Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa
File: 9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa (raw, json)
Hash identifier: B4co5rN5EZlXDWZKgmpWglp/KqPJ0ZcscTYcll12hs8=
Subject key identifier: CD:94:24:B9:6F:57:7C:D6:F4:E0:95:2B:5B:19:6E:35:57:C6:95:93
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 444C32882C0758B3A0983D8E590C86AB1AE567FE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.139.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:4c:32:88:2c:07:58:b3:a0:98:3d:8e:59:0c:86:ab:1a:e5:67:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=7340ac681a1faf932622a8e0c24fd5eaea9072d2934296d61ca6081f2de26499, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7c:f8:d4:ab:51:0f:ac:44:a6:7e:a7:47:86:
0d:91:32:1b:18:39:91:fd:9e:d5:b7:6a:98:98:8f:
c4:45:8a:5d:07:a8:46:c1:a8:37:6f:be:bf:d2:54:
09:80:63:db:9f:b2:6c:da:90:49:c6:26:d8:93:af:
f3:ad:d0:df:60:35:1b:e4:40:df:62:d3:17:25:a8:
ce:df:5b:76:3b:f5:8d:da:4f:74:d0:fd:56:12:fa:
59:f9:38:a9:a6:0a:f0:b6:d4:dc:ff:9f:20:a1:65:
58:62:92:97:79:bd:ca:d2:92:5d:5e:71:08:29:b5:
ca:15:23:30:b0:e6:ae:7d:7f:67:ba:c8:38:cb:b4:
4d:7d:01:5d:c8:95:af:12:10:b7:0f:17:8a:62:fb:
2f:12:f3:1d:38:f1:12:aa:89:83:05:92:fa:e0:51:
50:0f:30:70:da:60:ab:e5:d9:61:f9:82:04:ea:f1:
55:f3:4a:ea:1e:c6:c2:31:55:20:bc:0b:95:09:6e:
3a:45:23:a5:b4:3b:8c:4a:db:6a:43:b3:9a:96:1e:
b5:1c:f6:09:b3:5d:31:62:ba:b0:08:85:b1:55:2a:
b2:02:a7:2a:4b:a5:e0:ed:33:29:66:7d:f8:5c:cd:
71:f7:01:09:1e:44:29:57:0c:1b:7b:6e:41:89:c5:
9c:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:94:24:B9:6F:57:7C:D6:F4:E0:95:2B:5B:19:6E:35:57:C6:95:93
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.139.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8e:4c:3b:ed:5c:80:ba:4e:ae:9d:bd:81:7f:b3:fd:e2:b2:c8:
7c:35:e0:82:3e:85:47:3a:28:b3:80:ad:a6:66:04:bf:91:92:
04:7d:65:34:25:88:7d:c0:ef:ba:45:b6:1a:ba:99:48:52:94:
bf:b2:49:b1:22:54:72:85:e4:e8:d3:d1:1f:fa:23:b1:cf:cb:
bd:cd:a1:89:a0:43:e2:91:94:30:30:4c:b4:0c:d8:04:2a:ae:
cb:55:0b:72:af:70:ef:57:d0:a3:04:c1:c7:07:82:76:61:57:
67:b1:f4:5d:59:ec:fb:ee:6c:97:bb:1b:1a:3c:10:b2:91:d5:
f0:07:29:a9:ad:d9:ce:ea:f6:a4:6c:13:73:a9:87:e9:c3:55:
1f:7f:03:ee:09:94:cb:17:ea:41:2e:69:83:1f:4e:0c:b5:c7:
c3:27:b3:4f:7d:6e:d1:d9:5a:b6:fe:27:fe:1b:3c:c0:7c:86:
20:e7:5d:df:8c:c5:8b:7b:8d:e8:63:31:05:bd:fc:cc:fd:41:
fb:e1:75:9b:28:4f:d5:03:47:cb:f6:03:9f:a7:be:09:72:76:
e7:16:9e:36:54:6e:ee:3c:d5:d5:bd:ac:86:6d:a8:df:de:7b:
ac:2b:87:1f:33:22:3a:b8:47:a7:64:5b:fd:14:8c:6b:40:4d:
54:ca:3b:fc
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUREwyiCwHWLOgmD2OWQyGqxrlZ/4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDczNDBhYzY4MWExZmFmOTMyNjIyYThlMGMyNGZkNWVhZWE5MDcyZDI5MzQy
OTZkNjFjYTYwODFmMmRlMjY0OTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALh8+NSrUQ+sRKZ+p0eGDZEyGxg5kf2e1bdqmJiPxEWKXQeoRsGoN2++v9JU
CYBj25+ybNqQScYm2JOv863Q32A1G+RA32LTFyWozt9bdjv1jdpPdND9VhL6Wfk4
qaYK8LbU3P+fIKFlWGKSl3m9ytKSXV5xCCm1yhUjMLDmrn1/Z7rIOMu0TX0BXciV
rxIQtw8XimL7LxLzHTjxEqqJgwWS+uBRUA8wcNpgq+XZYfmCBOrxVfNK6h7GwjFV
ILwLlQluOkUjpbQ7jErbakOzmpYetRz2CbNdMWK6sAiFsVUqsgKnKkul4O0zKWZ9
+FzNcfcBCR5EKVcMG3tuQYnFnH0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTNlCS5
b1d81vTglStbGW41V8aVkzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWEzZWFlNWMtMDI3ZS00YzM4LWFiOGUtMzMwYjNlNWJhZDk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOLMA0G
CSqGSIb3DQEBCwUAA4IBAQCOTDvtXIC6Tq6dvYF/s/3issh8NeCCPoVHOiizgK2m
ZgS/kZIEfWU0JYh9wO+6RbYauplIUpS/skmxIlRyheTo09Ef+iOxz8u9zaGJoEPi
kZQwMEy0DNgEKq7LVQtyr3DvV9CjBMHHB4J2YVdnsfRdWez77myXuxsaPBCykdXw
BymprdnO6vakbBNzqYfpw1UffwPuCZTLF+pBLmmDH04MtcfDJ7NPfW7R2Vq2/if+
GzzAfIYg513fjMWLe43oYzEFvfzM/UH74XWbKE/VA0fL9gOfp74JcnbnFp42VG7u
PNXVvayGbajf3nusK4cfMyI6uEenZFv9FIxrQE1Uyjv8
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org