Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de2bba33-294e-4f48-b36f-b2ba0435d372.roa
File: de2bba33-294e-4f48-b36f-b2ba0435d372.roa (raw, json)
Hash identifier: JfHF7odD7Iove3S2XLDKQG8yhvRxC7/55pkGmPSAAmc=
Subject key identifier: 75:48:43:B3:5B:FA:E8:42:EB:D5:DF:98:9A:2D:1E:28:11:07:9C:7E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7D57D8D1A743637244E1F67E9E17FD5C196DCFC3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de2bba33-294e-4f48-b36f-b2ba0435d372.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.110.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:57:d8:d1:a7:43:63:72:44:e1:f6:7e:9e:17:fd:5c:19:6d:cf:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=182de55e79e090c3dc0132d929b0df703d0c06387c03ec3383c1ef15a6218a34, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:40:99:cc:bc:32:34:da:29:4d:ad:34:b3:8f:
60:29:da:57:da:43:d1:43:ce:23:31:40:7b:97:9a:
24:95:b7:aa:a5:2d:33:7b:b5:49:1a:3f:a3:ff:58:
f3:d7:58:56:24:86:cf:d1:fd:78:73:ab:fe:54:b3:
47:c0:b7:e2:d8:18:5f:dc:44:3b:df:37:7c:e4:12:
82:c4:3e:ea:a7:eb:3e:d7:58:49:27:db:d0:06:11:
28:0b:60:c7:7b:ca:c7:34:5f:a0:8c:43:22:c2:94:
d9:69:ea:9a:44:76:55:8e:33:55:a9:e0:81:a2:22:
06:30:27:3a:a0:cd:33:36:17:5f:15:db:95:8f:b5:
a9:43:ea:30:d6:df:c1:8e:9b:0a:68:ed:b8:70:02:
ce:c1:d4:9a:c6:a1:35:47:bf:a1:9d:86:10:60:59:
d0:11:89:ea:58:b7:43:99:ec:7b:f4:5a:81:81:50:
3c:34:6e:54:80:38:ae:9a:e0:35:fa:82:14:3d:3d:
9a:67:2d:45:4b:0f:0c:74:25:34:d7:46:cb:fb:b1:
dd:cc:d2:43:75:fb:b9:5b:cd:a7:0f:22:ad:6c:dd:
36:23:bc:4a:cb:f1:e2:cf:c5:a2:21:d0:3a:9a:2f:
4f:f6:28:97:59:d5:2a:16:05:72:bf:ad:70:9c:3c:
63:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:48:43:B3:5B:FA:E8:42:EB:D5:DF:98:9A:2D:1E:28:11:07:9C:7E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de2bba33-294e-4f48-b36f-b2ba0435d372.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.110.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3d:87:3f:5a:de:47:4a:1a:93:8c:21:8e:94:49:18:dd:61:5d:
96:a8:ec:24:b2:40:dd:b4:a8:aa:75:0d:74:4e:44:75:77:b3:
98:dd:e9:47:3f:ce:87:3d:4a:20:c7:3e:87:74:2d:a2:b3:5d:
4f:1a:45:48:f9:02:c5:c5:96:9c:3a:e1:0f:02:c8:98:d0:d0:
6a:c1:4e:6e:99:02:02:65:ad:68:44:47:e2:a0:b4:3e:c9:de:
4e:18:ee:b9:8d:29:52:f6:37:f5:03:f0:cb:4a:4c:7b:0f:4b:
e9:c5:61:a6:65:91:43:e1:ce:c6:fc:14:ba:80:df:49:02:a5:
bd:5b:a6:72:e4:a8:26:d5:57:39:ee:8d:b2:05:a0:45:e3:1a:
cc:ad:71:77:60:1e:ab:36:be:fe:e9:ef:c1:21:2b:ba:99:1c:
36:f9:9d:d3:e3:92:a2:00:35:6d:b8:02:e4:44:c6:d1:1b:1a:
b9:7b:d0:a4:d6:40:54:30:58:82:65:58:97:db:18:71:5f:26:
ea:5c:a4:71:ba:7c:19:83:5f:cb:1e:a3:9d:30:88:2b:4d:25:
e0:f7:c3:ff:b7:b6:d3:a0:11:ce:ce:e9:70:61:09:14:7b:01:
b7:ac:fe:3d:4e:de:21:76:73:1e:7d:ec:b4:0e:2a:36:a8:b4:
4d:cf:aa:bd
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfVfY0adDY3JE4fZ+nhf9XBltz8MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4MmRlNTVlNzllMDkwYzNkYzAxMzJkOTI5YjBkZjcwM2QwYzA2Mzg3YzAz
ZWMzMzgzYzFlZjE1YTYyMThhMzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1Amcy8MjTaKU2tNLOPYCnaV9pD0UPOIzFAe5eaJJW3qqUtM3u1SRo/o/9Y
89dYViSGz9H9eHOr/lSzR8C34tgYX9xEO983fOQSgsQ+6qfrPtdYSSfb0AYRKAtg
x3vKxzRfoIxDIsKU2WnqmkR2VY4zVanggaIiBjAnOqDNMzYXXxXblY+1qUPqMNbf
wY6bCmjtuHACzsHUmsahNUe/oZ2GEGBZ0BGJ6li3Q5nse/RagYFQPDRuVIA4rprg
NfqCFD09mmctRUsPDHQlNNdGy/ux3czSQ3X7uVvNpw8irWzdNiO8Ssvx4s/FoiHQ
OpovT/Yol1nVKhYFcr+tcJw8YysCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR1SEOz
W/roQuvV35iaLR4oEQecfjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGUyYmJhMzMtMjk0ZS00ZjQ4LWIzNmYtYjJiYTA0MzVkMzcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNuMA0G
CSqGSIb3DQEBCwUAA4IBAQA9hz9a3kdKGpOMIY6USRjdYV2WqOwkskDdtKiqdQ10
TkR1d7OY3elHP86HPUogxz6HdC2is11PGkVI+QLFxZacOuEPAsiY0NBqwU5umQIC
Za1oREfioLQ+yd5OGO65jSlS9jf1A/DLSkx7D0vpxWGmZZFD4c7G/BS6gN9JAqW9
W6Zy5Kgm1Vc57o2yBaBF4xrMrXF3YB6rNr7+6e/BISu6mRw2+Z3T45KiADVtuALk
RMbRGxq5e9Ck1kBUMFiCZViX2xhxXybqXKRxunwZg1/LHqOdMIgrTSXg98P/t7bT
oBHOzulwYQkUewG3rP49Tt4hdnMefey0Dio2qLRNz6q9
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:14 2024 by rpki-client on console-ams.rpki-client.org