Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
File: cf51afdd-468d-4999-b2cd-4c6517505aee.roa (raw, json)
Hash identifier: ch5ShsiNKnZRiHACRiERdxkN3qYOkuI7snCmkGJzuYc=
Subject key identifier: DB:C7:49:69:0E:20:A5:8B:FA:C4:91:41:F9:DD:8A:45:82:29:18:45
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0DA48123C38FEDD6B2330902BDB34CD38EEBDCA0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.202.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:a4:81:23:c3:8f:ed:d6:b2:33:09:02:bd:b3:4c:d3:8e:eb:dc:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=9781c16b1d1b1498a8edeb3057a5f22e4e21494c505c45a42a1c19a9e783b41d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:18:55:3d:21:31:ad:65:a2:c3:f0:13:e2:79:
66:bf:14:c0:8c:fc:bc:51:f6:f8:3f:b5:9a:ca:c9:
6e:77:37:71:e2:56:ed:d5:f7:7c:59:56:20:5d:27:
e9:23:e4:30:90:8c:f4:57:51:ec:4a:f2:77:f3:2d:
06:de:97:da:04:dd:66:54:25:4e:50:c8:e6:d3:0d:
5c:5d:29:b7:32:49:3a:a5:3a:93:f8:12:79:04:3b:
0b:d3:06:d8:a9:2e:b6:92:42:f1:15:d3:82:00:6f:
e6:bd:41:c3:8f:f1:a9:d4:35:61:ec:94:f8:43:87:
66:ec:4b:25:8c:13:ca:ee:81:5a:d9:15:9c:a5:45:
e1:07:20:4e:3d:ae:92:c4:68:55:7f:91:6c:af:32:
d8:96:2c:37:38:14:e2:98:31:ae:1d:6c:01:c1:1d:
d1:80:01:ff:de:f5:ef:e3:ef:28:ac:b3:52:6c:f3:
1b:0a:d7:d0:33:27:f1:6c:df:cc:76:6c:19:6d:1b:
34:99:d3:7a:41:a7:eb:02:e5:d2:f8:71:6a:d1:fc:
49:fb:77:ab:a1:54:67:d7:c6:cb:86:b0:e4:42:f9:
ab:8d:23:7b:fb:48:07:2c:c7:e7:6d:25:36:b5:c1:
6f:e7:41:19:3a:a6:6e:cf:a3:a0:09:43:47:91:9a:
c9:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:C7:49:69:0E:20:A5:8B:FA:C4:91:41:F9:DD:8A:45:82:29:18:45
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.202.0.0/15
Signature Algorithm: sha256WithRSAEncryption
3d:93:96:db:cd:b6:16:9e:53:d9:79:b8:a1:ad:a8:d3:14:19:
f6:17:98:43:26:75:50:62:6f:d2:1c:86:b3:84:4b:62:cb:34:
67:16:1b:d4:bb:51:b6:33:fa:a8:02:43:44:da:f7:85:5a:92:
80:02:69:b2:7e:8f:ba:fb:63:a5:2c:6b:4b:4c:a9:19:f9:3d:
f5:bf:27:01:7d:4f:d0:20:1d:30:56:7b:ef:24:01:0e:ad:e0:
8c:41:83:8e:d1:69:22:b6:ea:8e:4d:3c:3e:cf:1b:c3:3f:e6:
3c:ea:66:a4:26:a9:53:8c:fd:48:e7:0d:a0:37:06:92:a3:81:
95:74:10:67:d6:66:e9:7a:4d:b9:bc:c2:81:16:11:67:b2:d7:
47:2b:1d:80:fb:ca:a6:f7:8e:6b:00:78:92:d1:34:63:da:f2:
41:db:86:67:bd:5a:b0:33:fc:70:b3:b5:d1:04:4f:dd:d4:33:
3e:96:78:e8:eb:7b:c5:74:7b:4c:ea:b8:d9:1c:6b:9b:b0:fe:
c9:82:84:30:dd:8d:3f:c4:60:d7:20:cc:40:b0:ac:6c:6b:c0:
a2:76:22:8d:d0:b6:37:c2:d6:10:fb:d6:b1:b4:e5:2b:39:69:
48:4a:2c:d2:84:e7:5b:f8:ae:61:9b:40:22:0c:21:f7:70:de:
4f:9f:d7:df
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUDaSBI8OP7dayMwkCvbNM047r3KAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDk3ODFjMTZiMWQxYjE0OThhOGVkZWIzMDU3YTVmMjJlNGUyMTQ5NGM1MDVj
NDVhNDJhMWMxOWE5ZTc4M2I0MWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALQYVT0hMa1losPwE+J5Zr8UwIz8vFH2+D+1msrJbnc3ceJW7dX3fFlWIF0n
6SPkMJCM9FdR7Eryd/MtBt6X2gTdZlQlTlDI5tMNXF0ptzJJOqU6k/gSeQQ7C9MG
2KkutpJC8RXTggBv5r1Bw4/xqdQ1YeyU+EOHZuxLJYwTyu6BWtkVnKVF4QcgTj2u
ksRoVX+RbK8y2JYsNzgU4pgxrh1sAcEd0YAB/9717+PvKKyzUmzzGwrX0DMn8Wzf
zHZsGW0bNJnTekGn6wLl0vhxatH8Sft3q6FUZ9fGy4aw5EL5q40je/tIByzH520l
NrXBb+dBGTqmbs+joAlDR5GaydkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTbx0lp
DiCli/rEkUH53YpFgikYRTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2Y1MWFmZGQtNDY4ZC00OTk5LWIyY2QtNGM2NTE3NTA1YWVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPKMA0G
CSqGSIb3DQEBCwUAA4IBAQA9k5bbzbYWnlPZebihrajTFBn2F5hDJnVQYm/SHIaz
hEtiyzRnFhvUu1G2M/qoAkNE2veFWpKAAmmyfo+6+2OlLGtLTKkZ+T31vycBfU/Q
IB0wVnvvJAEOreCMQYOO0WkituqOTTw+zxvDP+Y86makJqlTjP1I5w2gNwaSo4GV
dBBn1mbpek25vMKBFhFnstdHKx2A+8qm945rAHiS0TRj2vJB24ZnvVqwM/xws7XR
BE/d1DM+lnjo63vFdHtM6rjZHGubsP7JgoQw3Y0/xGDXIMxAsKxsa8CidiKN0LY3
wtYQ+9axtOUrOWlISizShOdb+K5hm0AiDCH3cN5Pn9ff
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:43 2024 by rpki-client on console-fra.rpki-client.org