Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa
File: a02f9994-3943-4a2f-8467-87935bf3bf9e.roa (raw, json)
Hash identifier: VMTDZCIdlJ6usttTpMxy0aHpSVhBt3rQzCahDZyjjhg=
Subject key identifier: 10:00:44:B9:98:E1:93:33:46:3A:A0:4C:E5:49:2E:AF:48:16:2D:30
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 405953CA03441A859D6364254B4D1CAB7D90F3AF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.69.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:59:53:ca:03:44:1a:85:9d:63:64:25:4b:4d:1c:ab:7d:90:f3:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=8c9ee45c9ca09fd67c9b044261e5521c1b7d3871cb1eb41938c6c2c906c7ec18, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:79:b2:43:33:dd:33:1a:2c:f6:2d:94:ae:8b:
6f:63:2b:65:af:63:d3:25:2d:9e:6a:e0:3e:0f:6b:
63:44:bb:91:9a:5c:7c:5f:e9:31:19:92:11:a5:a6:
8a:11:18:25:ba:60:dd:95:3d:c0:7a:dc:67:69:e4:
ce:7f:ed:98:41:fe:10:10:e2:40:dd:ba:ca:61:b9:
e1:fa:b0:59:74:c8:5f:ee:22:c1:aa:bb:b8:9e:a3:
ad:a2:eb:7c:d9:a8:f9:e3:d8:b9:12:67:5b:05:d2:
b2:16:f0:c0:40:f4:55:53:86:ac:e0:e5:fc:e5:bc:
d0:40:d4:fd:ce:9f:12:0d:41:81:48:74:2e:5d:9b:
b7:09:a5:0b:85:37:b2:fb:13:06:a8:be:c8:ea:e3:
39:07:b1:dc:bc:ae:b9:ee:47:69:c3:0d:ea:8c:28:
2d:be:03:0f:92:64:da:cf:4d:db:9b:e4:be:40:65:
ee:ed:6b:fd:10:62:a0:93:85:c5:6f:76:a9:fb:9c:
94:d4:57:5f:67:21:b6:a9:f8:c5:5f:c9:0a:16:8c:
e6:f8:5c:c7:b3:ed:3a:ca:f1:5b:99:df:ac:10:85:
53:5a:40:c7:82:05:d6:8a:31:f3:4b:d5:de:e2:51:
c3:23:09:ef:6f:7d:05:b2:25:76:36:73:b4:8c:83:
d1:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:00:44:B9:98:E1:93:33:46:3A:A0:4C:E5:49:2E:AF:48:16:2D:30
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.69.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a2:4c:50:2d:51:74:97:5f:e7:75:39:92:c8:87:a6:84:47:6a:
33:c7:ad:d0:b8:0c:69:75:1c:9f:14:3f:9f:5b:65:2a:44:78:
52:f1:2d:28:04:a0:11:32:eb:2d:71:f7:b9:96:f5:0a:a6:23:
5c:03:9f:73:ac:14:7c:d3:7a:7f:37:87:4c:3d:ed:2a:cc:9b:
4f:6f:bb:46:25:da:8a:89:32:4a:81:2a:1a:db:0b:df:bc:16:
90:6c:0f:63:03:3d:44:80:98:16:8a:49:63:f3:13:87:ad:92:
db:a0:17:e7:3b:27:0c:f8:93:06:47:c4:92:c7:18:71:16:17:
8b:16:92:4e:93:d8:aa:bf:b9:be:b8:10:5d:07:0b:a4:2c:22:
55:3b:29:d8:52:95:9c:6b:d3:49:91:cf:2b:01:f0:f9:e3:5d:
01:29:83:ca:21:30:21:b0:b3:e2:25:97:3b:83:4c:2c:88:ad:
a0:8c:79:d2:56:51:6e:5b:39:9f:1b:13:57:9e:9b:b4:ed:b6:
f4:59:85:5d:00:9e:dd:87:26:d4:bd:1f:75:a5:61:3a:45:95:
82:b9:15:fa:bc:01:ef:32:73:4b:b1:23:aa:08:7b:3a:c7:c5:
73:83:f8:51:56:f7:49:0f:43:ee:d5:ae:15:d3:ea:91:50:2c:
98:26:38:e1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQFlTygNEGoWdY2QlS00cq32Q868wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDhjOWVlNDVjOWNhMDlmZDY3YzliMDQ0MjYxZTU1MjFjMWI3ZDM4NzFjYjFl
YjQxOTM4YzZjMmM5MDZjN2VjMTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANl5skMz3TMaLPYtlK6Lb2MrZa9j0yUtnmrgPg9rY0S7kZpcfF/pMRmSEaWm
ihEYJbpg3ZU9wHrcZ2nkzn/tmEH+EBDiQN26ymG54fqwWXTIX+4iwaq7uJ6jraLr
fNmo+ePYuRJnWwXSshbwwED0VVOGrODl/OW80EDU/c6fEg1BgUh0Ll2btwmlC4U3
svsTBqi+yOrjOQex3Lyuue5HacMN6owoLb4DD5Jk2s9N25vkvkBl7u1r/RBioJOF
xW92qfuclNRXX2chtqn4xV/JChaM5vhcx7PtOsrxW5nfrBCFU1pAx4IF1oox80vV
3uJRwyMJ7299BbIldjZztIyD0SUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQQAES5
mOGTM0Y6oEzlSS6vSBYtMDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTAyZjk5OTQtMzk0My00YTJmLTg0NjctODc5MzViZjNiZjllLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNFMA0G
CSqGSIb3DQEBCwUAA4IBAQCiTFAtUXSXX+d1OZLIh6aER2ozx63QuAxpdRyfFD+f
W2UqRHhS8S0oBKARMustcfe5lvUKpiNcA59zrBR803p/N4dMPe0qzJtPb7tGJdqK
iTJKgSoa2wvfvBaQbA9jAz1EgJgWiklj8xOHrZLboBfnOycM+JMGR8SSxxhxFheL
FpJOk9iqv7m+uBBdBwukLCJVOynYUpWca9NJkc8rAfD5410BKYPKITAhsLPiJZc7
g0wsiK2gjHnSVlFuWzmfGxNXnpu07bb0WYVdAJ7dhybUvR91pWE6RZWCuRX6vAHv
MnNLsSOqCHs6x8Vzg/hRVvdJD0Pu1a4V0+qRUCyYJjjh
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org