Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc85da0f-0832-49be-86a7-ca4e42c3e0c2.roa
File: dc85da0f-0832-49be-86a7-ca4e42c3e0c2.roa (raw, json)
Hash identifier: siWsJbTqYoi9Z64xrF1K9s1nqhtHWstVtPWLEqvjrDQ=
Subject key identifier: 39:FB:21:F6:C9:48:64:28:5D:EB:52:C8:20:6E:46:B6:D8:80:74:3F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 65568948DDE444EE5AB5EAFA93209AF1FBBA30A8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc85da0f-0832-49be-86a7-ca4e42c3e0c2.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.76.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:56:89:48:dd:e4:44:ee:5a:b5:ea:fa:93:20:9a:f1:fb:ba:30:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=2ff9827aa402f9e58795d60138b279fe0b19c52c7176a98c89be764a62bcc70a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:7d:ad:f9:ad:4f:15:13:43:1e:44:71:61:db:
a4:ae:1f:2c:0b:98:53:f3:4d:c6:0c:05:b9:ab:d9:
6e:32:b5:26:3b:7f:f4:1b:a6:a8:27:f1:4a:6b:a5:
9c:8d:4f:ad:71:63:27:4e:2d:ca:39:c5:39:57:b0:
0c:89:a0:80:db:76:60:aa:68:0f:8c:92:28:87:2b:
c5:a8:ad:1e:6f:a4:80:c4:47:15:92:49:47:ac:6e:
9e:c8:e5:a0:01:c5:b2:55:ab:25:48:f1:28:dc:4e:
72:c6:25:90:ba:86:9d:2a:02:9e:52:bd:df:25:fe:
92:f1:cb:f7:00:5d:7a:95:c0:a2:1e:4d:23:a4:68:
ad:70:4c:2d:21:bf:50:ac:a7:cb:8c:01:67:8b:a2:
3f:28:f8:64:8b:1a:2a:45:d4:a7:a6:3d:9e:c9:a0:
cc:73:5a:44:14:56:06:3e:84:0d:68:65:66:b2:18:
b8:ba:bc:70:0a:b1:99:07:58:ce:cf:7b:c0:e4:1d:
84:9d:a6:ba:40:b2:a8:e3:ef:01:5b:b2:0d:11:ab:
68:92:83:1a:cf:4b:53:8a:2f:ba:82:8e:8c:6b:10:
ec:b5:73:e6:f0:8e:21:30:df:0a:eb:4d:39:12:43:
39:94:ca:82:7c:a5:18:dd:b0:8b:16:7c:26:89:a0:
07:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:FB:21:F6:C9:48:64:28:5D:EB:52:C8:20:6E:46:B6:D8:80:74:3F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc85da0f-0832-49be-86a7-ca4e42c3e0c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.76.0.0/16
Signature Algorithm: sha256WithRSAEncryption
16:68:b5:2f:1c:d2:fb:64:96:ae:43:56:69:80:8e:7e:9c:07:
39:e4:48:a3:28:ce:67:ea:82:76:53:9e:3c:33:79:2a:6e:0a:
20:06:d0:48:fb:de:7b:49:8b:59:95:72:ca:3f:8d:5f:c6:dd:
60:53:be:5b:63:a9:af:17:96:c6:2b:98:ef:d3:10:73:29:65:
68:06:18:2c:3e:78:aa:85:05:bc:eb:03:96:6f:24:4d:c0:e6:
e9:b8:ef:6f:95:1d:a5:7d:4d:fe:cf:6b:c8:a6:cb:21:44:f7:
75:43:0b:03:7a:4c:e8:a3:79:3c:05:36:48:64:d4:a7:0b:05:
97:2c:82:4a:c7:6e:3b:61:dd:dc:56:26:42:85:c1:3a:e9:87:
af:3e:93:12:05:41:cf:78:c8:51:60:f7:6b:22:9b:e3:53:92:
6e:7d:ea:bc:f5:2e:a1:d6:04:06:22:e4:2f:84:dc:e7:4d:db:
ba:db:fd:f7:ec:12:e7:e5:5d:bd:09:2f:24:2d:ae:fe:6f:a8:
dd:86:73:c7:a9:03:e4:48:36:e5:af:da:b6:84:25:c8:49:bd:
c0:61:bd:4d:48:de:04:5a:83:4f:28:3a:a9:b8:19:e4:77:42:
45:59:87:e2:4b:ec:fc:26:65:76:98:3b:33:2f:59:7a:1d:02:
f0:ea:75:53
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZVaJSN3kRO5ater6kyCa8fu6MKgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmZjk4MjdhYTQwMmY5ZTU4Nzk1ZDYwMTM4YjI3OWZlMGIxOWM1MmM3MTc2
YTk4Yzg5YmU3NjRhNjJiY2M3MGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKp9rfmtTxUTQx5EcWHbpK4fLAuYU/NNxgwFuavZbjK1Jjt/9BumqCfxSmul
nI1PrXFjJ04tyjnFOVewDImggNt2YKpoD4ySKIcrxaitHm+kgMRHFZJJR6xunsjl
oAHFslWrJUjxKNxOcsYlkLqGnSoCnlK93yX+kvHL9wBdepXAoh5NI6RorXBMLSG/
UKyny4wBZ4uiPyj4ZIsaKkXUp6Y9nsmgzHNaRBRWBj6EDWhlZrIYuLq8cAqxmQdY
zs97wOQdhJ2mukCyqOPvAVuyDRGraJKDGs9LU4ovuoKOjGsQ7LVz5vCOITDfCutN
ORJDOZTKgnylGN2wixZ8JomgB9sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ5+yH2
yUhkKF3rUsggbka22IB0PzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGM4NWRhMGYtMDgzMi00OWJlLTg2YTctY2E0ZTQyYzNlMGMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNMMA0G
CSqGSIb3DQEBCwUAA4IBAQAWaLUvHNL7ZJauQ1ZpgI5+nAc55EijKM5n6oJ2U548
M3kqbgogBtBI+957SYtZlXLKP41fxt1gU75bY6mvF5bGK5jv0xBzKWVoBhgsPniq
hQW86wOWbyRNwObpuO9vlR2lfU3+z2vIpsshRPd1QwsDekzoo3k8BTZIZNSnCwWX
LIJKx247Yd3cViZChcE66YevPpMSBUHPeMhRYPdrIpvjU5Jufeq89S6h1gQGIuQv
hNznTdu62/337BLn5V29CS8kLa7+b6jdhnPHqQPkSDblr9q2hCXISb3AYb1NSN4E
WoNPKDqpuBnkd0JFWYfiS+z8JmV2mDszL1l6HQLw6nVT
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:14 2024 by rpki-client on console-ams.rpki-client.org