Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c52c69c6-3ca8-47ff-a103-a122542306b4.roa
File: c52c69c6-3ca8-47ff-a103-a122542306b4.roa (raw, json)
Hash identifier: uIcelCfKdp9mNBOgGCuwmR4l/Vz7BLdUoC25Nt/DS84=
Subject key identifier: D9:9F:09:AA:4B:94:F4:E3:E0:16:C1:F0:75:C6:C1:8C:32:40:01:59
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2616B8634283383BB457C5A78E7CF3F8BE4E6AFD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c52c69c6-3ca8-47ff-a103-a122542306b4.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.20.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:16:b8:63:42:83:38:3b:b4:57:c5:a7:8e:7c:f3:f8:be:4e:6a:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=190f8907732034bb6363c5458893b28ca4efe19a64536cf7f933b0e174f455e0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:12:76:00:6a:d9:76:de:c1:1b:c4:1d:ac:90:
bc:05:45:14:5e:af:94:99:6e:de:9a:3d:ee:64:3f:
fc:e9:71:a3:2b:11:0b:6a:75:39:f3:0d:ae:64:ac:
55:b0:e0:db:e0:a0:af:9f:bc:23:df:02:85:67:6b:
63:5e:be:02:e6:e5:d5:a2:6a:15:9d:4e:d2:b9:66:
03:fa:f3:c1:0e:94:c8:8c:f4:8a:2e:5f:92:54:78:
16:94:dd:e0:87:de:b7:50:05:94:20:56:da:58:be:
7c:c5:ca:54:26:75:78:bc:ac:3a:5e:07:42:3c:81:
07:e4:83:4c:93:55:0f:6a:7a:00:25:70:7b:98:4d:
6b:e3:ac:c6:fc:fb:b4:2c:3a:dc:2a:33:ee:c9:66:
1d:a4:6f:e4:86:b9:39:18:12:b3:1e:1c:cb:1f:64:
18:ab:ec:b7:61:a8:0f:86:13:7e:48:57:89:9d:f2:
31:11:71:75:fb:1c:b6:34:e1:9c:5d:2f:7e:4e:9d:
65:14:28:05:d8:61:eb:d6:5b:32:77:89:a5:5a:c2:
d9:20:ee:f9:20:07:cb:89:f1:58:f1:72:87:e3:5c:
96:eb:6b:97:05:37:40:e7:37:55:af:d6:3d:aa:67:
84:76:f7:45:d9:b9:7c:c7:d2:e2:1e:b9:6a:9e:98:
b4:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:9F:09:AA:4B:94:F4:E3:E0:16:C1:F0:75:C6:C1:8C:32:40:01:59
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c52c69c6-3ca8-47ff-a103-a122542306b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.20.0.0/14
Signature Algorithm: sha256WithRSAEncryption
5f:6a:75:a5:18:92:b1:82:04:8b:97:08:b5:53:8d:f4:63:e9:
e8:97:66:3e:df:a5:53:d4:74:63:65:6d:17:f3:c0:40:54:e2:
41:3e:93:2b:c1:f5:2d:6a:a8:45:15:f7:7e:55:19:5c:89:f3:
45:9a:eb:2f:0f:26:fb:cb:16:00:6b:81:3c:9f:44:e6:f8:07:
30:2c:d2:d0:1d:89:f4:72:32:34:c3:7b:a1:ff:17:a0:45:b5:
d3:19:40:68:67:d1:58:ac:78:fe:ed:ae:79:36:bd:5f:49:fd:
06:85:a1:02:92:d9:1f:2b:7a:65:6e:d8:62:75:c3:50:ee:d3:
62:6a:74:8f:8a:6c:4a:81:75:4b:c5:8b:25:9f:6d:bf:d1:1f:
c5:5f:8f:4b:b1:82:ec:79:78:b4:cf:04:14:18:b6:d1:08:a2:
73:09:90:2c:cd:8d:b6:d4:0e:13:1d:7f:1c:ef:33:04:db:86:
4d:61:4e:ff:35:87:86:e3:e0:2e:57:d5:43:85:1e:89:07:31:
7a:12:f6:f6:28:82:a4:01:31:d6:16:63:a5:61:e6:3a:0e:6f:
65:c7:51:b9:ac:71:4b:ec:64:4e:93:61:75:13:7a:94:1c:b1:
b6:6e:0f:91:de:cf:87:b8:a5:48:17:dd:1d:fe:d7:57:30:6f:
be:bd:bd:22
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJha4Y0KDODu0V8Wnjnzz+L5Oav0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE5MGY4OTA3NzMyMDM0YmI2MzYzYzU0NTg4OTNiMjhjYTRlZmUxOWE2NDUz
NmNmN2Y5MzNiMGUxNzRmNDU1ZTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANYSdgBq2XbewRvEHayQvAVFFF6vlJlu3po97mQ//OlxoysRC2p1OfMNrmSs
VbDg2+Cgr5+8I98ChWdrY16+Aubl1aJqFZ1O0rlmA/rzwQ6UyIz0ii5fklR4FpTd
4Ifet1AFlCBW2li+fMXKVCZ1eLysOl4HQjyBB+SDTJNVD2p6ACVwe5hNa+Osxvz7
tCw63Coz7slmHaRv5Ia5ORgSsx4cyx9kGKvst2GoD4YTfkhXiZ3yMRFxdfsctjTh
nF0vfk6dZRQoBdhh69ZbMneJpVrC2SDu+SAHy4nxWPFyh+NclutrlwU3QOc3Va/W
PapnhHb3Rdm5fMfS4h65ap6YtJECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTZnwmq
S5T04+AWwfB1xsGMMkABWTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzUyYzY5YzYtM2NhOC00N2ZmLWExMDMtYTEyMjU0MjMwNmI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMUMA0G
CSqGSIb3DQEBCwUAA4IBAQBfanWlGJKxggSLlwi1U430Y+nol2Y+36VT1HRjZW0X
88BAVOJBPpMrwfUtaqhFFfd+VRlcifNFmusvDyb7yxYAa4E8n0Tm+AcwLNLQHYn0
cjI0w3uh/xegRbXTGUBoZ9FYrHj+7a55Nr1fSf0GhaECktkfK3plbthidcNQ7tNi
anSPimxKgXVLxYsln22/0R/FX49LsYLseXi0zwQUGLbRCKJzCZAszY221A4THX8c
7zME24ZNYU7/NYeG4+AuV9VDhR6JBzF6Evb2KIKkATHWFmOlYeY6Dm9lx1G5rHFL
7GROk2F1E3qUHLG2bg+R3s+HuKVIF90d/tdXMG++vb0i
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:14 2024 by rpki-client on console-ams.rpki-client.org