Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
File: 0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa (raw, json)
Hash identifier: RddszSlU1B6hRrhmvUNlV90ddeB3bM2kBR3Zv1sl+rQ=
Subject key identifier: 65:1A:D1:97:F0:60:DB:16:53:5E:26:41:6E:E2:48:F0:6C:1C:3E:E1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5318D317ED25AABF03096F983A61A9BD0D1424E6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.100.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:18:d3:17:ed:25:aa:bf:03:09:6f:98:3a:61:a9:bd:0d:14:24:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=069982a40d8fbe75e453fc69ca14f34bb9f8861f1d2d5c09c6bfba8da50a0972, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:09:92:9e:b7:cc:55:4b:03:9d:b1:30:58:fa:
4a:4b:6b:5f:bd:11:ea:46:49:5b:9c:c2:ff:48:2c:
03:fa:98:4c:a4:ec:93:b4:2a:32:ec:d7:7f:46:41:
96:a0:40:06:4a:c0:1d:58:46:56:01:89:11:e9:2d:
ab:77:fe:89:2f:77:c4:09:b4:ce:41:95:6d:b9:ac:
17:16:90:77:26:a5:36:1d:21:70:07:ad:14:ac:61:
f1:ae:32:ba:9c:0f:90:5c:54:dd:7f:4b:5d:77:3a:
af:02:9d:ba:cd:74:3a:a2:e8:b6:0a:19:dc:2d:fa:
0b:db:89:c2:7e:8b:6e:2b:04:ad:4b:74:d4:c1:a5:
8a:9a:0d:c9:09:51:2b:88:46:60:29:4d:03:01:6c:
64:a3:ae:1f:7a:6f:9a:cf:53:18:7d:72:d3:41:4d:
f2:fb:48:2f:9d:c9:ec:63:9c:43:61:67:e6:ec:4b:
22:81:cd:68:d0:9a:f3:28:43:ee:d5:e0:12:1b:4a:
60:d8:85:b4:d4:f6:e6:df:0c:87:39:69:39:ba:32:
9c:06:bb:3a:77:44:e9:03:6a:81:29:68:39:ca:96:
78:60:92:0e:da:6d:3a:14:f4:cc:a5:c9:70:bf:8b:
9b:02:43:57:70:97:13:7a:4d:98:90:71:9e:84:e0:
04:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:1A:D1:97:F0:60:DB:16:53:5E:26:41:6E:E2:48:F0:6C:1C:3E:E1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.100.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b6:af:d7:6e:4c:4a:23:99:13:1f:df:5e:b2:90:08:ec:62:24:
1d:bb:6c:74:5f:08:84:3d:ed:57:8f:d0:9c:4e:be:f1:51:5b:
8b:61:b1:a7:ef:5f:99:7f:e0:b7:6a:f6:65:1e:c5:56:a6:85:
8f:8c:43:87:16:69:d4:0c:33:f7:58:8c:ef:01:b6:0c:f2:8a:
03:6e:70:2f:ba:17:47:38:e9:0d:a8:3e:e8:86:cc:e4:b3:90:
19:49:50:ed:f4:af:3b:32:03:78:56:3c:79:97:ec:aa:49:69:
d9:df:3a:01:6b:84:40:9e:f7:b2:89:57:35:b4:08:a4:bd:56:
94:78:97:01:2e:f1:04:fa:6d:29:8c:0a:ce:c6:20:0e:65:d3:
72:83:f0:b6:bb:65:a9:b8:2d:c3:19:3e:a3:ad:4e:45:2a:78:
78:fd:0f:2c:42:5b:2b:56:98:12:4d:d4:24:f2:2e:c4:ae:1d:
ee:5f:44:e2:97:49:5e:77:fb:bd:a5:82:a2:51:5f:89:2d:ff:
11:71:29:ce:62:af:b4:42:c9:8a:8a:89:c6:50:f0:49:f6:05:
52:e3:0a:30:8a:68:57:95:a8:d5:68:3b:52:fd:ac:9e:c4:bf:
d5:f3:ba:4b:22:0c:98:0d:52:f1:df:bc:24:5c:25:7a:90:3d:
44:8f:9b:55
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUxjTF+0lqr8DCW+YOmGpvQ0UJOYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2OTk4MmE0MGQ4ZmJlNzVlNDUzZmM2OWNhMTRmMzRiYjlmODg2MWYxZDJk
NWMwOWM2YmZiYThkYTUwYTA5NzIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKIJkp63zFVLA52xMFj6SktrX70R6kZJW5zC/0gsA/qYTKTsk7QqMuzXf0ZB
lqBABkrAHVhGVgGJEektq3f+iS93xAm0zkGVbbmsFxaQdyalNh0hcAetFKxh8a4y
upwPkFxU3X9LXXc6rwKdus10OqLotgoZ3C36C9uJwn6LbisErUt01MGlipoNyQlR
K4hGYClNAwFsZKOuH3pvms9TGH1y00FN8vtIL53J7GOcQ2Fn5uxLIoHNaNCa8yhD
7tXgEhtKYNiFtNT25t8MhzlpOboynAa7OndE6QNqgSloOcqWeGCSDtptOhT0zKXJ
cL+LmwJDV3CXE3pNmJBxnoTgBMECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRlGtGX
8GDbFlNeJkFu4kjwbBw+4TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGJmYTI1ZGQtMzE5Zi00ZjJkLWI3ODYtOGFiMTlkNThlODExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNkMA0G
CSqGSIb3DQEBCwUAA4IBAQC2r9duTEojmRMf316ykAjsYiQdu2x0XwiEPe1Xj9Cc
Tr7xUVuLYbGn71+Zf+C3avZlHsVWpoWPjEOHFmnUDDP3WIzvAbYM8ooDbnAvuhdH
OOkNqD7ohszks5AZSVDt9K87MgN4Vjx5l+yqSWnZ3zoBa4RAnveyiVc1tAikvVaU
eJcBLvEE+m0pjArOxiAOZdNyg/C2u2WpuC3DGT6jrU5FKnh4/Q8sQlsrVpgSTdQk
8i7Erh3uX0Til0led/u9pYKiUV+JLf8RcSnOYq+0QsmKionGUPBJ9gVS4wowimhX
lajVaDtS/ayexL/V87pLIgyYDVLx37wkXCV6kD1Ej5tV
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:40:26 2024 by rpki-client on console-ams.rpki-client.org