Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8a2d5f28-0fcb-419c-a873-3933dd3409d0.roa
File: 8a2d5f28-0fcb-419c-a873-3933dd3409d0.roa (raw, json)
Hash identifier: az9+aFP9B2v18QseqRlqLTjTxaMNT/cZkZRC5l/mn68=
Subject key identifier: AC:08:A0:2F:E8:16:32:B2:94:63:9D:41:67:0C:E2:8B:B5:4B:5D:E9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 788E9F87C8F121C247D0523F612DBAD091119FD8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8a2d5f28-0fcb-419c-a873-3933dd3409d0.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.100.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:8e:9f:87:c8:f1:21:c2:47:d0:52:3f:61:2d:ba:d0:91:11:9f:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=f61c3fc763c59d372ff58a9e8f19f39bb35a78bc861f97284263a31fc54b9b78, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:18:7d:d3:c5:a6:85:3d:b4:d0:b6:11:ca:8e:
c7:41:e3:41:c7:3b:52:fd:4b:2f:b3:88:b4:77:fb:
4f:b2:76:03:a4:8c:6f:74:00:28:20:4a:4c:21:8a:
2d:f2:93:97:e6:87:bc:09:1f:23:52:e5:fc:47:4c:
83:39:65:13:06:0a:e4:c8:d6:9e:eb:20:f5:18:1f:
25:d0:bf:3d:93:b9:42:e5:55:e2:e4:4b:75:ba:3b:
cd:e1:d5:80:54:5a:3e:7a:ff:04:b1:de:ff:f6:d2:
89:ba:0e:1f:76:bc:fd:18:cb:38:e8:87:68:37:e7:
55:71:a4:29:59:29:21:a9:60:fc:48:fb:70:c1:05:
03:cd:be:93:d9:8a:8c:e0:7a:93:c3:50:e5:96:29:
a4:32:9e:41:c9:b0:b3:e4:b2:20:a7:5a:10:36:48:
67:5a:31:77:36:39:85:2a:fe:ae:ec:18:96:da:b8:
e3:7f:d8:d7:c4:73:6d:9b:01:79:14:f3:a6:fc:79:
09:69:db:c5:a7:f1:57:59:23:88:e7:54:3f:50:31:
59:f4:ee:0f:dc:85:3a:31:51:80:51:84:bf:60:89:
94:d9:94:d6:06:32:4e:e2:b1:15:a8:22:cd:50:31:
8a:a7:4f:aa:fc:10:9e:9d:24:9b:fa:12:ab:04:05:
38:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:08:A0:2F:E8:16:32:B2:94:63:9D:41:67:0C:E2:8B:B5:4B:5D:E9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8a2d5f28-0fcb-419c-a873-3933dd3409d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.100.0.0/15
Signature Algorithm: sha256WithRSAEncryption
18:d0:83:d0:bc:24:f0:4f:c5:65:97:1b:de:a7:27:76:ca:6a:
c8:b9:c6:eb:ca:be:b0:fd:12:d7:3d:7c:14:ac:7d:2b:10:5d:
9a:4d:14:61:d2:0f:44:e8:a7:c8:8a:ba:d5:dd:c4:fd:08:72:
6b:02:0a:ac:03:17:74:d6:d7:d3:12:c2:ad:ca:b2:6c:04:fc:
c3:67:4c:72:b6:43:d8:02:52:d7:da:33:8c:70:85:f5:70:aa:
64:5c:77:78:09:bf:17:53:0e:7c:f0:2e:a5:82:ca:2d:cf:3d:
b6:7e:5d:48:3a:aa:64:74:a0:bc:4c:e3:67:eb:84:34:5e:39:
0a:01:3f:ab:0d:c7:f5:05:46:aa:90:5c:d4:85:a3:6f:62:c7:
49:84:29:6d:0c:7d:97:60:44:f5:86:c5:cb:f1:df:5d:0e:23:
4f:da:5c:a2:d8:25:44:45:8b:e4:a0:81:9c:e5:1d:0c:13:5b:
e7:c2:6b:a7:20:f8:5d:e9:ef:32:7c:10:90:a8:df:e3:d3:4a:
0e:3b:aa:72:8b:c5:e3:11:ff:66:83:d8:ae:7e:95:39:ff:41:
5e:dd:98:70:b7:12:21:83:e3:e5:56:2e:8a:b3:c3:d7:94:c5:
3a:10:b0:61:a5:79:ed:79:e4:e3:86:36:62:2d:43:b3:34:69:
07:bc:6f:94
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeI6fh8jxIcJH0FI/YS260JERn9gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGY2MWMzZmM3NjNjNTlkMzcyZmY1OGE5ZThmMTlmMzliYjM1YTc4YmM4NjFm
OTcyODQyNjNhMzFmYzU0YjliNzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALAYfdPFpoU9tNC2EcqOx0HjQcc7Uv1LL7OItHf7T7J2A6SMb3QAKCBKTCGK
LfKTl+aHvAkfI1Ll/EdMgzllEwYK5MjWnusg9RgfJdC/PZO5QuVV4uRLdbo7zeHV
gFRaPnr/BLHe//bSiboOH3a8/RjLOOiHaDfnVXGkKVkpIalg/Ej7cMEFA82+k9mK
jOB6k8NQ5ZYppDKeQcmws+SyIKdaEDZIZ1oxdzY5hSr+ruwYltq443/Y18RzbZsB
eRTzpvx5CWnbxafxV1kjiOdUP1AxWfTuD9yFOjFRgFGEv2CJlNmU1gYyTuKxFagi
zVAxiqdPqvwQnp0km/oSqwQFOFUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSsCKAv
6BYyspRjnUFnDOKLtUtd6TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGEyZDVmMjgtMGZjYi00MTljLWE4NzMtMzkzM2RkMzQwOWQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNkMA0G
CSqGSIb3DQEBCwUAA4IBAQAY0IPQvCTwT8Vllxvepyd2ymrIucbryr6w/RLXPXwU
rH0rEF2aTRRh0g9E6KfIirrV3cT9CHJrAgqsAxd01tfTEsKtyrJsBPzDZ0xytkPY
AlLX2jOMcIX1cKpkXHd4Cb8XUw588C6lgsotzz22fl1IOqpkdKC8TONn64Q0XjkK
AT+rDcf1BUaqkFzUhaNvYsdJhCltDH2XYET1hsXL8d9dDiNP2lyi2CVERYvkoIGc
5R0ME1vnwmunIPhd6e8yfBCQqN/j00oOO6pyi8XjEf9mg9iufpU5/0Fe3ZhwtxIh
g+PlVi6Ks8PXlMU6ELBhpXnteeTjhjZiLUOzNGkHvG+U
-----END CERTIFICATE-----
Generated at Sat May 4 22:06:50 2024 by rpki-client on console-ams.rpki-client.org