Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a9218a5d-baaa-4846-8ae2-c5145614b368.roa
File: a9218a5d-baaa-4846-8ae2-c5145614b368.roa (raw, json)
Hash identifier: nbTkjpsx0MF+l258hCPZHQ32YavJ1Suub960BtFh2jQ=
Subject key identifier: 22:5C:DC:F7:6E:77:75:76:56:78:17:6D:B8:43:6B:56:DA:9C:FA:69
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6E350969EFC31D85008E2BAEDFEB46809E682452
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a9218a5d-baaa-4846-8ae2-c5145614b368.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.188.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:35:09:69:ef:c3:1d:85:00:8e:2b:ae:df:eb:46:80:9e:68:24:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=7df9867478d0a40060b073219660b3c007e2610f33967bebfaa48ba55c8ee570, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:8e:3d:15:f8:8f:b8:e2:1b:f9:d5:66:da:6e:
13:91:69:71:f8:7d:39:6e:ce:f4:37:62:2c:1c:c1:
d5:01:f7:1d:a4:aa:27:31:1e:09:34:38:1b:27:b5:
36:90:65:87:5b:3a:49:0f:09:bb:29:cc:f3:aa:53:
c5:ed:28:86:13:f4:99:25:2d:f6:d8:9c:2e:13:97:
90:cc:bb:d2:b9:fd:6c:a0:b0:2a:49:5d:d5:2e:3c:
1d:ee:1b:1d:87:ef:88:92:d6:ab:c1:df:41:2e:48:
fe:fc:36:7f:49:2d:6e:fc:76:1b:88:3a:54:48:b4:
08:6a:ec:da:81:72:f0:87:e6:62:07:27:a8:b8:3d:
6d:30:3a:13:ad:59:21:14:ec:7e:0e:89:39:2a:13:
ec:d3:be:11:3c:30:d2:3f:94:28:ac:d6:59:40:55:
ec:d7:a5:35:ce:ad:3e:46:c0:2c:d6:2c:3e:2b:d5:
91:2e:62:50:7d:8d:f4:1e:f0:b4:0e:44:8c:bb:5a:
95:a0:6d:86:0c:bb:0b:4d:4d:af:6e:ed:ba:ea:a1:
44:3f:ae:f5:2d:d8:4b:97:02:fb:5b:91:3d:6c:57:
8c:68:09:de:83:c8:4e:eb:d7:9c:cc:26:88:4e:87:
e1:d5:27:d0:38:a0:c0:2a:44:00:5b:3b:79:b8:6d:
46:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:5C:DC:F7:6E:77:75:76:56:78:17:6D:B8:43:6B:56:DA:9C:FA:69
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a9218a5d-baaa-4846-8ae2-c5145614b368.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.188.0.0/15
Signature Algorithm: sha256WithRSAEncryption
6c:62:eb:27:64:56:f5:20:e8:09:c6:a6:de:8e:79:cb:9f:3e:
31:1a:8d:df:43:7b:9c:e2:5b:fe:0e:a2:6c:92:b0:66:9b:03:
aa:45:5b:0d:a0:d2:af:35:38:22:e3:f1:bd:fe:52:6a:be:18:
d4:15:95:a9:e0:bb:31:a8:49:95:66:b6:41:91:cb:cc:cb:bf:
23:bb:45:96:72:c4:90:71:f8:af:ba:7a:db:38:38:30:53:70:
c6:2b:fc:dc:f7:8b:02:df:82:d6:4d:e6:3f:bc:5d:0a:31:ff:
70:9b:4b:70:aa:c2:21:1b:fa:12:2b:7a:75:2d:05:e5:ab:bb:
bf:8f:77:f5:7e:08:3c:ca:07:54:45:b7:86:49:b9:af:79:f3:
43:45:59:3a:b9:7a:19:08:e7:27:de:fd:25:62:5a:97:28:17:
98:26:4a:5c:c5:02:74:f9:a3:55:f6:c9:1e:ea:12:87:a6:cc:
02:4b:09:71:18:ca:eb:7b:c6:43:0c:cf:bf:01:db:fc:6e:27:
9b:c8:94:70:5b:19:ba:9d:5a:8b:09:30:5c:8d:76:2d:b5:98:
76:53:e1:d1:ae:76:ad:23:89:aa:12:fc:d5:15:4f:3b:04:3f:
ad:d0:97:e3:a2:fd:0b:08:2c:22:08:d0:03:97:cf:37:3e:6c:
5d:9e:16:0b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbjUJae/DHYUAjiuu3+tGgJ5oJFIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDdkZjk4Njc0NzhkMGE0MDA2MGIwNzMyMTk2NjBiM2MwMDdlMjYxMGYzMzk2
N2JlYmZhYTQ4YmE1NWM4ZWU1NzAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMyOPRX4j7jiG/nVZtpuE5Fpcfh9OW7O9DdiLBzB1QH3HaSqJzEeCTQ4Gye1
NpBlh1s6SQ8JuynM86pTxe0ohhP0mSUt9ticLhOXkMy70rn9bKCwKkld1S48He4b
HYfviJLWq8HfQS5I/vw2f0ktbvx2G4g6VEi0CGrs2oFy8IfmYgcnqLg9bTA6E61Z
IRTsfg6JOSoT7NO+ETww0j+UKKzWWUBV7NelNc6tPkbALNYsPivVkS5iUH2N9B7w
tA5EjLtalaBthgy7C01Nr27tuuqhRD+u9S3YS5cC+1uRPWxXjGgJ3oPITuvXnMwm
iE6H4dUn0DigwCpEAFs7ebhtRqMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQiXNz3
bnd1dlZ4F224Q2tW2pz6aTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTkyMThhNWQtYmFhYS00ODQ2LThhZTItYzUxNDU2MTRiMzY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO8MA0G
CSqGSIb3DQEBCwUAA4IBAQBsYusnZFb1IOgJxqbejnnLnz4xGo3fQ3uc4lv+DqJs
krBmmwOqRVsNoNKvNTgi4/G9/lJqvhjUFZWp4LsxqEmVZrZBkcvMy78ju0WWcsSQ
cfivunrbODgwU3DGK/zc94sC34LWTeY/vF0KMf9wm0twqsIhG/oSK3p1LQXlq7u/
j3f1fgg8ygdURbeGSbmvefNDRVk6uXoZCOcn3v0lYlqXKBeYJkpcxQJ0+aNV9ske
6hKHpswCSwlxGMrre8ZDDM+/Adv8biebyJRwWxm6nVqLCTBcjXYttZh2U+HRrnat
I4mqEvzVFU87BD+t0Jfjov0LCCwiCNADl883PmxdnhYL
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:13 2024 by rpki-client on console-ams.rpki-client.org