Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d18fde79-f555-4173-b698-355d8129ae53.roa
File: d18fde79-f555-4173-b698-355d8129ae53.roa (raw, json)
Hash identifier: 09p7aN9oXRVQv2y9AjX4qkCjAVH9VkYvLEQVCR9pTf4=
Subject key identifier: 1A:4E:93:38:F4:AC:22:FA:0F:11:F1:71:43:CF:9E:39:EF:43:41:5F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6063A564200B63A2A9FB0BAF2831E78F4136B480
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d18fde79-f555-4173-b698-355d8129ae53.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.0.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:63:a5:64:20:0b:63:a2:a9:fb:0b:af:28:31:e7:8f:41:36:b4:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=5803ccbd4e151e79051150d676424bf920238c180f725adf6ca0717da0a1e528, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:c8:36:29:ab:9d:42:27:5e:99:1e:0a:4a:1b:
da:20:d5:08:18:33:b9:ad:94:16:79:1d:e4:b4:8c:
9b:f5:d0:8e:56:b9:77:53:66:d1:69:32:07:c4:af:
47:0e:d1:1b:58:87:59:f6:e1:ea:7a:e4:5d:38:c2:
10:aa:48:2a:c4:63:62:d8:5e:05:8e:fa:f6:de:67:
b8:1a:80:71:26:e7:2f:44:61:ef:9c:f7:ac:42:07:
6f:70:c6:ba:4b:dc:00:29:82:0d:c2:c8:54:6f:e9:
a6:a7:53:b2:80:de:38:82:19:c7:fb:18:93:b1:43:
51:2a:ae:8b:ab:26:3b:dd:cb:ad:5b:77:49:eb:79:
a1:ca:01:02:d6:4b:d5:fd:f7:1d:09:fa:07:99:da:
70:6c:15:6c:6e:63:32:a9:9c:84:0e:ca:d4:96:f3:
e4:61:bc:88:22:32:3f:ee:1d:a6:29:3c:3c:91:ff:
03:2b:33:fe:3a:10:12:aa:9d:ef:42:26:ca:85:61:
1b:5b:22:94:36:72:89:de:c6:dc:65:00:5b:88:8c:
e5:bf:d3:39:84:f2:83:cd:c7:f5:10:9d:19:1f:2b:
91:57:0e:9f:2b:82:97:c7:7d:c3:28:2c:ce:66:1f:
2a:0e:1c:5e:3e:d9:24:69:dd:11:f9:b2:9d:7c:e2:
d9:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:4E:93:38:F4:AC:22:FA:0F:11:F1:71:43:CF:9E:39:EF:43:41:5F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d18fde79-f555-4173-b698-355d8129ae53.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.0.0/19
Signature Algorithm: sha256WithRSAEncryption
b1:b0:75:8c:ff:14:4d:04:2f:8e:e6:dc:e5:5f:f5:66:ae:05:
9d:bb:2b:47:ea:7a:27:d0:ae:6e:47:6d:d4:11:92:7a:0d:d1:
c3:2d:97:60:7b:08:d0:ae:03:b6:68:a5:17:81:ce:9f:11:60:
03:c1:c0:30:ec:fa:36:40:c9:b9:4f:11:fb:0f:52:88:c3:be:
c3:25:73:8d:98:d3:8e:e6:6b:ba:5a:79:02:7f:30:01:a6:84:
7a:4e:fd:a3:25:35:0c:c9:ca:35:eb:09:97:3e:49:9d:be:39:
65:9d:3f:a8:d3:61:fd:af:66:6f:9a:00:81:3d:c6:2d:55:98:
3e:3b:56:90:f0:18:b9:05:cb:37:50:a7:f1:0f:79:3d:b7:72:
6c:7f:12:7b:b6:d6:9a:66:a2:18:9a:0c:b0:89:6d:81:5d:ea:
dc:95:bb:64:37:2c:62:2b:94:1e:f3:8d:69:95:12:17:52:5b:
b0:73:30:d1:4f:b6:e5:eb:5a:a3:82:17:95:4c:50:ca:8c:05:
90:f5:3b:ac:a7:e3:2a:b0:dd:74:ab:7d:1c:7a:25:c7:b3:be:
54:1a:9e:8f:5a:0b:67:d5:0b:66:4f:a3:f7:21:ef:1b:1c:3d:
70:24:6f:11:ec:05:91:fd:61:02:00:a6:eb:0a:b5:d4:9e:5a:
79:11:8c:ac
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUYGOlZCALY6Kp+wuvKDHnj0E2tIAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4MDNjY2JkNGUxNTFlNzkwNTExNTBkNjc2NDI0YmY5MjAyMzhjMTgwZjcy
NWFkZjZjYTA3MTdkYTBhMWU1MjgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI7INimrnUInXpkeCkob2iDVCBgzua2UFnkd5LSMm/XQjla5d1Nm0WkyB8Sv
Rw7RG1iHWfbh6nrkXTjCEKpIKsRjYtheBY769t5nuBqAcSbnL0Rh75z3rEIHb3DG
ukvcACmCDcLIVG/ppqdTsoDeOIIZx/sYk7FDUSqui6smO93LrVt3Set5ocoBAtZL
1f33HQn6B5nacGwVbG5jMqmchA7K1Jbz5GG8iCIyP+4dpik8PJH/Aysz/joQEqqd
70ImyoVhG1silDZyid7G3GUAW4iM5b/TOYTyg83H9RCdGR8rkVcOnyuCl8d9wygs
zmYfKg4cXj7ZJGndEfmynXzi2aECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQaTpM4
9Kwi+g8R8XFDz54570NBXzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDE4ZmRlNzktZjU1NS00MTczLWI2OTgtMzU1ZDgxMjlhZTUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBTMAADAN
BgkqhkiG9w0BAQsFAAOCAQEAsbB1jP8UTQQvjubc5V/1Zq4FnbsrR+p6J9Cubkdt
1BGSeg3Rwy2XYHsI0K4DtmilF4HOnxFgA8HAMOz6NkDJuU8R+w9SiMO+wyVzjZjT
juZrulp5An8wAaaEek79oyU1DMnKNesJlz5Jnb45ZZ0/qNNh/a9mb5oAgT3GLVWY
PjtWkPAYuQXLN1Cn8Q95PbdybH8Se7bWmmaiGJoMsIltgV3q3JW7ZDcsYiuUHvON
aZUSF1JbsHMw0U+25etao4IXlUxQyowFkPU7rKfjKrDddKt9HHolx7O+VBqej1oL
Z9ULZk+j9yHvGxw9cCRvEewFkf1hAgCm6wq11J5aeRGMrA==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org