Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f09232b8-719a-44e7-87fb-14733ec6c6e8.roa
File: f09232b8-719a-44e7-87fb-14733ec6c6e8.roa (raw, json)
Hash identifier: dpVCN66Nx4sh4pcCOj+3ewMndJQdtZYbU1Ke6sxV6P8=
Subject key identifier: AA:E1:31:26:70:A1:42:E0:4F:2E:EA:9B:F7:91:44:F0:E9:B5:87:77
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0FA33B88AD91699F688B2FBDDD9B144B86FE7E6C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f09232b8-719a-44e7-87fb-14733ec6c6e8.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.34.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:a3:3b:88:ad:91:69:9f:68:8b:2f:bd:dd:9b:14:4b:86:fe:7e:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=7af00d31c6da2b34d551fc77f7994aaf39cadf2a291d3207fa4a2e950c693c5d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8e:c1:33:18:a6:87:a5:be:c9:e0:7b:7e:64:
b3:f9:5b:09:db:65:63:5f:16:a6:ba:ea:36:03:22:
c2:da:f3:da:61:82:29:9d:c8:e2:22:2d:87:19:44:
08:9f:f0:33:6c:af:2b:10:9b:d0:74:e4:32:d0:c1:
01:bd:2d:cb:c7:a5:94:80:5d:f3:32:b9:22:0c:9c:
52:47:cf:f1:cf:57:b5:8e:c0:18:88:f5:5a:91:4b:
b1:fe:6f:5c:2b:34:70:fc:e5:bb:42:7d:4a:57:8b:
91:05:7b:17:48:ec:4a:67:ea:6c:7b:16:78:13:1d:
e3:31:50:6b:e9:c0:ed:b1:9f:7c:89:ba:c1:bd:86:
37:31:00:74:15:f9:1f:44:b1:c8:69:c0:b4:7e:67:
32:de:18:69:f5:b0:d7:03:0d:72:fa:0d:02:a3:4a:
8b:5b:bb:97:f8:78:49:10:88:53:e8:be:ad:da:fd:
11:c4:70:4c:80:d0:fb:ff:c6:13:0b:0b:38:c5:39:
06:d3:15:c9:22:c1:49:17:f4:8f:40:e1:5a:02:47:
10:31:87:7a:69:6d:c4:34:9f:67:ec:07:d4:99:53:
f0:fc:30:58:b3:1a:11:93:ee:3c:53:4f:70:b1:2b:
6c:70:ea:96:bd:aa:41:8f:95:96:ed:01:fa:64:b2:
71:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:E1:31:26:70:A1:42:E0:4F:2E:EA:9B:F7:91:44:F0:E9:B5:87:77
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f09232b8-719a-44e7-87fb-14733ec6c6e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.34.0.0/15
Signature Algorithm: sha256WithRSAEncryption
0a:50:9a:f9:54:0f:95:72:7c:9d:80:85:40:23:d5:28:1e:f6:
c1:12:5e:81:6a:a5:83:1f:86:43:53:3d:bf:de:cd:4a:19:d2:
2e:98:76:eb:97:74:6a:7c:2a:3f:17:42:36:27:5e:c2:b9:ca:
df:30:e1:23:72:43:e0:4a:1f:63:51:f4:dc:c8:97:39:4b:e5:
b3:2c:74:6d:cd:ef:6b:99:d3:4e:51:3c:f4:f8:81:97:64:ab:
9d:ca:4f:ed:3b:e4:da:d8:c4:8d:74:11:6b:bf:ed:4d:63:f9:
c9:8d:93:bd:62:1d:0a:98:52:2a:38:6e:44:8f:96:b8:01:21:
f4:69:31:fe:b8:ed:92:55:40:89:43:f7:c6:fa:9a:f0:e1:d2:
3c:4f:27:24:47:ff:c9:dc:8c:dc:d4:a0:34:ad:10:c8:83:a9:
23:4f:12:e5:79:77:61:a4:10:82:e0:f2:86:b6:dc:75:c7:48:
10:8a:d6:17:1c:7d:c6:54:d3:42:9b:e9:ef:5c:a4:c5:ff:b3:
fe:4e:68:d4:55:85:ae:5b:b3:a3:0f:2e:b2:bc:ad:be:c7:70:
e8:e1:ba:14:07:44:3e:75:11:d9:13:cb:ee:78:8f:68:98:e2:
73:49:46:75:08:f2:13:71:4e:84:ab:97:bc:f4:f2:33:33:a2:
75:d0:72:92
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUD6M7iK2RaZ9oiy+93ZsUS4b+fmwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhZjAwZDMxYzZkYTJiMzRkNTUxZmM3N2Y3OTk0YWFmMzljYWRmMmEyOTFk
MzIwN2ZhNGEyZTk1MGM2OTNjNWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ+OwTMYpoelvsnge35ks/lbCdtlY18WprrqNgMiwtrz2mGCKZ3I4iIthxlE
CJ/wM2yvKxCb0HTkMtDBAb0ty8ellIBd8zK5IgycUkfP8c9XtY7AGIj1WpFLsf5v
XCs0cPzlu0J9SleLkQV7F0jsSmfqbHsWeBMd4zFQa+nA7bGffIm6wb2GNzEAdBX5
H0SxyGnAtH5nMt4YafWw1wMNcvoNAqNKi1u7l/h4SRCIU+i+rdr9EcRwTIDQ+//G
EwsLOMU5BtMVySLBSRf0j0DhWgJHEDGHemltxDSfZ+wH1JlT8PwwWLMaEZPuPFNP
cLErbHDqlr2qQY+Vlu0B+mSycX0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSq4TEm
cKFC4E8u6pv3kUTw6bWHdzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjA5MjMyYjgtNzE5YS00NGU3LTg3ZmItMTQ3MzNlYzZjNmU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMiMA0G
CSqGSIb3DQEBCwUAA4IBAQAKUJr5VA+VcnydgIVAI9UoHvbBEl6BaqWDH4ZDUz2/
3s1KGdIumHbrl3RqfCo/F0I2J17CucrfMOEjckPgSh9jUfTcyJc5S+WzLHRtze9r
mdNOUTz0+IGXZKudyk/tO+Ta2MSNdBFrv+1NY/nJjZO9Yh0KmFIqOG5Ej5a4ASH0
aTH+uO2SVUCJQ/fG+prw4dI8TyckR//J3Izc1KA0rRDIg6kjTxLleXdhpBCC4PKG
ttx1x0gQitYXHH3GVNNCm+nvXKTF/7P+TmjUVYWuW7OjDy6yvK2+x3Do4boUB0Q+
dRHZE8vueI9omOJzSUZ1CPITcU6Eq5e89PIzM6J10HKS
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:40 2024 by rpki-client on console-ams.rpki-client.org