Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
File: 09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa (raw, json)
Hash identifier: 4SzoB1IUgIZ80542+6IJxnWeMarhE9QVn5kF35WYF7A=
Subject key identifier: 47:90:F3:27:2A:48:5C:C1:22:83:F0:14:B9:57:09:0C:1F:D5:95:04
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3703EA70A9C1BC068F779C3E1CC0638A99CF0F64
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.122.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Apr 2024 20:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:03:ea:70:a9:c1:bc:06:8f:77:9c:3e:1c:c0:63:8a:99:cf:0f:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=250780b5c82008b342c5447864d4b541ff3b596c760870175b46d822ad0e6f0d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:0e:37:fa:aa:07:32:5c:65:8d:9a:ed:d0:dc:
4c:2f:5f:a5:e6:d5:84:8d:3d:8b:7a:ff:2f:9b:63:
d7:3f:7c:df:dd:f8:03:0d:67:bd:e7:1b:1c:d4:0d:
9c:cc:b0:bd:e9:43:78:f5:0e:a7:ee:fb:31:de:67:
7f:cf:8e:fe:a1:83:8b:af:76:c8:38:a1:6d:0c:db:
b4:66:0a:52:40:c0:30:b0:76:1d:b6:1c:ce:28:70:
dc:46:51:38:0a:ee:e6:be:7d:68:62:18:d7:64:09:
4c:4f:12:3a:ac:9f:99:88:53:ec:c6:76:47:4e:30:
6a:38:8d:3e:9e:dc:b7:05:0f:bc:91:5e:2e:71:bf:
4e:3a:05:a2:7f:26:d0:38:01:a3:c0:e2:4d:a0:55:
da:4f:a9:49:5d:6b:3d:c2:c9:ff:28:9c:a4:fb:6b:
63:f2:ff:23:ec:26:f1:d3:53:7c:6d:76:7f:c5:bd:
bb:84:fd:19:f3:35:bb:f0:39:b5:48:91:fb:ed:e3:
a4:01:b4:86:9b:03:6a:2c:e3:7b:96:ba:ab:df:57:
b0:b9:ae:6c:5a:8f:fb:c1:ce:37:0a:73:b7:ec:2d:
87:66:4f:99:1c:cf:95:09:72:e0:56:17:62:77:ce:
dc:1a:bc:08:e6:21:cf:08:c8:9f:08:86:a8:d2:bd:
2a:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:90:F3:27:2A:48:5C:C1:22:83:F0:14:B9:57:09:0C:1F:D5:95:04
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.122.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a3:5d:b8:dc:fd:ef:54:72:5d:e0:b8:20:49:2a:73:48:01:96:
a6:a4:1c:f5:b5:ff:47:e6:05:ba:c2:e9:a4:ce:af:3c:f6:5b:
4b:00:15:61:d7:e8:d9:ab:61:64:2d:df:0a:30:16:1e:64:7a:
e1:a4:83:f1:09:7e:6d:10:fc:09:ba:c6:4e:ad:ba:8b:9c:07:
6d:24:1c:a1:1b:45:11:23:92:8e:88:40:a8:b6:26:4a:44:e9:
8a:bf:76:e0:4e:14:ee:63:cc:ce:da:d9:61:e9:dd:19:a6:57:
1f:1b:f4:eb:9a:80:cc:9e:34:24:2c:be:8a:a4:35:16:d9:cf:
65:93:58:c9:14:03:9d:42:7c:1f:bd:aa:2a:b8:b9:e2:21:0e:
f8:e3:e1:4d:27:7b:87:28:d5:b1:4d:4f:44:e5:24:4d:86:39:
94:3c:27:5b:05:07:a4:77:36:34:ad:a1:4b:5a:d1:fd:61:34:
db:99:a3:ea:d8:ce:b1:b1:6f:22:4c:bd:45:f4:00:44:f9:f9:
08:90:81:af:f6:0c:42:80:7c:0b:2b:cd:a8:d6:15:19:ae:a6:
6b:c6:87:62:7d:b1:8a:90:a3:9a:6b:be:65:c5:f5:1e:99:cc:
bd:57:1d:c6:05:53:3e:b8:99:70:fb:73:3e:9c:73:8b:5e:69:
d9:7d:f3:51
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNwPqcKnBvAaPd5w+HMBjipnPD2QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1MDc4MGI1YzgyMDA4YjM0MmM1NDQ3ODY0ZDRiNTQxZmYzYjU5NmM3NjA4
NzAxNzViNDZkODIyYWQwZTZmMGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANYON/qqBzJcZY2a7dDcTC9fpebVhI09i3r/L5tj1z983934Aw1nvecbHNQN
nMywvelDePUOp+77Md5nf8+O/qGDi692yDihbQzbtGYKUkDAMLB2HbYczihw3EZR
OAru5r59aGIY12QJTE8SOqyfmYhT7MZ2R04wajiNPp7ctwUPvJFeLnG/TjoFon8m
0DgBo8DiTaBV2k+pSV1rPcLJ/yicpPtrY/L/I+wm8dNTfG12f8W9u4T9GfM1u/A5
tUiR++3jpAG0hpsDaizje5a6q99XsLmubFqP+8HONwpzt+wth2ZPmRzPlQly4FYX
YnfO3Bq8COYhzwjInwiGqNK9KmUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRHkPMn
KkhcwSKD8BS5VwkMH9WVBDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDllYzk3Y2EtMDQ0ZS00Nzg1LWJkZDQtZmNmOWU4ZDUxNGNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN6MA0G
CSqGSIb3DQEBCwUAA4IBAQCjXbjc/e9Ucl3guCBJKnNIAZampBz1tf9H5gW6wumk
zq889ltLABVh1+jZq2FkLd8KMBYeZHrhpIPxCX5tEPwJusZOrbqLnAdtJByhG0UR
I5KOiECotiZKROmKv3bgThTuY8zO2tlh6d0ZplcfG/TrmoDMnjQkLL6KpDUW2c9l
k1jJFAOdQnwfvaoquLniIQ744+FNJ3uHKNWxTU9E5SRNhjmUPCdbBQekdzY0raFL
WtH9YTTbmaPq2M6xsW8iTL1F9ABE+fkIkIGv9gxCgHwLK82o1hUZrqZrxodifbGK
kKOaa75lxfUemcy9Vx3GBVM+uJlw+3M+nHOLXmnZffNR
-----END CERTIFICATE-----
Generated at Thu Apr 18 00:59:31 2024 by rpki-client on console-ams.rpki-client.org