Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/935d325c-d62b-4e93-873c-47222d71e32c.roa
File: 935d325c-d62b-4e93-873c-47222d71e32c.roa (raw, json)
Hash identifier: +DkbvgU5VKTvYFwqeStSXYITaz5nyBDkUjtCmNHPitI=
Subject key identifier: CD:05:75:7A:E9:5B:BF:E2:F4:DC:AB:4B:F7:BC:66:CB:4B:6E:F6:48
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6BFADD7AA7AEE795DDC4B4F00948345319B249BC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/935d325c-d62b-4e93-873c-47222d71e32c.roa
Signing time: Tue 11 Jun 2024 00:00:00 +0000
ROA not before: Tue 11 Jun 2024 00:00:00 +0000
ROA not after: Tue 16 Jul 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.96.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:fa:dd:7a:a7:ae:e7:95:dd:c4:b4:f0:09:48:34:53:19:b2:49:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 11 00:00:00 2024 GMT
Not After : Jul 16 23:59:59 2024 GMT
Subject: serialNumber=15fd140911aff42a5725c070659b93cef607d28f28f031e2bc083777edd5bb11, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:77:9e:b3:61:02:2d:59:cf:29:81:2b:54:a7:
68:12:93:28:07:e3:c0:c6:86:9e:e1:7c:1f:3a:73:
09:49:d7:85:10:f9:da:56:2d:ca:db:e1:48:1b:f0:
dd:66:0d:1a:ac:80:a5:bc:6a:0c:44:fd:b4:74:2f:
b6:cc:f9:73:10:6b:25:ad:79:8a:3a:2b:3f:e7:6d:
35:69:72:59:ed:38:f0:ec:8d:03:5d:8a:d8:6e:fe:
66:83:f5:95:ab:2f:1e:fd:05:f1:c8:7b:50:ab:6a:
51:10:0e:fc:16:c2:af:03:7a:60:84:fe:67:ed:f0:
88:71:ce:df:b0:e9:e4:75:64:bd:7e:b7:ab:70:fb:
36:da:49:52:26:16:f6:88:c3:f1:2b:14:7a:16:ae:
a3:30:9d:6c:1e:26:1b:d6:cf:98:01:32:7a:d2:e3:
d6:65:c9:76:4c:10:d8:06:e2:a5:ca:24:f9:b4:4b:
fc:5f:4a:46:e1:1e:75:56:2a:17:ac:55:15:68:98:
d8:fe:cc:1c:a5:17:8e:ec:14:86:a1:e7:d7:ef:eb:
56:cb:dc:07:a1:7f:69:15:29:2a:b1:cf:d5:36:25:
59:d6:8b:bf:31:a9:01:ab:e0:4d:85:39:45:89:b5:
8b:b2:6b:c9:b9:c8:07:7a:dc:10:f5:a1:08:a9:fc:
18:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:05:75:7A:E9:5B:BF:E2:F4:DC:AB:4B:F7:BC:66:CB:4B:6E:F6:48
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/935d325c-d62b-4e93-873c-47222d71e32c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.96.0.0/14
Signature Algorithm: sha256WithRSAEncryption
05:4f:08:e2:de:15:a6:e4:d8:c0:86:8c:88:bb:b7:25:62:b2:
e0:6e:74:13:6f:a7:eb:b3:56:33:24:17:49:93:e2:08:44:0a:
f2:a0:43:bd:0e:95:d3:f9:05:29:ec:e2:b3:e3:53:7f:fd:43:
33:b6:1d:b3:36:1c:1e:79:72:2d:7a:ef:38:9b:74:ce:6a:97:
a3:bf:ac:00:6c:5f:4b:f2:eb:1e:43:40:3f:80:27:76:64:68:
c2:06:5b:dd:fd:b5:23:13:60:ae:56:98:87:51:11:14:78:94:
5d:aa:0a:cd:41:63:33:9f:04:41:24:49:51:8e:f9:64:8c:21:
01:4d:98:3c:34:88:a7:43:10:46:9b:46:0a:d9:b3:e6:b8:5e:
7d:c8:5f:6b:5b:a2:e8:32:1e:f7:8b:c8:ce:f3:25:79:9f:7b:
f0:0f:52:d4:dc:e8:c0:a9:6b:93:85:f3:26:63:3d:64:b9:7c:
cf:77:54:6c:6c:60:a5:02:0e:40:5d:c3:f0:b5:3d:c9:eb:58:
60:a1:94:5b:98:af:ab:b9:b9:92:9f:51:b9:36:6c:51:b2:8b:
2a:18:fd:86:37:c8:28:8a:92:5f:be:8d:3f:f1:53:f4:9a:2c:
57:8d:eb:f1:6d:0e:d4:65:3e:57:82:57:21:2d:25:3e:d7:03:
cd:b9:c7:ef
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUa/rdeqeu55XdxLTwCUg0UxmySbwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTEwMDAwMDBaFw0yNDA3MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1ZmQxNDA5MTFhZmY0MmE1NzI1YzA3MDY1OWI5M2NlZjYwN2QyOGYyOGYw
MzFlMmJjMDgzNzc3ZWRkNWJiMTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALR3nrNhAi1ZzymBK1SnaBKTKAfjwMaGnuF8HzpzCUnXhRD52lYtytvhSBvw
3WYNGqyApbxqDET9tHQvtsz5cxBrJa15ijorP+dtNWlyWe048OyNA12K2G7+ZoP1
lasvHv0F8ch7UKtqURAO/BbCrwN6YIT+Z+3wiHHO37Dp5HVkvX63q3D7NtpJUiYW
9ojD8SsUehauozCdbB4mG9bPmAEyetLj1mXJdkwQ2Abipcok+bRL/F9KRuEedVYq
F6xVFWiY2P7MHKUXjuwUhqHn1+/rVsvcB6F/aRUpKrHP1TYlWdaLvzGpAavgTYU5
RYm1i7JrybnIB3rcEPWhCKn8GAcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTNBXV6
6Vu/4vTcq0v3vGbLS272SDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTM1ZDMyNWMtZDYyYi00ZTkzLTg3M2MtNDcyMjJkNzFlMzJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNgMA0G
CSqGSIb3DQEBCwUAA4IBAQAFTwji3hWm5NjAhoyIu7clYrLgbnQTb6frs1YzJBdJ
k+IIRAryoEO9DpXT+QUp7OKz41N//UMzth2zNhweeXIteu84m3TOapejv6wAbF9L
8useQ0A/gCd2ZGjCBlvd/bUjE2CuVpiHUREUeJRdqgrNQWMznwRBJElRjvlkjCEB
TZg8NIinQxBGm0YK2bPmuF59yF9rW6LoMh73i8jO8yV5n3vwD1LU3OjAqWuThfMm
Yz1kuXzPd1RsbGClAg5AXcPwtT3J61hgoZRbmK+rubmSn1G5NmxRsosqGP2GN8go
ipJfvo0/8VP0mixXjevxbQ7UZT5XglchLSU+1wPNucfv
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org