Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c339f126-7fea-49c7-a129-4df9886e5309.roa
File: c339f126-7fea-49c7-a129-4df9886e5309.roa (raw, json)
Hash identifier: 83tXIsZg4ymQRJ1r1g1TiPOKU5sOMIEmhqVns9yiwKg=
Subject key identifier: 37:21:21:2E:20:75:04:23:C0:30:EA:DC:0A:E6:84:39:F5:1A:61:0A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2C7F1051FB9D38F736B3A1A8C525808055B6DC3C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c339f126-7fea-49c7-a129-4df9886e5309.roa
Signing time: Mon 03 Jun 2024 00:00:00 +0000
ROA not before: Mon 03 Jun 2024 00:00:00 +0000
ROA not after: Mon 08 Jul 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.112.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:7f:10:51:fb:9d:38:f7:36:b3:a1:a8:c5:25:80:80:55:b6:dc:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 3 00:00:00 2024 GMT
Not After : Jul 8 23:59:59 2024 GMT
Subject: serialNumber=7ff7aa874e8e8ad41c7fd34725d124461eb4d4cb60c1f394661c75b72aefe9af, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a1:24:e1:bb:3e:d0:cf:aa:63:5b:1e:1b:5d:
38:60:ff:ef:41:bb:bd:bd:5d:35:54:35:74:80:bf:
12:fc:09:42:14:42:78:08:9a:ed:99:80:6b:2a:b9:
74:ea:d6:bb:b2:71:c3:2c:d7:25:43:c3:1c:58:c8:
53:4a:81:13:90:7f:df:28:ce:66:d5:a9:35:68:7b:
9a:53:42:57:c7:ff:03:1c:7e:9b:f6:78:df:19:78:
4b:80:ba:89:1c:aa:4e:46:b9:fb:48:a1:00:84:8c:
01:5e:0d:2c:82:01:52:0a:56:71:48:f3:9c:6d:c5:
00:85:00:1d:15:b3:c5:3c:ff:14:80:fb:48:d2:95:
ba:a5:5d:10:d9:08:a3:7c:be:b4:48:11:c2:36:55:
45:67:c0:52:11:f5:d3:1f:d7:e5:c4:53:2d:35:5c:
db:52:9f:6b:b3:6f:bb:c0:50:35:77:c9:0f:59:d8:
a2:d0:7b:6e:21:e3:06:7c:c8:28:37:00:9f:67:78:
69:1a:e1:c6:63:b4:8c:8a:86:63:3b:e8:d9:c4:89:
a4:2b:f7:f4:db:0b:45:3a:ef:e0:36:f8:e6:2d:c4:
f5:f3:79:cd:70:cb:8d:74:01:80:51:ac:c3:f3:12:
5e:a5:48:8f:a2:e4:d9:a7:75:00:2b:b2:b8:4e:24:
90:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:21:21:2E:20:75:04:23:C0:30:EA:DC:0A:E6:84:39:F5:1A:61:0A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c339f126-7fea-49c7-a129-4df9886e5309.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.112.0/21
Signature Algorithm: sha256WithRSAEncryption
4b:a4:da:66:b4:e3:22:cc:8c:6b:1c:28:a3:55:bd:d4:41:26:
30:17:71:04:9f:1a:9e:29:a2:60:d1:b5:69:55:f6:e8:b8:7e:
09:a7:dc:20:32:41:fe:48:29:29:f0:4c:6d:05:5b:62:f8:a2:
ea:91:40:b4:4f:d3:ae:17:50:f6:df:e1:bb:67:80:f3:d8:c8:
77:8b:8f:2e:02:14:71:a8:7c:db:22:a6:96:e6:3c:aa:d6:1c:
30:b4:c3:fd:52:48:66:94:b3:e8:99:30:2f:85:c2:7c:20:fb:
29:69:89:00:a2:f7:bb:ae:89:aa:f0:84:22:c3:ab:1e:48:22:
a8:3e:dd:ae:b3:d0:aa:51:e3:37:9a:f7:02:79:fe:98:53:ac:
85:b4:ff:59:3b:9f:da:55:b7:1f:1b:8b:9b:a6:2e:fa:f2:ae:
b8:37:b0:16:b0:d2:d9:05:cf:27:0d:1d:7d:ee:01:04:30:0a:
c0:a0:59:4e:d7:6e:eb:c2:c6:cc:e1:f4:d7:ff:35:15:17:ed:
9c:78:4b:38:b9:5a:dd:4c:3d:a3:6b:23:be:69:ff:d5:30:c6:
68:5a:92:40:c4:40:2c:fa:4a:32:97:2c:e8:94:a3:a5:8e:52:
32:07:91:da:7b:ee:60:21:8f:e0:5f:76:09:e6:7a:25:94:d9:
c7:08:63:a3
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIULH8QUfudOPc2s6GoxSWAgFW23DwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MDMwMDAwMDBaFw0yNDA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmZjdhYTg3NGU4ZThhZDQxYzdmZDM0NzI1ZDEyNDQ2MWViNGQ0Y2I2MGMx
ZjM5NDY2MWM3NWI3MmFlZmU5YWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKmhJOG7PtDPqmNbHhtdOGD/70G7vb1dNVQ1dIC/EvwJQhRCeAia7ZmAayq5
dOrWu7JxwyzXJUPDHFjIU0qBE5B/3yjOZtWpNWh7mlNCV8f/Axx+m/Z43xl4S4C6
iRyqTka5+0ihAISMAV4NLIIBUgpWcUjznG3FAIUAHRWzxTz/FID7SNKVuqVdENkI
o3y+tEgRwjZVRWfAUhH10x/X5cRTLTVc21Kfa7Nvu8BQNXfJD1nYotB7biHjBnzI
KDcAn2d4aRrhxmO0jIqGYzvo2cSJpCv39NsLRTrv4Db45i3E9fN5zXDLjXQBgFGs
w/MSXqVIj6Lk2ad1ACuyuE4kkCMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ3ISEu
IHUEI8Aw6twK5oQ59RphCjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzMzOWYxMjYtN2ZlYS00OWM3LWExMjktNGRmOTg4NmU1MzA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAcDAN
BgkqhkiG9w0BAQsFAAOCAQEAS6TaZrTjIsyMaxwoo1W91EEmMBdxBJ8animiYNG1
aVX26Lh+CafcIDJB/kgpKfBMbQVbYvii6pFAtE/TrhdQ9t/hu2eA89jId4uPLgIU
cah82yKmluY8qtYcMLTD/VJIZpSz6JkwL4XCfCD7KWmJAKL3u66JqvCEIsOrHkgi
qD7drrPQqlHjN5r3Ann+mFOshbT/WTuf2lW3HxuLm6Yu+vKuuDewFrDS2QXPJw0d
fe4BBDAKwKBZTtdu68LGzOH01/81FRftnHhLOLla3Uw9o2sjvmn/1TDGaFqSQMRA
LPpKMpcs6JSjpY5SMgeR2nvuYCGP4F92CeZ6JZTZxwhjow==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org