Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a58cef7-5fa5-456d-9cd7-d96be1f2faad.roa
File: 0a58cef7-5fa5-456d-9cd7-d96be1f2faad.roa (raw, json)
Hash identifier: VwSfeTddHi5MvV6HCMLki5rpEfE8mBiP/SCfFp3zrIw=
Subject key identifier: BF:36:C0:11:6D:C1:8F:14:07:59:27:5C:9F:3E:0C:78:F1:86:55:DE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 69A4A9EEC81C169355F685E2DBEE7DE024B8F095
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a58cef7-5fa5-456d-9cd7-d96be1f2faad.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.118.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:a4:a9:ee:c8:1c:16:93:55:f6:85:e2:db:ee:7d:e0:24:b8:f0:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=ecbb92fe632b76c6b026ae7d41e9ff4bb482b760d74dfda80ed6d42aa0c0d095, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:0f:e3:85:53:60:bc:04:bf:ac:bc:8f:cd:ed:
ef:c8:a9:a1:4c:16:17:6c:91:da:c5:d3:d7:25:f7:
99:ae:e8:33:8d:3e:bf:e1:e3:dc:29:f4:f0:f7:b5:
6b:85:78:25:64:a3:66:82:ea:24:39:b8:bb:47:7b:
83:77:89:cf:c8:29:49:e6:10:6f:b3:6f:81:13:2d:
a9:8c:72:da:30:d6:d7:f9:12:f9:0a:f6:a2:04:da:
c5:36:e4:ef:58:bf:60:be:9c:c3:46:35:58:83:64:
96:fa:c1:56:9c:1f:31:ce:bc:19:c1:da:ba:92:9c:
54:de:91:f3:19:25:2a:f3:55:a0:cf:cb:fe:40:ca:
da:55:1e:18:cb:c0:9e:f3:c6:92:0e:dd:cd:12:00:
61:2f:06:84:f3:ee:95:8f:bf:1c:af:f5:fd:18:92:
6e:7d:37:49:4e:c7:ae:83:81:d4:25:a4:aa:5a:e0:
d6:b2:a0:21:83:3d:76:fe:19:8c:8a:81:a9:3a:35:
09:12:a9:80:c3:9e:ec:a0:71:31:3f:70:20:cf:44:
56:62:48:f1:26:4b:aa:df:66:e8:eb:1c:84:71:88:
a6:7d:1f:84:f7:5b:07:0a:a7:72:04:20:5b:44:2f:
31:97:71:42:e0:0f:23:b7:9b:8d:fe:cb:4c:98:a2:
fa:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:36:C0:11:6D:C1:8F:14:07:59:27:5C:9F:3E:0C:78:F1:86:55:DE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a58cef7-5fa5-456d-9cd7-d96be1f2faad.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.118.0.0/15
Signature Algorithm: sha256WithRSAEncryption
53:97:2e:6f:8c:31:80:0e:91:30:a4:cb:10:70:b7:3c:fa:5a:
5a:01:0e:58:cd:c6:0c:38:4f:c7:c0:6e:76:ab:b0:23:68:48:
eb:31:a5:44:54:0f:5e:e3:9a:6d:ae:f4:93:dc:98:04:20:49:
d0:08:44:b5:cc:b4:e7:da:d0:cc:33:e4:32:91:5a:a3:c2:02:
e1:40:c5:e3:7e:db:df:9f:90:a5:09:74:46:e4:51:14:54:21:
6e:24:af:3a:50:3a:14:c4:1a:16:17:0f:56:da:e3:57:40:7f:
99:ea:75:00:b9:0a:10:b6:fb:8b:06:38:31:d3:a0:b8:14:58:
4b:2f:a1:ce:22:94:4e:2a:35:b7:88:5b:33:e0:20:b8:28:7d:
5e:da:ba:9c:68:41:f7:25:c4:3b:08:8b:8d:f8:5f:66:bd:88:
ab:a0:7a:dd:3b:fe:be:77:ee:c5:ef:e1:d7:1a:d2:0a:eb:bf:
86:5d:8f:66:fa:1a:bb:17:12:31:03:90:88:80:af:d7:4c:6b:
63:a9:92:a4:dd:c6:ff:c5:83:53:27:dd:67:72:e8:33:85:c7:
0d:81:85:e4:79:63:20:15:d6:dc:a8:58:ac:1d:ba:ae:8a:a6:
a2:8a:9a:de:77:16:0f:21:5f:79:0b:85:ec:a3:ed:a3:31:4f:
1a:2d:54:f5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUaaSp7sgcFpNV9oXi2+594CS48JUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGVjYmI5MmZlNjMyYjc2YzZiMDI2YWU3ZDQxZTlmZjRiYjQ4MmI3NjBkNzRk
ZmRhODBlZDZkNDJhYTBjMGQwOTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMUP44VTYLwEv6y8j83t78ipoUwWF2yR2sXT1yX3ma7oM40+v+Hj3Cn08Pe1
a4V4JWSjZoLqJDm4u0d7g3eJz8gpSeYQb7NvgRMtqYxy2jDW1/kS+Qr2ogTaxTbk
71i/YL6cw0Y1WINklvrBVpwfMc68GcHaupKcVN6R8xklKvNVoM/L/kDK2lUeGMvA
nvPGkg7dzRIAYS8GhPPulY+/HK/1/RiSbn03SU7HroOB1CWkqlrg1rKgIYM9dv4Z
jIqBqTo1CRKpgMOe7KBxMT9wIM9EVmJI8SZLqt9m6OschHGIpn0fhPdbBwqncgQg
W0QvMZdxQuAPI7ebjf7LTJii+vcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS/NsAR
bcGPFAdZJ1yfPgx48YZV3jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGE1OGNlZjctNWZhNS00NTZkLTljZDctZDk2YmUxZjJmYWFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN2MA0G
CSqGSIb3DQEBCwUAA4IBAQBTly5vjDGADpEwpMsQcLc8+lpaAQ5YzcYMOE/HwG52
q7AjaEjrMaVEVA9e45ptrvST3JgEIEnQCES1zLTn2tDMM+QykVqjwgLhQMXjftvf
n5ClCXRG5FEUVCFuJK86UDoUxBoWFw9W2uNXQH+Z6nUAuQoQtvuLBjgx06C4FFhL
L6HOIpROKjW3iFsz4CC4KH1e2rqcaEH3JcQ7CIuN+F9mvYiroHrdO/6+d+7F7+HX
GtIK67+GXY9m+hq7FxIxA5CIgK/XTGtjqZKk3cb/xYNTJ91ncugzhccNgYXkeWMg
FdbcqFisHbquiqaiipredxYPIV95C4Xso+2jMU8aLVT1
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:21 2024 by rpki-client on console-ams.rpki-client.org