Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d39ed330-73e8-4df6-a6f4-8766e2e6190e.roa
File: d39ed330-73e8-4df6-a6f4-8766e2e6190e.roa (raw, json)
Hash identifier: LIYPgTeJc9oUrX367KuXPPs0GfJPm2mdPGXbbNVQfjg=
Subject key identifier: BE:97:09:4B:DB:AA:55:2B:2F:EF:BE:37:D3:4C:02:54:D9:EF:14:E3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6E31359F85510E99194D6BB25D71D04F6FEF3584
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d39ed330-73e8-4df6-a6f4-8766e2e6190e.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.0.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:31:35:9f:85:51:0e:99:19:4d:6b:b2:5d:71:d0:4f:6f:ef:35:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=65213fa2969d6338b2dbc1a81c2221cd6f108e0d67818d403a2fd2da0aa23422, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c3:c4:69:72:b6:92:cb:f5:97:a4:73:ba:08:
99:48:94:5a:a5:11:ff:2e:22:a6:a6:7d:0a:eb:dc:
72:e7:ad:e7:e6:f5:9a:20:4e:13:b4:14:69:64:91:
a0:e6:54:94:85:e0:ba:2b:ee:e5:53:dc:42:c4:a3:
28:f2:78:bf:1d:e7:8a:2c:14:34:35:53:81:d1:19:
45:af:d1:4a:4b:8b:0d:ff:ad:2e:0d:60:6d:1c:35:
aa:93:c2:8c:b8:d0:27:ed:a0:ef:4f:90:f2:87:3c:
57:0e:f3:ee:8e:b4:8f:5c:c8:d0:b5:bc:b5:62:b8:
e6:83:8f:93:94:2e:02:7d:bc:f4:37:fb:82:4f:a7:
65:27:7d:4f:36:96:75:24:bf:26:5d:ca:e1:3f:f4:
5c:e2:86:5f:70:ad:0f:88:ed:f1:2f:9c:93:09:1a:
be:82:38:3c:c6:4b:09:1d:bb:90:66:af:e0:94:1a:
5d:20:2a:c3:a3:38:4e:04:fa:8e:b0:cb:d6:bb:03:
dc:19:88:9f:35:97:2c:22:f7:45:b6:3f:bf:e7:93:
75:11:81:9a:0d:84:6f:7d:36:e3:4d:a2:f4:a8:0a:
a4:82:1b:67:7c:c0:48:ca:e3:1b:95:78:18:5c:b2:
12:86:44:e4:3a:6e:9e:7c:cb:8b:65:be:f4:29:ab:
23:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:97:09:4B:DB:AA:55:2B:2F:EF:BE:37:D3:4C:02:54:D9:EF:14:E3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d39ed330-73e8-4df6-a6f4-8766e2e6190e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.32.0/19
Signature Algorithm: sha256WithRSAEncryption
26:b3:5b:f3:95:61:24:a8:20:21:a8:bf:fc:bd:0a:af:58:0a:
9c:bd:6b:07:84:e2:7a:8a:a3:3a:19:bf:5d:29:45:c3:8f:c6:
ae:b7:9d:37:71:52:1d:04:08:31:8f:34:ee:2b:9c:4a:73:70:
2a:27:d5:e3:c9:4f:e2:d6:06:51:7d:f5:de:e9:33:d6:59:f9:
87:24:f7:b8:bc:3b:de:0e:61:04:a6:bf:b1:49:ca:d2:25:cb:
07:a2:95:3f:19:47:5f:ba:f1:5b:8b:c3:ad:27:5f:70:f3:5c:
d8:6f:61:4c:dd:25:a5:e1:f5:86:00:31:7a:2d:f5:83:be:12:
4b:40:13:e9:93:00:f3:67:51:90:a6:26:04:01:28:d6:35:96:
ad:96:40:92:13:f2:7f:07:71:c3:44:d9:4f:4f:8b:41:fd:73:
c9:c8:d6:24:25:d2:98:3f:6b:5e:92:08:9a:35:c8:96:7a:68:
5a:d6:4b:dc:b9:3c:5d:6b:b1:97:b8:48:28:04:f3:2e:0d:1f:
cb:a7:e0:5a:8e:b9:2d:bd:48:f4:c7:d7:3e:79:39:51:e3:be:
3b:26:02:99:0d:de:2e:d1:89:f0:61:97:17:67:54:93:11:4f:
a8:8f:eb:ea:d9:e2:4d:77:db:cd:a3:e3:15:6e:46:98:6e:17:
72:25:45:8a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUbjE1n4VRDpkZTWuyXXHQT2/vNYQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1MjEzZmEyOTY5ZDYzMzhiMmRiYzFhODFjMjIyMWNkNmYxMDhlMGQ2Nzgx
OGQ0MDNhMmZkMmRhMGFhMjM0MjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMDDxGlytpLL9Zekc7oImUiUWqUR/y4ipqZ9Cuvccuet5+b1miBOE7QUaWSR
oOZUlIXguivu5VPcQsSjKPJ4vx3niiwUNDVTgdEZRa/RSkuLDf+tLg1gbRw1qpPC
jLjQJ+2g70+Q8oc8Vw7z7o60j1zI0LW8tWK45oOPk5QuAn289Df7gk+nZSd9TzaW
dSS/Jl3K4T/0XOKGX3CtD4jt8S+ckwkavoI4PMZLCR27kGav4JQaXSAqw6M4TgT6
jrDL1rsD3BmInzWXLCL3RbY/v+eTdRGBmg2Eb302402i9KgKpIIbZ3zASMrjG5V4
GFyyEoZE5DpunnzLi2W+9CmrIyUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS+lwlL
26pVKy/vvjfTTAJU2e8U4zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDM5ZWQzMzAtNzNlOC00ZGY2LWE2ZjQtODc2NmUyZTYxOTBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBTMAIDAN
BgkqhkiG9w0BAQsFAAOCAQEAJrNb85VhJKggIai//L0Kr1gKnL1rB4TieoqjOhm/
XSlFw4/GrredN3FSHQQIMY807iucSnNwKifV48lP4tYGUX313ukz1ln5hyT3uLw7
3g5hBKa/sUnK0iXLB6KVPxlHX7rxW4vDrSdfcPNc2G9hTN0lpeH1hgAxei31g74S
S0AT6ZMA82dRkKYmBAEo1jWWrZZAkhPyfwdxw0TZT0+LQf1zycjWJCXSmD9rXpII
mjXIlnpoWtZL3Lk8XWuxl7hIKATzLg0fy6fgWo65Lb1I9MfXPnk5UeO+OyYCmQ3e
LtGJ8GGXF2dUkxFPqI/r6tniTXfbzaPjFW5GmG4XciVFig==
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:14 2024 by rpki-client on console-ams.rpki-client.org