Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e4eace2-a571-49f7-85f6-87ac18344a6e.roa
File: 8e4eace2-a571-49f7-85f6-87ac18344a6e.roa (raw, json)
Hash identifier: aUFHEfkrQ6npP4RttW2eZU6SGbXwPt5+eTee+PenL0I=
Subject key identifier: AC:63:5C:05:4F:7A:A6:93:2B:C5:25:41:B5:21:24:6F:C7:18:0B:88
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6A8777FEDF593C1F97CF4E652E2E751DE1185E3D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e4eace2-a571-49f7-85f6-87ac18344a6e.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.160.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:87:77:fe:df:59:3c:1f:97:cf:4e:65:2e:2e:75:1d:e1:18:5e:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=0716144461c2752b99424408e892d7b33d4a1ee8225e1a8c048d8864d7644a91, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:4c:68:6e:ec:46:ad:87:6c:cc:75:2e:1f:ed:
ab:90:c6:21:b0:39:b1:b5:61:54:24:2e:66:d8:6b:
ef:99:75:4a:99:cd:21:f3:36:d8:bf:9d:f9:77:6f:
37:a7:6f:73:f8:e1:93:9d:aa:e3:a8:98:51:ef:3d:
fc:00:5d:88:ec:1d:b1:1d:c9:b2:ad:01:cd:5f:7a:
5d:85:7e:21:06:71:c3:97:46:d9:f3:02:6c:5b:12:
ba:d8:fa:10:3e:91:8c:1c:e3:44:cc:7c:c9:4b:e9:
2c:b3:0f:52:78:d0:e3:b0:62:20:7b:1d:2e:9a:06:
59:f1:e5:0d:74:00:c3:27:1a:f3:25:2f:d7:58:c1:
35:66:33:16:bb:a4:98:c7:cb:33:a2:40:cc:87:55:
06:26:5d:93:ba:19:22:13:f8:fa:64:9c:81:50:5c:
01:03:38:64:a9:3c:15:3e:a6:d7:66:7b:13:0a:dc:
63:14:23:f8:d7:37:9d:82:e8:1d:25:8b:05:19:7f:
54:14:ee:36:a3:50:32:ff:69:9f:46:69:91:2a:d8:
00:a2:eb:6b:b3:8a:6f:42:ab:9c:b6:db:3c:50:0a:
11:ca:5a:85:aa:aa:b8:ab:86:d2:ee:e4:74:4d:44:
f6:2f:36:21:e5:d9:64:19:f6:c4:1b:37:7c:60:ad:
e3:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:63:5C:05:4F:7A:A6:93:2B:C5:25:41:B5:21:24:6F:C7:18:0B:88
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e4eace2-a571-49f7-85f6-87ac18344a6e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.160.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6a:0e:28:e1:f0:df:fb:14:4f:a9:30:37:ae:65:7e:eb:2c:c2:
b3:89:c5:ef:13:62:5b:20:27:84:c8:ae:52:f6:df:dc:5f:36:
96:18:14:a0:2d:d0:ce:c0:9f:df:a9:73:00:fc:ea:05:85:92:
fb:91:be:0b:d4:82:7a:1d:f4:01:dc:77:54:4b:7b:f1:ba:b9:
d2:4b:da:79:cb:ef:67:36:a6:41:bf:15:85:e0:6b:a1:34:6f:
0d:ee:2a:db:49:15:1d:6a:96:06:09:5a:06:5b:5b:02:51:19:
af:c3:30:a8:53:10:c4:37:2a:09:2f:1d:d4:4a:02:5b:14:24:
f8:b3:9a:64:48:e6:18:7f:56:d3:6f:0b:57:7f:b6:08:e2:e6:
2c:7c:51:79:bb:16:38:ff:04:2b:da:13:25:19:34:de:e1:e5:
76:2d:6d:61:e9:58:43:d8:c8:7e:4c:6a:47:12:4f:4e:87:4e:
b2:05:38:b3:00:30:c9:10:3d:e1:54:c6:0b:69:c9:75:95:25:
5e:1b:78:c8:f7:f1:40:5b:32:17:57:c7:80:93:50:f1:5b:27:
a5:42:7e:19:bc:b7:9b:da:d6:dc:e4:e9:54:c3:e2:1b:5e:a2:
de:3e:6f:ac:b9:e6:97:82:41:85:ca:6f:c9:d2:6a:33:b6:32:
e0:fd:b5:a8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUaod3/t9ZPB+Xz05lLi51HeEYXj0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDA3MTYxNDQ0NjFjMjc1MmI5OTQyNDQwOGU4OTJkN2IzM2Q0YTFlZTgyMjVl
MWE4YzA0OGQ4ODY0ZDc2NDRhOTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAItMaG7sRq2HbMx1Lh/tq5DGIbA5sbVhVCQuZthr75l1SpnNIfM22L+d+Xdv
N6dvc/jhk52q46iYUe89/ABdiOwdsR3Jsq0BzV96XYV+IQZxw5dG2fMCbFsSutj6
ED6RjBzjRMx8yUvpLLMPUnjQ47BiIHsdLpoGWfHlDXQAwyca8yUv11jBNWYzFruk
mMfLM6JAzIdVBiZdk7oZIhP4+mScgVBcAQM4ZKk8FT6m12Z7EwrcYxQj+Nc3nYLo
HSWLBRl/VBTuNqNQMv9pn0ZpkSrYAKLra7OKb0KrnLbbPFAKEcpahaqquKuG0u7k
dE1E9i82IeXZZBn2xBs3fGCt42kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSsY1wF
T3qmkyvFJUG1ISRvxxgLiDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGU0ZWFjZTItYTU3MS00OWY3LTg1ZjYtODdhYzE4MzQ0YTZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOgMA0G
CSqGSIb3DQEBCwUAA4IBAQBqDijh8N/7FE+pMDeuZX7rLMKzicXvE2JbICeEyK5S
9t/cXzaWGBSgLdDOwJ/fqXMA/OoFhZL7kb4L1IJ6HfQB3HdUS3vxurnSS9p5y+9n
NqZBvxWF4GuhNG8N7irbSRUdapYGCVoGW1sCURmvwzCoUxDENyoJLx3USgJbFCT4
s5pkSOYYf1bTbwtXf7YI4uYsfFF5uxY4/wQr2hMlGTTe4eV2LW1h6VhD2Mh+TGpH
Ek9Oh06yBTizADDJED3hVMYLacl1lSVeG3jI9/FAWzIXV8eAk1DxWyelQn4ZvLeb
2tbc5OlUw+IbXqLePm+sueaXgkGFym/J0moztjLg/bWo
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org