Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a8b62ce7-3238-4647-ad97-9a9628b10f66.roa
File: a8b62ce7-3238-4647-ad97-9a9628b10f66.roa (raw, json)
Hash identifier: xEILUWute5i/tFAlhi5cj2rPpLrNUaWdahzYUsrr3rc=
Subject key identifier: 36:BC:C5:4E:FF:CD:9B:4F:9E:0C:80:2C:ED:76:78:3F:53:AD:C8:C5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1C861A0D79ABB3B914DB855A0530A6D80175FEDA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a8b62ce7-3238-4647-ad97-9a9628b10f66.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.228.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:86:1a:0d:79:ab:b3:b9:14:db:85:5a:05:30:a6:d8:01:75:fe:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=61ee3f0e04c1ba0f160725d5bbbf1fe8a852df8491d4edf54a3c954fcf7e6199, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c6:c0:1e:c8:a5:03:a4:76:80:35:3f:8e:61:
96:44:fa:50:51:14:bf:46:b3:41:da:88:8d:ad:0b:
b1:f7:23:4d:37:e8:b2:51:ae:a0:55:7a:fb:30:da:
42:57:c5:70:3f:bc:f0:2e:1b:ea:05:bd:c0:f7:75:
a1:23:45:0c:9a:fc:dd:f9:e1:8c:a7:21:dd:a6:a3:
ec:69:c7:1d:1d:e4:e8:ad:ef:ae:50:08:b9:89:38:
8a:dd:a8:24:66:83:fa:b6:e7:f3:d0:6c:e3:5c:73:
55:2c:60:10:e3:d1:44:81:ea:58:29:30:1c:9a:57:
8e:f2:27:d8:0f:d9:c1:59:ff:d3:9c:bb:88:f0:31:
a0:37:90:39:f6:58:55:ff:42:c4:07:ce:09:bc:75:
f5:26:f6:11:bc:66:23:98:82:bc:7e:69:11:ab:3e:
1b:aa:73:5e:eb:c9:e5:af:8e:90:90:2d:25:51:68:
77:30:b9:d6:e7:da:38:2f:6e:0a:2d:1f:12:4b:4d:
0f:84:b0:c1:07:a0:39:0f:9b:e7:ee:50:9b:04:51:
45:36:28:9d:e8:88:7d:ab:70:25:48:0b:c9:af:9a:
a2:52:ba:cd:90:4f:55:ea:ab:bf:69:44:c0:b8:17:
eb:29:41:9c:c0:af:9c:f9:8e:e1:f1:90:23:a0:cd:
81:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:BC:C5:4E:FF:CD:9B:4F:9E:0C:80:2C:ED:76:78:3F:53:AD:C8:C5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a8b62ce7-3238-4647-ad97-9a9628b10f66.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.228.0.0/15
Signature Algorithm: sha256WithRSAEncryption
63:76:2d:b6:d3:da:d5:96:58:29:1f:c7:dd:84:45:47:9a:bc:
f1:2a:9e:c8:49:81:e6:be:9f:30:1b:07:8f:06:0b:be:03:c4:
6a:74:56:c5:0d:25:a6:bf:6b:00:d8:50:c4:26:27:10:80:fc:
9c:6d:3e:56:b6:27:c0:89:e0:07:98:51:62:1b:c8:bf:67:f0:
74:c0:0a:02:6a:a8:4c:c0:1d:d3:f9:7e:f0:9f:02:8c:63:a3:
f2:95:42:87:6b:61:56:43:ba:3d:e1:e3:36:96:b9:73:69:ef:
3b:5b:1f:fe:5c:e4:00:94:27:00:58:32:9a:67:4c:09:09:cb:
68:ea:02:17:a8:1b:e2:e0:7b:05:c9:ff:1c:1d:c9:3c:4f:8f:
a6:24:29:a9:a2:5b:10:3e:c3:5b:f7:5d:bc:8c:ea:7b:dc:0a:
71:70:b0:8d:8b:4c:9f:6d:64:b1:e8:6a:3a:90:16:c5:12:dc:
2e:85:69:e6:10:7c:26:9e:c8:a8:a3:2f:3a:69:64:09:44:8d:
4e:70:82:d7:1a:22:a5:ce:88:c6:ed:25:f5:1a:d3:7e:6e:7f:
35:2a:d9:93:2b:51:56:5d:76:98:f5:c9:91:0f:3c:89:b3:bc:
42:0f:39:78:63:33:c6:d4:66:cf:cf:27:59:06:e9:90:64:c8:
59:bc:e0:95
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHIYaDXmrs7kU24VaBTCm2AF1/towDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDYxZWUzZjBlMDRjMWJhMGYxNjA3MjVkNWJiYmYxZmU4YTg1MmRmODQ5MWQ0
ZWRmNTRhM2M5NTRmY2Y3ZTYxOTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI/GwB7IpQOkdoA1P45hlkT6UFEUv0azQdqIja0LsfcjTTfoslGuoFV6+zDa
QlfFcD+88C4b6gW9wPd1oSNFDJr83fnhjKch3aaj7GnHHR3k6K3vrlAIuYk4it2o
JGaD+rbn89Bs41xzVSxgEOPRRIHqWCkwHJpXjvIn2A/ZwVn/05y7iPAxoDeQOfZY
Vf9CxAfOCbx19Sb2EbxmI5iCvH5pEas+G6pzXuvJ5a+OkJAtJVFodzC51ufaOC9u
Ci0fEktND4SwwQegOQ+b5+5QmwRRRTYoneiIfatwJUgLya+aolK6zZBPVeqrv2lE
wLgX6ylBnMCvnPmO4fGQI6DNgQ0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ2vMVO
/82bT54MgCztdng/U63IxTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YThiNjJjZTctMzIzOC00NjQ3LWFkOTctOWE5NjI4YjEwZjY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPkMA0G
CSqGSIb3DQEBCwUAA4IBAQBjdi2209rVllgpH8fdhEVHmrzxKp7ISYHmvp8wGweP
Bgu+A8RqdFbFDSWmv2sA2FDEJicQgPycbT5WtifAieAHmFFiG8i/Z/B0wAoCaqhM
wB3T+X7wnwKMY6PylUKHa2FWQ7o94eM2lrlzae87Wx/+XOQAlCcAWDKaZ0wJCcto
6gIXqBvi4HsFyf8cHck8T4+mJCmpolsQPsNb9128jOp73ApxcLCNi0yfbWSx6Go6
kBbFEtwuhWnmEHwmnsiooy86aWQJRI1OcILXGiKlzojG7SX1GtN+bn81KtmTK1FW
XXaY9cmRDzyJs7xCDzl4YzPG1GbPzydZBumQZMhZvOCV
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:13 2024 by rpki-client on console-ams.rpki-client.org