Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9b135dbe-8c68-40c8-9510-c1daab9595af.roa
File: 9b135dbe-8c68-40c8-9510-c1daab9595af.roa (raw, json)
Hash identifier: Fp4Lh6xTR3QIH0AlEL07SnrzJ4pfiBsiANifS3akr5Y=
Subject key identifier: 97:05:E0:AA:B1:4F:06:F5:EE:21:70:FC:55:48:7E:11:0A:A5:C4:88
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 47B39EFC6C482F945ABA39BE79D0C628FA0985CD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9b135dbe-8c68-40c8-9510-c1daab9595af.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.110.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:b3:9e:fc:6c:48:2f:94:5a:ba:39:be:79:d0:c6:28:fa:09:85:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=514ae0335f3919ac0ae32ba602c682386e5f043a6078adf1de66cf2ada8ba1cb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:6d:3d:41:56:21:f8:d7:3a:42:07:36:3f:77:
2f:be:6e:4d:42:3a:a1:d7:ed:35:69:71:91:d6:74:
35:f2:92:67:f8:d3:f2:d6:ec:18:24:08:8d:3e:04:
27:6a:ae:4f:a1:7f:c9:03:89:6b:87:27:eb:4e:ba:
76:53:7c:16:f6:ca:ac:c2:37:3c:94:98:cf:7a:6a:
8d:b4:34:4d:b3:8d:0f:e6:e7:63:d8:4e:58:94:13:
1a:79:89:db:99:01:cf:35:7a:a9:19:26:22:e1:39:
2d:6c:66:f0:bb:48:e5:de:7d:59:f3:a0:b8:36:58:
ad:d2:f7:d0:e8:18:02:7a:76:21:3e:68:0e:19:45:
3b:a5:63:9f:18:8a:4b:6d:2a:35:97:50:dd:e7:b8:
b7:c3:7a:18:cb:54:46:2b:11:14:5f:4f:78:6f:a6:
4c:d5:bc:86:a5:ff:28:6c:ff:81:a0:28:af:3d:7e:
cb:12:ac:3b:3f:d9:75:d4:15:77:21:2a:de:0a:f2:
67:ae:cd:c3:53:54:3c:e8:07:dc:85:8e:ef:2f:b6:
f9:fc:99:c3:68:c5:46:29:28:cc:c2:5f:89:13:dd:
09:44:94:b2:02:27:1d:29:bc:f5:93:e9:b2:d2:49:
f5:bb:1d:85:1c:93:5f:a0:cd:98:ec:82:05:73:f1:
ce:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:05:E0:AA:B1:4F:06:F5:EE:21:70:FC:55:48:7E:11:0A:A5:C4:88
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9b135dbe-8c68-40c8-9510-c1daab9595af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.110.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1d:60:8d:cf:28:61:e3:bf:b0:2f:29:a4:f0:73:d0:5a:dc:42:
48:a6:b2:08:23:f2:ca:df:0a:6d:f1:0b:0e:b5:aa:d7:09:9a:
90:43:fe:f4:3a:e8:66:ea:8d:d0:37:ea:cd:70:55:bd:75:8a:
fd:e6:ab:62:5e:c3:d2:76:61:10:f1:bb:44:1e:30:2d:2a:94:
b5:a6:f8:e7:0a:e1:71:d6:e4:4b:5e:93:b1:83:13:c7:bb:34:
05:70:3d:9b:96:97:f3:bd:06:f7:10:49:9f:da:85:5a:86:69:
5c:be:12:85:2d:75:26:d7:88:78:50:34:b4:1c:23:09:0a:eb:
e7:e6:e2:dc:13:ec:4f:28:e1:f6:ac:06:67:68:1c:5b:71:da:
07:18:81:18:5f:25:23:1c:aa:8b:10:3c:b3:05:83:c5:e6:e8:
10:04:12:c4:0d:e0:f8:9b:18:bf:73:52:10:5d:b2:6b:11:1f:
ec:73:31:8e:21:1d:8f:f8:56:c9:4d:f9:9a:00:f5:88:ea:cc:
c8:22:80:e3:8b:e1:bb:bc:42:3c:ee:37:f4:3a:d3:49:d4:71:
c2:01:4e:70:54:b9:78:6c:0d:83:3a:00:2c:3b:06:91:85:ce:
fd:71:59:74:81:9e:59:2a:79:d4:29:db:4d:9f:1a:4e:49:6c:
46:4b:6d:4b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUR7Oe/GxIL5Raujm+edDGKPoJhc0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDUxNGFlMDMzNWYzOTE5YWMwYWUzMmJhNjAyYzY4MjM4NmU1ZjA0M2E2MDc4
YWRmMWRlNjZjZjJhZGE4YmExY2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKVtPUFWIfjXOkIHNj93L75uTUI6odftNWlxkdZ0NfKSZ/jT8tbsGCQIjT4E
J2quT6F/yQOJa4cn6066dlN8FvbKrMI3PJSYz3pqjbQ0TbOND+bnY9hOWJQTGnmJ
25kBzzV6qRkmIuE5LWxm8LtI5d59WfOguDZYrdL30OgYAnp2IT5oDhlFO6VjnxiK
S20qNZdQ3ee4t8N6GMtURisRFF9PeG+mTNW8hqX/KGz/gaAorz1+yxKsOz/ZddQV
dyEq3gryZ67Nw1NUPOgH3IWO7y+2+fyZw2jFRikozMJfiRPdCUSUsgInHSm89ZPp
stJJ9bsdhRyTX6DNmOyCBXPxzocCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSXBeCq
sU8G9e4hcPxVSH4RCqXEiDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWIxMzVkYmUtOGM2OC00MGM4LTk1MTAtYzFkYWFiOTU5NWFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNuMA0G
CSqGSIb3DQEBCwUAA4IBAQAdYI3PKGHjv7AvKaTwc9Ba3EJIprIII/LK3wpt8QsO
tarXCZqQQ/70Ouhm6o3QN+rNcFW9dYr95qtiXsPSdmEQ8btEHjAtKpS1pvjnCuFx
1uRLXpOxgxPHuzQFcD2blpfzvQb3EEmf2oVahmlcvhKFLXUm14h4UDS0HCMJCuvn
5uLcE+xPKOH2rAZnaBxbcdoHGIEYXyUjHKqLEDyzBYPF5ugQBBLEDeD4mxi/c1IQ
XbJrER/sczGOIR2P+FbJTfmaAPWI6szIIoDji+G7vEI87jf0OtNJ1HHCAU5wVLl4
bA2DOgAsOwaRhc79cVl0gZ5ZKnnUKdtNnxpOSWxGS21L
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org