Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/06aca655-45be-4c1b-a8aa-1f048326385e.roa
File: 06aca655-45be-4c1b-a8aa-1f048326385e.roa (raw, json)
Hash identifier: Wx85kq+MX5ImdR+fV4OIBJocUy8VOLRxQXpUaZZJnAc=
Subject key identifier: 5F:46:7B:52:0C:E2:63:55:68:82:A3:D7:63:74:96:93:23:50:8A:6E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4C36DD18610CB8BD6BD19700F6239AB373F08FAF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/06aca655-45be-4c1b-a8aa-1f048326385e.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.206.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:36:dd:18:61:0c:b8:bd:6b:d1:97:00:f6:23:9a:b3:73:f0:8f:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=e4f0260be045e28aa95d7880f0939ba0cbbb22e01677cfeabafe0da3fcaa181e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:4f:9b:91:e4:8b:be:1b:eb:92:f5:56:ee:60:
bc:a1:a1:ec:5e:45:48:dc:67:b2:21:e8:0b:58:79:
49:d3:7e:04:bb:06:53:89:67:eb:9d:4b:fe:f7:e2:
42:4d:4d:18:6e:0b:2f:bf:b4:2a:1f:4b:a0:ed:7b:
c2:92:2c:eb:b9:4d:07:3d:20:46:38:27:8d:9c:d9:
53:14:6d:fc:16:e2:7f:5c:46:7e:06:73:c1:fd:17:
ea:41:e6:04:d9:1d:fb:06:3d:d1:5c:17:ca:57:3c:
d5:e5:1f:3d:c1:a0:21:e8:cd:3f:1a:15:82:06:8a:
f4:fa:05:78:dd:16:73:f3:98:a2:c5:4a:3c:0b:82:
a2:2b:94:4f:25:3b:c5:bb:9b:65:f5:b6:20:de:c0:
6f:f6:2b:f8:69:e3:f5:a3:b7:d4:37:ec:66:25:d0:
db:d9:3e:48:5c:31:cb:68:5b:60:ff:56:d9:7c:12:
cd:5e:5d:e6:03:94:cb:a8:7e:02:25:24:cb:1a:76:
63:94:c3:91:a6:d2:31:33:45:fa:0d:88:ed:a3:70:
51:6f:87:eb:f3:45:b3:e0:cb:9b:e5:fe:c6:bb:33:
f5:85:bd:6b:eb:c5:17:ec:d5:e4:d5:2b:74:70:f7:
da:e9:f3:7a:15:27:c8:ab:80:96:d4:74:b9:ad:4a:
88:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:46:7B:52:0C:E2:63:55:68:82:A3:D7:63:74:96:93:23:50:8A:6E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/06aca655-45be-4c1b-a8aa-1f048326385e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.206.0.0/15
Signature Algorithm: sha256WithRSAEncryption
23:c8:ac:12:b8:b9:bf:1d:41:1e:44:6c:9a:b6:79:b7:95:60:
98:b4:46:38:3f:66:06:cc:a8:a6:db:7f:fd:c6:1e:9e:a0:af:
95:53:56:2a:2a:91:f8:5a:a6:e5:99:e2:2f:a7:b6:75:f3:7e:
1f:4f:56:98:d7:dd:9a:b5:b7:7f:1e:01:90:e3:ff:fd:6f:51:
bd:52:35:7a:57:1d:13:b5:39:48:07:c1:3c:80:fc:db:da:8a:
24:4d:23:f3:10:07:df:90:39:84:c5:b4:6b:ce:46:94:be:21:
d7:30:0d:9a:1a:fb:23:13:a8:09:40:36:f9:21:2d:cf:f9:34:
c5:25:5f:56:ce:e9:92:89:c7:69:79:dc:c1:38:7b:eb:18:6b:
ac:39:5f:60:aa:d1:52:ea:13:ab:b0:43:d4:e9:db:93:a5:51:
a0:a1:89:83:40:6c:de:59:c7:8f:e1:82:6e:65:2a:97:d6:35:
56:b6:2a:1a:b6:1a:88:28:84:7d:18:1b:ed:c7:94:bb:59:c0:
d8:60:4b:a4:2b:77:80:ca:2e:7d:2f:ce:25:04:20:4f:b1:2c:
a7:58:8c:26:00:f0:ad:92:82:d3:29:00:1c:b3:e9:98:1d:63:
3d:5c:59:f8:e0:34:2f:13:8a:cf:84:79:f8:a4:13:07:76:bb:
bd:32:1e:01
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTDbdGGEMuL1r0ZcA9iOas3Pwj68wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjIwMDAwMDBaFw0yNDA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGU0ZjAyNjBiZTA0NWUyOGFhOTVkNzg4MGYwOTM5YmEwY2JiYjIyZTAxNjc3
Y2ZlYWJhZmUwZGEzZmNhYTE4MWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKZPm5Hki74b65L1Vu5gvKGh7F5FSNxnsiHoC1h5SdN+BLsGU4ln651L/vfi
Qk1NGG4LL7+0Kh9LoO17wpIs67lNBz0gRjgnjZzZUxRt/Bbif1xGfgZzwf0X6kHm
BNkd+wY90VwXylc81eUfPcGgIejNPxoVggaK9PoFeN0Wc/OYosVKPAuCoiuUTyU7
xbubZfW2IN7Ab/Yr+Gnj9aO31DfsZiXQ29k+SFwxy2hbYP9W2XwSzV5d5gOUy6h+
AiUkyxp2Y5TDkabSMTNF+g2I7aNwUW+H6/NFs+DLm+X+xrsz9YW9a+vFF+zV5NUr
dHD32unzehUnyKuAltR0ua1KiHkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRfRntS
DOJjVWiCo9djdJaTI1CKbjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDZhY2E2NTUtNDViZS00YzFiLWE4YWEtMWYwNDgzMjYzODVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPOMA0G
CSqGSIb3DQEBCwUAA4IBAQAjyKwSuLm/HUEeRGyatnm3lWCYtEY4P2YGzKim23/9
xh6eoK+VU1YqKpH4WqblmeIvp7Z1834fT1aY192atbd/HgGQ4//9b1G9UjV6Vx0T
tTlIB8E8gPzb2ookTSPzEAffkDmExbRrzkaUviHXMA2aGvsjE6gJQDb5IS3P+TTF
JV9WzumSicdpedzBOHvrGGusOV9gqtFS6hOrsEPU6duTpVGgoYmDQGzeWceP4YJu
ZSqX1jVWtioathqIKIR9GBvtx5S7WcDYYEukK3eAyi59L84lBCBPsSynWIwmAPCt
koLTKQAcs+mYHWM9XFn44DQvE4rPhHn4pBMHdru9Mh4B
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:21 2024 by rpki-client on console-ams.rpki-client.org