Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0f648163-e886-4951-999f-6a050d9c305f.roa
File: 0f648163-e886-4951-999f-6a050d9c305f.roa (raw, json)
Hash identifier: lKO/FljqJGL7wWHVPg+6JvgepGhxkK0ehmpwq38oGaA=
Subject key identifier: E6:8E:DB:B2:1E:DF:90:77:6A:A5:60:17:41:8D:1C:30:8A:E8:9C:12
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6FC857B7950DC611DE1B7483A8FEFB121535C016
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0f648163-e886-4951-999f-6a050d9c305f.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:c8:57:b7:95:0d:c6:11:de:1b:74:83:a8:fe:fb:12:15:35:c0:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=4d11a0ffc3a4481f89dd17265c5f8d5df6eb06481259b6e7e3f16ad4379aba29, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e1:a7:bd:f5:a8:d2:9f:60:b8:c5:14:0d:04:
af:ab:b9:58:81:1f:76:3c:f4:b2:5b:bc:a3:c1:98:
45:5a:9e:80:d5:8e:08:6e:06:a1:51:c0:48:0c:7f:
47:09:3e:e1:e8:cf:a1:72:6b:2d:f8:36:37:96:53:
d6:c3:3f:fc:7b:c5:09:da:9f:2c:ad:46:5e:e8:43:
81:d0:b5:7a:af:b4:3f:93:22:95:22:bd:77:1c:26:
ee:66:1c:4b:fd:69:da:c5:0f:99:a5:a8:6c:9e:77:
b5:3a:2d:37:54:a6:5b:41:6c:3f:55:90:6b:d9:1e:
9c:d2:f3:76:9f:88:6e:78:6f:55:55:c4:5e:55:14:
4b:26:c4:25:59:fd:05:1b:e1:50:27:a6:8c:89:03:
f6:76:81:59:74:e9:3e:16:5f:7b:79:36:f6:c2:0e:
a6:95:d0:a7:f2:5a:69:fa:32:53:d2:16:4b:c4:b4:
2a:bc:07:75:47:c7:38:6f:77:5a:f9:5f:a8:34:15:
6a:12:6a:8a:9d:bb:04:b7:3f:34:cb:4c:79:d9:f4:
76:00:90:80:b5:0b:fc:b3:2f:2f:85:67:ea:71:bc:
87:db:84:b5:e8:c6:4b:0f:3d:48:be:e9:c0:4a:4c:
93:52:98:ac:ec:c6:71:66:65:06:15:ab:3f:d2:42:
23:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:8E:DB:B2:1E:DF:90:77:6A:A5:60:17:41:8D:1C:30:8A:E8:9C:12
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0f648163-e886-4951-999f-6a050d9c305f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ae:6f:e8:87:27:06:bc:dd:da:a1:ad:08:82:c4:b3:3a:f7:1a:
90:e4:c5:c9:50:7b:c1:a3:30:ef:56:44:74:1d:a1:4c:8c:ae:
5e:99:82:fb:40:17:37:09:b2:35:46:01:09:19:3d:31:a3:d5:
10:36:22:89:f9:77:2e:90:e5:7e:57:2c:dd:c4:3b:36:90:f7:
38:53:b9:2b:9b:57:fc:87:f7:eb:04:16:2e:e5:17:6c:ef:62:
9c:cc:4a:bd:10:1c:82:55:6a:26:de:76:21:90:66:bd:45:31:
56:55:d9:a3:41:e4:a4:6c:5a:dd:88:37:96:70:09:2f:0e:1a:
d6:75:7f:48:20:f1:86:86:5e:ac:af:62:78:52:15:c7:83:71:
45:e7:40:c5:4d:d6:d7:e4:1c:0b:e0:22:46:2a:f9:58:fa:eb:
53:b9:4e:11:39:8c:8c:8b:47:8b:d2:10:64:02:42:09:7b:23:
85:7d:48:d4:11:e1:47:7e:98:73:f4:cf:da:1e:aa:0d:ef:2a:
d0:a6:0f:a0:6b:49:b7:f2:2e:78:8e:6c:8d:25:6f:ea:1d:9a:
2d:64:0f:c8:a6:85:78:e8:44:d3:8e:41:fe:f8:17:de:ae:db:
b0:c9:0a:02:43:5d:ca:9f:8d:9b:c1:6e:a1:09:06:34:93:13:
8a:4a:02:77
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUb8hXt5UNxhHeG3SDqP77EhU1wBYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDRkMTFhMGZmYzNhNDQ4MWY4OWRkMTcyNjVjNWY4ZDVkZjZlYjA2NDgxMjU5
YjZlN2UzZjE2YWQ0Mzc5YWJhMjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMPhp731qNKfYLjFFA0Er6u5WIEfdjz0slu8o8GYRVqegNWOCG4GoVHASAx/
Rwk+4ejPoXJrLfg2N5ZT1sM//HvFCdqfLK1GXuhDgdC1eq+0P5MilSK9dxwm7mYc
S/1p2sUPmaWobJ53tTotN1SmW0FsP1WQa9kenNLzdp+IbnhvVVXEXlUUSybEJVn9
BRvhUCemjIkD9naBWXTpPhZfe3k29sIOppXQp/JaafoyU9IWS8S0KrwHdUfHOG93
WvlfqDQVahJqip27BLc/NMtMedn0dgCQgLUL/LMvL4Vn6nG8h9uEtejGSw89SL7p
wEpMk1KYrOzGcWZlBhWrP9JCI10CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTmjtuy
Ht+Qd2qlYBdBjRwwiuicEjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGY2NDgxNjMtZTg4Ni00OTUxLTk5OWYtNmEwNTBkOWMzMDVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMAMA0G
CSqGSIb3DQEBCwUAA4IBAQCub+iHJwa83dqhrQiCxLM69xqQ5MXJUHvBozDvVkR0
HaFMjK5emYL7QBc3CbI1RgEJGT0xo9UQNiKJ+XcukOV+VyzdxDs2kPc4U7krm1f8
h/frBBYu5Rds72KczEq9EByCVWom3nYhkGa9RTFWVdmjQeSkbFrdiDeWcAkvDhrW
dX9IIPGGhl6sr2J4UhXHg3FF50DFTdbX5BwL4CJGKvlY+utTuU4ROYyMi0eL0hBk
AkIJeyOFfUjUEeFHfphz9M/aHqoN7yrQpg+ga0m38i54jmyNJW/qHZotZA/IpoV4
6ETTjkH++BfertuwyQoCQ13Kn42bwW6hCQY0kxOKSgJ3
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:21 2024 by rpki-client on console-ams.rpki-client.org