Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9bcb01bf-5e97-476b-b855-1bba036f903d.roa
File: 9bcb01bf-5e97-476b-b855-1bba036f903d.roa (raw, json)
Hash identifier: fK+ehgplCXcA6noHPVZjyPKS32AhAIXQ9Zegcl0/BJQ=
Subject key identifier: 6C:ED:83:29:FE:7C:2F:AD:E7:60:F6:A4:2C:30:AB:D4:6E:DD:01:9E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3B728442E6553719A0BD09ED15DC0B9C5CC52823
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9bcb01bf-5e97-476b-b855-1bba036f903d.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.50.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:72:84:42:e6:55:37:19:a0:bd:09:ed:15:dc:0b:9c:5c:c5:28:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=4811cf0b738672ca2b5e24afb0ed1a2df2a63b1b3b4702b4d58b6edf4c020c2f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:86:96:2a:e2:86:21:09:67:f0:e5:69:92:ff:
30:52:1d:db:0d:d2:c4:85:71:87:cd:e1:66:77:b7:
9e:85:fb:e3:f3:db:e9:18:13:0f:75:43:14:01:56:
47:9b:48:f3:6f:0d:8b:13:ba:d1:90:2f:10:7a:3b:
6b:06:3e:6e:51:82:a7:5f:b1:e8:fd:1d:bf:d7:bd:
a2:f4:d8:a7:3e:b0:28:34:30:97:b2:a3:52:5a:5d:
86:9e:66:4d:1a:9c:e3:3c:19:d3:6c:4c:7a:df:93:
f0:ab:f3:77:ca:86:30:73:c5:d5:16:aa:4c:1a:cf:
6f:52:86:dc:af:f1:87:19:49:36:0a:25:a7:d3:cf:
d8:11:b8:e1:96:bc:a4:fd:3f:9d:02:6a:06:23:26:
9b:6e:5b:85:61:c7:28:bc:0c:da:b2:05:5d:24:9b:
40:75:1d:cf:42:74:b3:4c:94:d4:4b:ad:dc:c7:61:
46:5a:ba:87:98:b8:00:a5:33:07:af:5c:19:04:19:
ca:a9:04:b8:c3:e9:ec:b6:15:3f:dd:70:72:e4:6f:
a4:68:ef:00:18:4c:ac:2c:1e:24:e8:ef:a8:25:58:
7c:58:a5:84:1e:ba:93:e6:e5:4b:61:0d:59:95:cc:
c6:10:ae:b9:68:12:4a:28:d3:b1:6a:e6:5c:1f:1a:
d3:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:ED:83:29:FE:7C:2F:AD:E7:60:F6:A4:2C:30:AB:D4:6E:DD:01:9E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9bcb01bf-5e97-476b-b855-1bba036f903d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.50.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9f:69:9f:43:d5:cf:93:98:32:92:1d:f9:a5:08:36:b6:86:5b:
8f:9e:ca:24:c6:e4:10:f8:44:cb:bc:77:fc:0d:33:f9:83:cc:
e9:4a:a3:f2:b4:e5:8a:6a:16:9e:04:90:13:88:d5:80:36:8f:
18:86:9b:15:e9:25:9f:60:d8:61:e8:3b:8a:d7:1a:76:a9:8b:
c0:ad:d0:3a:3a:e1:65:21:6b:60:8e:38:eb:29:56:fc:a2:fd:
0f:e5:92:41:14:78:b7:fb:42:61:cb:26:d5:22:08:02:6a:da:
9b:bd:c0:79:57:05:21:e8:20:1b:b0:4f:4d:a6:8a:9a:b6:fd:
51:61:94:06:43:6a:7b:0d:41:f8:a8:fb:b0:6f:e5:eb:c3:5b:
b3:da:e5:74:37:77:19:fa:26:7f:64:34:ec:f2:19:42:39:79:
5c:3b:8d:c7:8b:2b:93:5a:52:25:aa:d7:da:6f:e7:bd:98:49:
f2:a0:d1:01:85:22:52:e4:2c:97:72:81:f3:86:97:91:94:f2:
ed:03:4a:c2:94:8d:4a:e3:2a:2e:94:4f:d7:af:7b:e3:24:92:
d0:20:65:e2:f8:23:21:5f:fd:36:33:cc:0e:d6:4a:1d:c6:e7:
0a:14:6d:a5:fc:c9:58:e4:01:e5:0e:cf:4e:bf:1f:7a:29:64:
f2:6e:c9:ec
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUO3KEQuZVNxmgvQntFdwLnFzFKCMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ4MTFjZjBiNzM4NjcyY2EyYjVlMjRhZmIwZWQxYTJkZjJhNjNiMWIzYjQ3
MDJiNGQ1OGI2ZWRmNGMwMjBjMmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJSGlirihiEJZ/DlaZL/MFId2w3SxIVxh83hZne3noX74/Pb6RgTD3VDFAFW
R5tI828NixO60ZAvEHo7awY+blGCp1+x6P0dv9e9ovTYpz6wKDQwl7KjUlpdhp5m
TRqc4zwZ02xMet+T8Kvzd8qGMHPF1RaqTBrPb1KG3K/xhxlJNgolp9PP2BG44Za8
pP0/nQJqBiMmm25bhWHHKLwM2rIFXSSbQHUdz0J0s0yU1Eut3MdhRlq6h5i4AKUz
B69cGQQZyqkEuMPp7LYVP91wcuRvpGjvABhMrCweJOjvqCVYfFilhB66k+blS2EN
WZXMxhCuuWgSSijTsWrmXB8a01sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRs7YMp
/nwvredg9qQsMKvUbt0BnjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWJjYjAxYmYtNWU5Ny00NzZiLWI4NTUtMWJiYTAzNmY5MDNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMyMA0G
CSqGSIb3DQEBCwUAA4IBAQCfaZ9D1c+TmDKSHfmlCDa2hluPnsokxuQQ+ETLvHf8
DTP5g8zpSqPytOWKahaeBJATiNWANo8YhpsV6SWfYNhh6DuK1xp2qYvArdA6OuFl
IWtgjjjrKVb8ov0P5ZJBFHi3+0JhyybVIggCatqbvcB5VwUh6CAbsE9Npoqatv1R
YZQGQ2p7DUH4qPuwb+Xrw1uz2uV0N3cZ+iZ/ZDTs8hlCOXlcO43HiyuTWlIlqtfa
b+e9mEnyoNEBhSJS5CyXcoHzhpeRlPLtA0rClI1K4youlE/Xr3vjJJLQIGXi+CMh
X/02M8wO1kodxucKFG2l/MlY5AHlDs9Ovx96KWTybsns
-----END CERTIFICATE-----
Generated at Sun May 5 22:04:21 2024 by rpki-client on console-fra.rpki-client.org