Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/92aa3163-803c-4865-acea-681184356c4d.roa
File: 92aa3163-803c-4865-acea-681184356c4d.roa (raw, json)
Hash identifier: sYZuXE8gR0pfEqGuqod/+h3+K7wtvGvTMFl99ee1//s=
Subject key identifier: 45:38:AA:B2:13:09:15:E1:8F:51:C4:6A:67:B4:28:B4:4B:01:C0:9C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 47BACE902D458A7A53594366F65746364D6FAB4F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/92aa3163-803c-4865-acea-681184356c4d.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.226.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:ba:ce:90:2d:45:8a:7a:53:59:43:66:f6:57:46:36:4d:6f:ab:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=2603cd104a11ce3343ed25078b75be79b444b03e611f2f4aa35e11bcafc8e622, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3d:03:d9:fb:2a:a8:97:45:5d:e9:f8:de:37:
ae:35:7e:cb:6f:9b:f6:bc:b7:db:89:47:af:84:67:
5d:09:1f:e6:67:f4:d5:95:d4:ee:1d:39:b3:ff:1b:
48:4a:f8:6c:37:32:9f:56:2c:35:7a:74:9c:60:75:
d2:ee:bf:be:d9:5c:a5:3e:23:65:86:f5:e4:9d:c8:
58:4c:8f:46:80:41:1e:7b:80:0e:17:18:2f:d0:50:
ef:7d:eb:c3:91:6b:81:1f:7f:17:90:9c:87:3a:cb:
42:01:23:a7:09:02:cf:be:8c:79:32:9f:34:30:f3:
97:89:cd:6e:b8:a3:b1:ab:eb:c5:8c:16:dd:8a:17:
4f:12:4d:2d:0f:8f:5c:d1:c2:c3:21:f8:c0:33:83:
db:d8:f3:dc:30:ae:6e:72:13:49:68:32:b8:25:c8:
a0:9e:1b:a7:86:1b:fb:cb:f4:b0:37:38:11:6c:c2:
ff:69:47:54:15:c5:6c:57:3a:e8:e3:f6:20:49:0b:
6e:05:51:59:d4:94:74:97:2f:42:e0:c2:86:f1:48:
8b:36:25:9a:d8:5b:46:9d:d8:75:29:c5:eb:1d:4c:
cf:c5:a1:9a:ce:18:a6:96:1b:49:91:5d:d4:13:9f:
56:41:97:12:59:40:b2:8e:05:b2:ef:83:f3:b8:ea:
7d:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:38:AA:B2:13:09:15:E1:8F:51:C4:6A:67:B4:28:B4:4B:01:C0:9C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/92aa3163-803c-4865-acea-681184356c4d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.226.0.0/15
Signature Algorithm: sha256WithRSAEncryption
22:cd:7c:36:1b:b0:79:0d:f6:7a:5b:71:c0:f5:d0:0f:bb:3a:
05:66:76:70:9f:97:73:ac:e4:3e:8d:e2:bd:08:f5:b3:2a:8b:
b1:d6:7e:6f:f8:10:9f:d1:2b:b0:54:1a:b4:74:91:6a:f4:94:
b9:e9:e7:6d:87:6b:a8:22:98:b3:a9:54:85:74:25:f2:f5:bf:
f5:42:70:b5:68:c7:6c:24:31:d5:c0:d2:0a:6b:3a:09:ab:5b:
12:00:d0:c1:4d:73:c2:c5:fd:b2:9f:dd:8f:f6:0c:77:5f:cd:
2c:a0:e1:76:b2:6c:a0:e5:f7:f6:ee:f6:3f:47:cd:92:b0:13:
ea:0b:ca:77:8f:a1:25:cf:53:07:e2:0e:6f:9b:ac:6a:3c:e6:
37:75:49:f1:02:52:28:fb:84:f6:a1:22:6c:5a:c8:eb:b1:d7:
6d:d8:02:dd:0e:a6:81:36:92:07:16:95:68:aa:86:cf:1d:34:
6a:51:7c:39:ab:0e:92:2a:5d:c4:be:7a:de:a4:8d:3a:d3:c4:
ed:bc:82:f7:ae:2c:d1:43:be:a3:12:c9:44:cf:ad:bb:70:b4:
cc:15:2f:34:76:bf:97:4c:b9:b9:76:d0:c5:e1:ca:4a:8f:d4:
2b:29:84:a4:c5:aa:cb:e8:e7:91:a6:a4:9c:bd:5e:3a:ee:46:
c8:d1:e9:37
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUR7rOkC1FinpTWUNm9ldGNk1vq08wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDI2MDNjZDEwNGExMWNlMzM0M2VkMjUwNzhiNzViZTc5YjQ0NGIwM2U2MTFm
MmY0YWEzNWUxMWJjYWZjOGU2MjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALc9A9n7KqiXRV3p+N43rjV+y2+b9ry324lHr4RnXQkf5mf01ZXU7h05s/8b
SEr4bDcyn1YsNXp0nGB10u6/vtlcpT4jZYb15J3IWEyPRoBBHnuADhcYL9BQ733r
w5FrgR9/F5CchzrLQgEjpwkCz76MeTKfNDDzl4nNbrijsavrxYwW3YoXTxJNLQ+P
XNHCwyH4wDOD29jz3DCubnITSWgyuCXIoJ4bp4Yb+8v0sDc4EWzC/2lHVBXFbFc6
6OP2IEkLbgVRWdSUdJcvQuDChvFIizYlmthbRp3YdSnF6x1Mz8Whms4YppYbSZFd
1BOfVkGXEllAso4Fsu+D87jqfUcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRFOKqy
EwkV4Y9RxGpntCi0SwHAnDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTJhYTMxNjMtODAzYy00ODY1LWFjZWEtNjgxMTg0MzU2YzRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPiMA0G
CSqGSIb3DQEBCwUAA4IBAQAizXw2G7B5DfZ6W3HA9dAPuzoFZnZwn5dzrOQ+jeK9
CPWzKoux1n5v+BCf0SuwVBq0dJFq9JS56edth2uoIpizqVSFdCXy9b/1QnC1aMds
JDHVwNIKazoJq1sSANDBTXPCxf2yn92P9gx3X80soOF2smyg5ff27vY/R82SsBPq
C8p3j6Elz1MH4g5vm6xqPOY3dUnxAlIo+4T2oSJsWsjrsddt2ALdDqaBNpIHFpVo
qobPHTRqUXw5qw6SKl3EvnrepI0608TtvIL3rizRQ76jEslEz627cLTMFS80dr+X
TLm5dtDF4cpKj9QrKYSkxarL6OeRpqScvV467kbI0ek3
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org