLThmYjktNWUzNzA1NzdiODg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN/MA0G
CSqGSIb3DQEBCwUAA4IBAQB10LBqN2NLpnGHmcjyTmfr61Y/zkNlQ5iWarcGQ441
zGhuHnelCBF//ylogo41WyPrPxnLdGNl7VyFAarp8pDHi6eJcsCfmKHit/JuUYPH
xXPjOFA5Fbs8dKN1TZ5bzSS3YQ5MTarZ1FiFPv2knOfIj/Y8crbAJPdz31Dt3j1H
17qpAJEAHCU8V2YkF4+6pk6wGQr+GRrhQQ9GEeXSAsxR/Q1/jt1CdsOtei1IMKaD
CFEdjTxcq80NXJmsswgV2k9azv5OiMI9J5eWjkyrYfkF7qnkxG5TX2y0FhjwGDL9
+lw0MGpMAKVA8mzA0QIAmo7WlxDTCUbOQ26C4s9jKBsx
-----END CERTIFICATE-----
Generated at Sat May 4 22:06:50 2024 by rpki-client on console-ams.rpki-client.org