Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/da784055-12b4-4572-86a3-e152a8681c7c.roa
File: da784055-12b4-4572-86a3-e152a8681c7c.roa (raw, json)
Hash identifier: QU6FyJHZ1hK8b8iFqfZGDUU5eaBF6tHuC4nCavUyA6A=
Subject key identifier: 14:10:61:95:B0:DE:77:1D:77:B2:01:31:0E:0C:59:E5:22:11:E5:5C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3A307FDD152D6618F0D8438FF91CA3293F5468DA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/da784055-12b4-4572-86a3-e152a8681c7c.roa
Signing time: Tue 11 Jun 2024 00:00:00 +0000
ROA not before: Tue 11 Jun 2024 00:00:00 +0000
ROA not after: Tue 16 Jul 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:30:7f:dd:15:2d:66:18:f0:d8:43:8f:f9:1c:a3:29:3f:54:68:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 11 00:00:00 2024 GMT
Not After : Jul 16 23:59:59 2024 GMT
Subject: serialNumber=07624ee79d59c2f117a9421b58c71b22ac2df918f78ba4185294b0764f8fc2d8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:9c:fc:4c:ef:1d:89:48:68:28:d7:a5:eb:13:
a7:19:a9:0f:40:6f:41:64:f7:a8:23:82:ba:5e:a6:
6e:01:fa:19:8b:5a:e4:d9:15:45:95:d5:39:1b:6e:
bc:6e:b6:09:8c:a7:05:a9:ff:97:47:f8:7f:43:cf:
97:81:3d:81:97:27:29:dd:14:51:34:14:c5:d6:b0:
88:1f:dc:5f:26:c4:d1:96:a7:bb:b0:a3:e6:46:12:
41:6b:65:27:ac:2f:6d:37:5a:a6:15:39:e4:bd:a2:
a1:3c:59:73:6d:37:34:38:a8:88:c8:53:3c:9b:e3:
f9:2c:bf:cb:a7:8c:f7:a6:45:11:61:6a:c1:a8:58:
15:62:33:a3:3b:f3:8f:42:16:89:95:31:0f:e7:a2:
6c:31:8c:41:91:c0:f6:51:07:91:7e:51:5c:dd:f7:
1e:1b:81:11:75:ef:75:3a:b8:c9:7a:cf:d5:a1:74:
50:c7:35:24:ed:54:02:e2:32:bb:60:13:ca:68:98:
81:0b:fd:a3:6f:de:81:a4:f2:8a:78:16:ae:33:77:
b3:f2:4e:e7:73:30:e2:02:71:18:9b:42:31:7a:6c:
86:53:dd:c1:44:fd:86:fe:23:eb:95:8b:c5:a6:19:
e5:10:60:93:04:61:0f:3a:92:0b:d6:d5:a6:76:c4:
1e:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:10:61:95:B0:DE:77:1D:77:B2:01:31:0E:0C:59:E5:22:11:E5:5C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/da784055-12b4-4572-86a3-e152a8681c7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
14:4d:9e:c9:a8:4a:67:fd:c0:3f:e4:e3:cc:ef:80:38:1b:1f:
93:c4:20:25:06:db:c2:4f:d4:89:d9:2f:78:3c:44:30:e9:c0:
48:9b:27:97:9f:aa:42:bb:24:3f:f3:c1:53:cf:6b:d3:0b:cb:
5e:bf:84:d7:a7:94:7d:d0:ad:63:c0:e0:91:62:bf:bb:39:dd:
25:46:b0:83:5c:6d:2a:50:1e:37:90:08:0a:a1:2a:c8:ad:67:
01:68:f3:37:ce:a2:9e:13:eb:63:6d:1d:15:bb:ec:7b:01:04:
d0:ac:1c:a8:83:24:cf:67:e4:e1:9a:33:87:21:be:58:8e:c0:
80:df:a1:15:60:a2:a2:0c:5f:35:a9:07:a7:e0:54:5a:62:d1:
87:02:de:eb:3e:20:9a:ac:33:fa:53:1d:1b:81:36:3f:80:67:
df:3b:8d:be:05:f5:9e:d0:d2:1d:5a:2b:1f:49:1c:cc:b0:31:
7c:6c:bd:8d:a5:87:d2:33:81:f4:0a:ab:d3:14:44:b7:e7:7e:
8a:18:1f:40:e5:14:23:61:55:7a:1a:62:e4:1b:2e:ee:80:a8:
4d:f2:7c:d0:45:40:b5:da:51:c1:af:39:10:fa:0d:e4:bd:e6:
ae:8f:21:08:75:bd:37:45:b1:01:25:1d:e3:14:23:06:d2:c5:
17:43:17:c5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOjB/3RUtZhjw2EOP+RyjKT9UaNowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTEwMDAwMDBaFw0yNDA3MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDA3NjI0ZWU3OWQ1OWMyZjExN2E5NDIxYjU4YzcxYjIyYWMyZGY5MThmNzhi
YTQxODUyOTRiMDc2NGY4ZmMyZDgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANWc/EzvHYlIaCjXpesTpxmpD0BvQWT3qCOCul6mbgH6GYta5NkVRZXVORtu
vG62CYynBan/l0f4f0PPl4E9gZcnKd0UUTQUxdawiB/cXybE0Zanu7Cj5kYSQWtl
J6wvbTdaphU55L2ioTxZc203NDioiMhTPJvj+Sy/y6eM96ZFEWFqwahYFWIzozvz
j0IWiZUxD+eibDGMQZHA9lEHkX5RXN33HhuBEXXvdTq4yXrP1aF0UMc1JO1UAuIy
u2ATymiYgQv9o2/egaTyingWrjN3s/JO53Mw4gJxGJtCMXpshlPdwUT9hv4j65WL
xaYZ5RBgkwRhDzqSC9bVpnbEHlECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQUEGGV
sN53HXeyATEODFnlIhHlXDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGE3ODQwNTUtMTJiNC00NTcyLTg2YTMtZTE1MmE4NjgxYzdjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBjMAQDAN
BgkqhkiG9w0BAQsFAAOCAQEAFE2eyahKZ/3AP+TjzO+AOBsfk8QgJQbbwk/Uidkv
eDxEMOnASJsnl5+qQrskP/PBU89r0wvLXr+E16eUfdCtY8DgkWK/uzndJUawg1xt
KlAeN5AICqEqyK1nAWjzN86inhPrY20dFbvsewEE0KwcqIMkz2fk4ZozhyG+WI7A
gN+hFWCiogxfNakHp+BUWmLRhwLe6z4gmqwz+lMdG4E2P4Bn3zuNvgX1ntDSHVor
H0kczLAxfGy9jaWH0jOB9Aqr0xREt+d+ihgfQOUUI2FVehpi5Bsu7oCoTfJ80EVA
tdpRwa85EPoN5L3mro8hCHW9N0WxASUd4xQjBtLFF0MXxQ==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org