Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e604171a-9903-4e3b-a4cb-a0ae0a21f49a.roa
File: e604171a-9903-4e3b-a4cb-a0ae0a21f49a.roa (raw, json)
Hash identifier: joZOZumTnRMQ+KoVZc4DaCeacDKag9jF4jL2F+NlYS0=
Subject key identifier: F7:4D:B9:FB:86:CF:91:8D:86:73:9B:7A:22:8F:61:9B:63:62:C5:2C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 13DC60E42078C5D8D1B538F6447E2DC9E63DAD16
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e604171a-9903-4e3b-a4cb-a0ae0a21f49a.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.102.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:dc:60:e4:20:78:c5:d8:d1:b5:38:f6:44:7e:2d:c9:e6:3d:ad:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=0bb4ce43145da1ad3f12070a24240f3f96a893c13c7a6f8bb9f611b6938943e5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:7e:b5:86:90:bd:ee:15:74:60:76:7f:a1:5a:
74:46:01:9a:71:60:74:12:61:23:83:6d:ad:b5:64:
ca:6a:9c:13:c8:02:b7:54:55:26:33:69:b1:bc:35:
94:55:70:1b:98:5f:58:4c:0c:07:50:d2:3f:8a:bd:
13:58:fa:13:38:4d:29:dc:b3:3f:46:3d:a1:50:d8:
f4:55:da:6c:22:42:a5:b3:ae:6c:00:62:84:67:60:
a0:ca:ca:13:e5:27:65:8e:ea:24:89:8d:65:2c:ad:
14:da:04:f4:11:a0:91:cd:93:79:eb:9f:76:a0:ae:
5d:4a:6c:b4:c4:63:ac:b8:ad:73:69:5e:51:36:2e:
65:8e:f2:f3:82:b1:73:36:4a:cd:37:4a:f2:35:8a:
0f:7d:be:7e:de:18:24:d6:bb:a0:2b:1e:a5:ab:5b:
01:fe:a3:fe:f4:3d:93:61:cb:9a:ca:97:e4:23:c3:
c4:a9:d1:c9:18:cd:ea:51:6c:30:93:71:ab:a6:b6:
0c:a5:ce:d7:3c:8b:78:ba:19:82:5f:8d:54:22:08:
21:b9:8a:60:6c:0e:e6:62:22:40:d9:33:37:94:22:
4c:ee:df:cd:3a:51:c0:9e:0e:09:55:1a:a8:c7:d9:
ce:cd:96:da:bf:2f:a4:64:0b:81:b0:5c:ec:5a:64:
36:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:4D:B9:FB:86:CF:91:8D:86:73:9B:7A:22:8F:61:9B:63:62:C5:2C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e604171a-9903-4e3b-a4cb-a0ae0a21f49a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.102.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6d:19:78:e6:66:a8:8a:6b:01:da:83:f4:92:55:9c:89:d3:60:
57:2e:ca:bf:b3:ef:c8:f7:0b:40:78:db:5f:31:c5:e6:76:4e:
58:ff:f1:1d:c1:79:c8:9e:2f:11:e1:58:77:98:9c:01:74:da:
fe:89:5b:fc:6d:df:7d:98:51:0d:4a:a0:a1:12:64:a6:af:81:
b6:78:83:47:04:31:78:d1:8d:99:02:dc:e4:de:46:20:24:ed:
99:21:cc:fa:58:40:54:da:10:ff:19:6f:04:39:de:3d:1c:ae:
a4:6d:b2:62:02:21:c1:e9:60:95:6c:38:c4:1a:bb:1e:25:6d:
af:30:f1:17:5e:9e:da:33:34:6e:38:b8:7c:8e:52:20:53:26:
45:52:b7:2c:92:b1:cb:fb:fe:4a:61:f9:36:89:2d:00:d9:7c:
44:85:4c:d7:d0:4d:8e:a8:d0:ca:2d:7c:47:49:94:22:e3:e8:
74:36:11:08:9d:c0:89:02:de:80:1d:47:8e:a4:92:6b:a8:1b:
95:a0:08:12:59:e7:da:1d:ed:d6:91:3c:78:9e:98:04:08:91:
34:91:13:dd:ce:a4:bd:8c:9a:8f:1a:7a:a3:5f:a3:27:86:58:
8d:50:6c:52:3d:ae:87:12:b3:1e:54:0f:56:81:b8:10:55:14:
ac:88:86:51
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUE9xg5CB4xdjRtTj2RH4tyeY9rRYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjIwMDAwMDBaFw0yNDA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDBiYjRjZTQzMTQ1ZGExYWQzZjEyMDcwYTI0MjQwZjNmOTZhODkzYzEzYzdh
NmY4YmI5ZjYxMWI2OTM4OTQzZTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOl+tYaQve4VdGB2f6FadEYBmnFgdBJhI4NtrbVkymqcE8gCt1RVJjNpsbw1
lFVwG5hfWEwMB1DSP4q9E1j6EzhNKdyzP0Y9oVDY9FXabCJCpbOubABihGdgoMrK
E+UnZY7qJImNZSytFNoE9BGgkc2TeeufdqCuXUpstMRjrLitc2leUTYuZY7y84Kx
czZKzTdK8jWKD32+ft4YJNa7oCsepatbAf6j/vQ9k2HLmsqX5CPDxKnRyRjN6lFs
MJNxq6a2DKXO1zyLeLoZgl+NVCIIIbmKYGwO5mIiQNkzN5QiTO7fzTpRwJ4OCVUa
qMfZzs2W2r8vpGQLgbBc7FpkNnUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT3Tbn7
hs+RjYZzm3oij2GbY2LFLDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTYwNDE3MWEtOTkwMy00ZTNiLWE0Y2ItYTBhZTBhMjFmNDlhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNmMA0G
CSqGSIb3DQEBCwUAA4IBAQBtGXjmZqiKawHag/SSVZyJ02BXLsq/s+/I9wtAeNtf
McXmdk5Y//EdwXnIni8R4Vh3mJwBdNr+iVv8bd99mFENSqChEmSmr4G2eINHBDF4
0Y2ZAtzk3kYgJO2ZIcz6WEBU2hD/GW8EOd49HK6kbbJiAiHB6WCVbDjEGrseJW2v
MPEXXp7aMzRuOLh8jlIgUyZFUrcskrHL+/5KYfk2iS0A2XxEhUzX0E2OqNDKLXxH
SZQi4+h0NhEIncCJAt6AHUeOpJJrqBuVoAgSWefaHe3WkTx4npgECJE0kRPdzqS9
jJqPGnqjX6MnhliNUGxSPa6HErMeVA9WgbgQVRSsiIZR
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:14 2024 by rpki-client on console-ams.rpki-client.org