Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c739e23-5bae-43bd-bade-a1f5158b6cc3.roa
File: 9c739e23-5bae-43bd-bade-a1f5158b6cc3.roa (raw, json)
Hash identifier: DAWXqD1FeymtrtqkGVxYhxhTcyWlgDtWqf9y79PXQUs=
Subject key identifier: 90:24:D8:F7:EF:60:CB:29:F5:05:54:F5:2E:ED:28:35:57:AB:42:64
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 62154ED823DD625AA9D737DB47D7C13DB0D29D58
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c739e23-5bae-43bd-bade-a1f5158b6cc3.roa
Signing time: Mon 10 Jun 2024 00:00:00 +0000
ROA not before: Mon 10 Jun 2024 00:00:00 +0000
ROA not after: Mon 15 Jul 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.72.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:15:4e:d8:23:dd:62:5a:a9:d7:37:db:47:d7:c1:3d:b0:d2:9d:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 10 00:00:00 2024 GMT
Not After : Jul 15 23:59:59 2024 GMT
Subject: serialNumber=a0065f08ddccaa7053921ee1025313bae5b1b50d31bf1fe3eef586dc6ee9f4a7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:16:66:78:6e:53:cf:95:45:87:c1:2c:bf:c8:
a3:01:13:72:f7:af:40:78:e0:f9:f3:0f:0d:34:1f:
66:56:dc:9f:fd:60:78:69:46:4e:25:7a:2c:4c:61:
02:36:d8:5e:d8:a8:c6:cf:49:ff:d7:90:b2:a7:50:
19:2d:ad:2a:eb:89:83:d2:fd:e1:88:ec:e5:dc:ce:
49:42:c0:56:00:fa:d6:a6:fd:3f:49:d3:01:73:e8:
e7:d9:65:3b:5c:e8:44:fc:5c:92:a7:a3:f8:54:0f:
20:e7:02:46:b3:22:3d:30:bd:f4:09:a2:07:48:2a:
a6:8e:af:ca:7e:b4:3e:ef:6d:82:bb:25:80:30:6f:
d4:28:40:95:9b:c3:66:89:3d:37:82:4b:14:6e:be:
7b:85:b4:94:d8:e0:36:3a:31:1a:27:e1:09:e3:3e:
86:12:5d:4b:eb:fa:f6:9c:78:3f:71:9d:b8:07:24:
d5:f8:c9:63:e6:a1:74:c4:41:c6:9f:d4:09:ef:21:
29:c8:11:87:77:90:58:fe:7e:ca:61:bd:65:ef:18:
a6:40:90:1f:84:5c:98:73:88:51:4e:41:0b:d7:60:
5d:c4:21:7f:5e:d3:cb:1d:6c:14:aa:40:0f:e9:a3:
21:16:09:07:9b:69:55:22:f8:6a:d3:c6:99:5a:7c:
73:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:24:D8:F7:EF:60:CB:29:F5:05:54:F5:2E:ED:28:35:57:AB:42:64
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c739e23-5bae-43bd-bade-a1f5158b6cc3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.72.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c8:3e:19:40:5c:60:b3:eb:c5:81:af:5f:ac:0c:10:18:d3:4a:
d6:1c:73:ea:c2:18:79:a7:c6:a8:36:51:da:7b:33:a8:fe:9b:
1c:cc:7b:32:08:94:ab:6f:4c:b6:79:cc:21:1d:51:b3:24:05:
f2:f3:7c:03:cf:3d:15:a8:16:83:3a:34:01:a3:e1:34:cf:dd:
de:eb:4b:e8:24:ac:51:30:c3:08:af:11:a5:52:ed:79:18:69:
1e:5b:3f:5e:39:a8:d5:69:df:4a:8b:77:a6:3b:51:42:f7:3b:
ca:93:43:2c:e8:fb:bd:60:df:e9:2f:b3:db:36:14:8b:e8:72:
cc:98:7f:36:91:08:0e:12:33:0f:c0:3c:60:0a:87:1f:52:2f:
08:cf:ad:31:b8:2f:51:7a:86:7d:de:a5:8e:cc:8c:89:10:9b:
e7:42:b0:d4:d0:4b:cb:08:51:82:9f:10:2c:59:8a:16:ad:18:
79:e1:24:f6:00:d7:67:a7:77:ee:89:ec:f5:14:83:09:2b:2a:
02:cd:85:86:5e:53:19:f0:e0:26:fb:80:47:a0:f8:0a:c2:ae:
26:ca:6b:4c:b7:77:39:67:68:87:35:31:32:a6:8c:5b:f0:ee:
60:52:89:dc:56:88:3a:be:ff:a9:fb:72:b7:09:19:62:46:30:
49:2f:68:4c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYhVO2CPdYlqp1zfbR9fBPbDSnVgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTAwMDAwMDBaFw0yNDA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGEwMDY1ZjA4ZGRjY2FhNzA1MzkyMWVlMTAyNTMxM2JhZTViMWI1MGQzMWJm
MWZlM2VlZjU4NmRjNmVlOWY0YTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJsWZnhuU8+VRYfBLL/IowETcvevQHjg+fMPDTQfZlbcn/1geGlGTiV6LExh
AjbYXtioxs9J/9eQsqdQGS2tKuuJg9L94Yjs5dzOSULAVgD61qb9P0nTAXPo59ll
O1zoRPxckqej+FQPIOcCRrMiPTC99AmiB0gqpo6vyn60Pu9tgrslgDBv1ChAlZvD
Zok9N4JLFG6+e4W0lNjgNjoxGifhCeM+hhJdS+v69px4P3GduAck1fjJY+ahdMRB
xp/UCe8hKcgRh3eQWP5+ymG9Ze8YpkCQH4RcmHOIUU5BC9dgXcQhf17Tyx1sFKpA
D+mjIRYJB5tpVSL4atPGmVp8cxUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSQJNj3
72DLKfUFVPUu7Sg1V6tCZDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWM3MzllMjMtNWJhZS00M2JkLWJhZGUtYTFmNTE1OGI2Y2MzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNIMA0G
CSqGSIb3DQEBCwUAA4IBAQDIPhlAXGCz68WBr1+sDBAY00rWHHPqwhh5p8aoNlHa
ezOo/psczHsyCJSrb0y2ecwhHVGzJAXy83wDzz0VqBaDOjQBo+E0z93e60voJKxR
MMMIrxGlUu15GGkeWz9eOajVad9Ki3emO1FC9zvKk0Ms6Pu9YN/pL7PbNhSL6HLM
mH82kQgOEjMPwDxgCocfUi8Iz60xuC9ReoZ93qWOzIyJEJvnQrDU0EvLCFGCnxAs
WYoWrRh54ST2ANdnp3fuiez1FIMJKyoCzYWGXlMZ8OAm+4BHoPgKwq4mymtMt3c5
Z2iHNTEypoxb8O5gUoncVog6vv+p+3K3CRliRjBJL2hM
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org