Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/942fda94-0f9b-4fc2-96fb-33fe58d39a68.roa
File: 942fda94-0f9b-4fc2-96fb-33fe58d39a68.roa (raw, json)
Hash identifier: AAVNvKg8k+aBiYCkXZlh8x2PwgRR1p62GTzuRxN4mHA=
Subject key identifier: A4:DA:AD:03:8A:AA:16:B3:7C:2F:E7:9D:F9:94:66:12:C3:31:C1:89
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5796F99600757C543761C0BDDD57AECF3CA89735
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/942fda94-0f9b-4fc2-96fb-33fe58d39a68.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.112.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:96:f9:96:00:75:7c:54:37:61:c0:bd:dd:57:ae:cf:3c:a8:97:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=1b54a0bc6da13543263cba57833b607a6ce26d1862cad3f3bbf3e5f6f3c7c986, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:24:41:38:dc:9b:41:27:6f:ab:8e:97:c6:8b:
2c:03:19:d5:de:df:53:e9:34:8c:be:d4:7c:e8:df:
99:1b:3e:0e:c5:c0:1f:f8:21:63:0d:bc:5f:84:77:
06:6a:91:41:d7:15:60:a8:b4:e4:1c:db:08:cf:6a:
04:7e:71:15:b3:83:d5:9d:98:3a:c3:57:1d:80:84:
57:75:ae:6b:88:7f:4e:97:30:02:81:e0:63:93:b0:
f9:02:84:e6:c1:2f:e3:02:7e:35:3c:ba:61:8e:a6:
12:69:6e:5d:8a:d4:48:1d:20:e2:f2:43:3a:b1:6d:
35:d6:62:98:4a:73:b7:c7:06:18:ff:6c:d3:cd:41:
9a:1b:28:36:02:ae:ab:a6:7e:20:4a:a4:1f:77:63:
17:5c:50:83:9f:b5:16:4c:cd:1a:06:ad:1d:40:44:
29:4c:81:78:20:7f:de:b9:88:e3:9a:62:d1:b9:bc:
6e:31:a2:d8:40:22:ae:e1:e6:2a:e8:99:23:cb:a3:
b1:01:90:ca:c3:1d:0b:78:66:bc:1b:19:29:eb:fa:
b9:14:e8:24:50:52:57:a7:a5:ef:f6:05:f6:d8:74:
21:e2:55:40:ef:6f:f0:56:77:4d:e8:58:e2:16:6b:
0c:c7:a3:0d:95:5c:89:62:cc:be:76:91:f3:c3:08:
fd:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:DA:AD:03:8A:AA:16:B3:7C:2F:E7:9D:F9:94:66:12:C3:31:C1:89
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/942fda94-0f9b-4fc2-96fb-33fe58d39a68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.112.0.0/15
Signature Algorithm: sha256WithRSAEncryption
46:d7:a1:7c:16:b5:e4:5f:ec:b9:28:9d:8f:ce:af:47:5e:c8:
46:46:81:16:40:22:14:a1:15:22:49:d9:58:e3:f2:f4:43:34:
00:bc:69:16:19:80:ec:31:65:56:39:db:35:fb:11:57:48:a4:
f8:ff:81:ac:27:b7:e8:42:63:e2:61:e8:39:ea:e1:69:5b:b8:
0b:74:8f:a1:79:5d:a0:e6:42:4c:2f:c9:80:18:49:17:8d:1f:
57:f3:1a:03:86:48:dc:f8:58:ad:82:2f:97:a7:fc:dd:5a:72:
13:fe:f3:33:2a:09:f3:a4:68:c8:4a:07:8d:47:f1:94:37:ed:
f7:8c:01:41:4d:c3:b3:ff:f1:6b:fb:be:91:09:ca:ce:c4:d8:
79:4d:64:f8:79:6f:a8:f2:95:2d:98:5d:4c:9f:33:a7:b8:e2:
dc:c7:82:fd:9e:c9:58:d0:6a:c1:3f:dc:a4:21:44:88:f8:e2:
bf:54:7b:7b:33:2a:1b:44:a7:f5:ae:90:74:50:b9:d4:ab:e6:
1c:91:b3:b4:71:e4:3d:c5:0a:8b:6d:29:3c:c5:9f:da:3a:fc:
6d:39:bf:63:c8:f0:57:cb:07:13:3d:7d:3a:13:36:1d:38:10:
7e:c2:b9:cc:c9:a1:3e:3e:95:ea:99:6a:16:40:98:96:77:37:
23:c8:4e:cc
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUV5b5lgB1fFQ3YcC93VeuzzyolzUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDFiNTRhMGJjNmRhMTM1NDMyNjNjYmE1NzgzM2I2MDdhNmNlMjZkMTg2MmNh
ZDNmM2JiZjNlNWY2ZjNjN2M5ODYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKwkQTjcm0Enb6uOl8aLLAMZ1d7fU+k0jL7UfOjfmRs+DsXAH/ghYw28X4R3
BmqRQdcVYKi05BzbCM9qBH5xFbOD1Z2YOsNXHYCEV3Wua4h/TpcwAoHgY5Ow+QKE
5sEv4wJ+NTy6YY6mEmluXYrUSB0g4vJDOrFtNdZimEpzt8cGGP9s081BmhsoNgKu
q6Z+IEqkH3djF1xQg5+1FkzNGgatHUBEKUyBeCB/3rmI45pi0bm8bjGi2EAiruHm
KuiZI8ujsQGQysMdC3hmvBsZKev6uRToJFBSV6el7/YF9th0IeJVQO9v8FZ3TehY
4hZrDMejDZVciWLMvnaR88MI/bUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSk2q0D
iqoWs3wv5535lGYSwzHBiTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTQyZmRhOTQtMGY5Yi00ZmMyLTk2ZmItMzNmZTU4ZDM5YTY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNwMA0G
CSqGSIb3DQEBCwUAA4IBAQBG16F8FrXkX+y5KJ2Pzq9HXshGRoEWQCIUoRUiSdlY
4/L0QzQAvGkWGYDsMWVWOds1+xFXSKT4/4GsJ7foQmPiYeg56uFpW7gLdI+heV2g
5kJML8mAGEkXjR9X8xoDhkjc+Fitgi+Xp/zdWnIT/vMzKgnzpGjISgeNR/GUN+33
jAFBTcOz//Fr+76RCcrOxNh5TWT4eW+o8pUtmF1MnzOnuOLcx4L9nslY0GrBP9yk
IUSI+OK/VHt7MyobRKf1rpB0ULnUq+YckbO0ceQ9xQqLbSk8xZ/aOvxtOb9jyPBX
ywcTPX06EzYdOBB+wrnMyaE+PpXqmWoWQJiWdzcjyE7M
-----END CERTIFICATE-----
Generated at Sat May 4 22:06:50 2024 by rpki-client on console-ams.rpki-client.org