Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c864a337-1849-4930-bc3c-6984d2b51a7e.roa
File: c864a337-1849-4930-bc3c-6984d2b51a7e.roa (raw, json)
Hash identifier: qv1Kkpr0ILjWaM3E2GGLQPSiS5ofuXJfeNifkII1Vpo=
Subject key identifier: 7C:F7:02:5C:E8:EC:ED:8A:B5:90:28:95:FD:B8:FF:87:91:33:F3:55
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 023D9F8D78428622D38324E65177B1625DA6A928
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c864a337-1849-4930-bc3c-6984d2b51a7e.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.216.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:3d:9f:8d:78:42:86:22:d3:83:24:e6:51:77:b1:62:5d:a6:a9:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=b34a9ce16a5d0f233b06d2b871d77023222d1d01f9d7a53c3fb4bee3ea12b1d5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:11:80:75:35:02:dd:cd:d2:66:95:db:20:01:
8d:58:06:a1:fb:0e:35:13:7d:2a:00:36:d9:76:e5:
cd:14:20:3b:29:8f:af:16:cb:44:8f:e1:72:a3:11:
fb:cd:ce:28:ca:a1:7c:27:ed:f7:44:ef:48:fc:91:
b0:3b:e7:cc:2d:5b:a4:ad:90:30:00:11:18:15:5b:
af:82:20:af:5c:45:71:eb:0b:f6:10:a9:6a:f3:21:
a7:d4:0f:48:59:45:f8:8d:27:c9:3a:be:21:d4:dc:
bd:fb:4f:16:0e:48:0b:00:a9:e7:68:03:92:45:9d:
7d:41:45:33:4d:a4:78:d2:87:a3:a8:f5:b7:81:a1:
68:36:80:d5:6c:4e:c5:c2:9b:c5:62:97:88:22:b9:
fe:1d:c4:b2:4a:b8:b0:ee:20:48:96:97:55:c9:a1:
49:38:71:af:be:ea:99:28:09:99:6c:1e:4d:e4:ba:
91:b2:23:d6:2e:a9:4e:fe:36:6a:45:11:27:7d:d0:
5d:cf:a3:d9:82:c3:51:b1:35:38:98:3f:3a:53:c9:
a7:5e:63:f7:d4:14:49:2f:61:b6:2c:c4:50:19:f7:
40:14:9b:20:10:4a:4a:c8:5e:c3:54:b4:43:2e:8b:
dd:cd:52:ee:f4:76:42:99:d9:c6:8a:05:75:7d:c9:
e8:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:F7:02:5C:E8:EC:ED:8A:B5:90:28:95:FD:B8:FF:87:91:33:F3:55
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c864a337-1849-4930-bc3c-6984d2b51a7e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.216.0.0/15
Signature Algorithm: sha256WithRSAEncryption
86:9a:9c:08:13:d3:6e:ac:63:52:a1:e1:b0:d4:10:9e:d5:9a:
66:24:6e:8f:de:7b:1b:d1:47:9c:7a:04:c6:8e:09:8f:13:27:
0d:a8:35:fe:3d:bc:fc:19:be:ed:ac:7e:da:eb:90:e0:ed:d8:
f2:11:11:d4:05:b6:8e:07:be:87:fe:bb:57:5d:d8:ba:93:fc:
e3:41:a4:9e:48:38:01:3d:9f:9d:52:b3:bb:0b:62:b0:ea:da:
4f:b4:7b:fb:22:d5:5c:1e:0b:00:8b:e9:1d:35:2b:a4:2e:1c:
8e:40:74:13:73:ea:17:4d:bd:02:32:69:2a:4d:9c:85:1b:cc:
8b:d2:a7:e7:8c:ee:4d:ba:9e:b2:b8:2f:82:15:25:df:88:56:
04:5d:78:c5:68:77:1b:ad:32:d6:7c:1c:8a:48:28:e1:63:ed:
ed:bd:11:d7:66:e6:8a:92:71:dc:cc:49:4c:e0:46:d7:8a:2c:
74:54:15:6a:82:c6:2d:4b:8b:5a:98:83:27:cf:5b:7c:1d:83:
32:fa:1d:31:2f:53:71:f0:6e:ee:41:4e:01:19:2f:1d:de:07:
ea:09:a3:5c:70:dd:20:7e:bc:aa:e7:28:77:9d:2c:a4:49:b0:
0f:b3:5c:19:d6:51:3d:5f:88:d7:64:2e:32:48:89:cd:75:17:
23:3c:6d:69
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUAj2fjXhChiLTgyTmUXexYl2mqSgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzNGE5Y2UxNmE1ZDBmMjMzYjA2ZDJiODcxZDc3MDIzMjIyZDFkMDFmOWQ3
YTUzYzNmYjRiZWUzZWExMmIxZDUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMkRgHU1At3N0maV2yABjVgGofsONRN9KgA22XblzRQgOymPrxbLRI/hcqMR
+83OKMqhfCft90TvSPyRsDvnzC1bpK2QMAARGBVbr4Igr1xFcesL9hCpavMhp9QP
SFlF+I0nyTq+IdTcvftPFg5ICwCp52gDkkWdfUFFM02keNKHo6j1t4GhaDaA1WxO
xcKbxWKXiCK5/h3Eskq4sO4gSJaXVcmhSThxr77qmSgJmWweTeS6kbIj1i6pTv42
akURJ33QXc+j2YLDUbE1OJg/OlPJp15j99QUSS9htizEUBn3QBSbIBBKSshew1S0
Qy6L3c1S7vR2QpnZxooFdX3J6NUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR89wJc
6OztirWQKJX9uP+HkTPzVTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Yzg2NGEzMzctMTg0OS00OTMwLWJjM2MtNjk4NGQyYjUxYTdlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPYMA0G
CSqGSIb3DQEBCwUAA4IBAQCGmpwIE9NurGNSoeGw1BCe1ZpmJG6P3nsb0UecegTG
jgmPEycNqDX+Pbz8Gb7trH7a65Dg7djyERHUBbaOB76H/rtXXdi6k/zjQaSeSDgB
PZ+dUrO7C2Kw6tpPtHv7ItVcHgsAi+kdNSukLhyOQHQTc+oXTb0CMmkqTZyFG8yL
0qfnjO5Nup6yuC+CFSXfiFYEXXjFaHcbrTLWfByKSCjhY+3tvRHXZuaKknHczElM
4EbXiix0VBVqgsYtS4tamIMnz1t8HYMy+h0xL1Nx8G7uQU4BGS8d3gfqCaNccN0g
fryq5yh3nSykSbAPs1wZ1lE9X4jXZC4ySInNdRcjPG1p
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:14 2024 by rpki-client on console-ams.rpki-client.org