Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1034a10f-29ad-43d5-9d62-abfa393cb0a3.roa
File: 1034a10f-29ad-43d5-9d62-abfa393cb0a3.roa (raw, json)
Hash identifier: k4C3J4gWvIrog3JXM1NiGBie5cCOU3ADFVvB7RGtkhU=
Subject key identifier: 21:3A:D5:1C:B5:80:BB:78:FF:95:A8:C5:19:FC:8A:AF:E4:A1:65:BD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4BF710BADC9E9D27437B2410CAA4B710D6FDA355
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1034a10f-29ad-43d5-9d62-abfa393cb0a3.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.88.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:f7:10:ba:dc:9e:9d:27:43:7b:24:10:ca:a4:b7:10:d6:fd:a3:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=e1cb6e316a956fbd510d30ad16c3d6b261802f9299bb9c03d44bb7beb7a31532, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:aa:0a:34:ae:78:06:c8:cf:84:b2:2d:3b:7d:
8b:4c:53:fd:4c:64:d3:d0:94:cd:f4:13:71:91:ba:
41:79:98:e7:fa:16:2d:78:58:5d:33:82:f4:d5:ad:
ac:67:44:0f:a3:94:25:69:07:0f:0c:71:c9:22:85:
c8:85:4d:83:07:8d:f4:39:47:44:5e:c6:dd:d2:63:
78:b8:3d:b2:df:c5:be:a8:c1:00:88:76:c9:28:6c:
1f:64:c8:23:85:f1:f2:2b:a8:8e:2f:f2:e2:ef:de:
89:71:6b:db:8e:d7:bf:26:56:94:37:0a:57:9a:29:
10:cd:12:b8:85:ae:14:4e:4f:ac:cc:04:cd:4a:43:
75:73:69:02:26:8e:fe:23:c5:8e:7b:bb:b0:73:ba:
04:ac:ec:05:d4:53:db:79:7b:d2:22:3c:e1:8b:6b:
ec:93:5e:ed:f4:e8:95:31:cb:be:19:95:5e:01:60:
fe:ec:4d:7a:5b:b4:db:33:77:68:8b:25:f6:b5:b7:
c8:29:2b:2e:06:68:84:44:cd:df:c3:dd:3a:71:65:
80:4f:be:cc:ba:f4:85:32:44:16:ee:11:58:07:0e:
af:bb:01:f6:99:d2:62:37:e8:f7:98:44:8d:ed:f4:
4c:81:49:fc:1b:be:2d:fc:00:82:66:5c:a5:23:1a:
33:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:3A:D5:1C:B5:80:BB:78:FF:95:A8:C5:19:FC:8A:AF:E4:A1:65:BD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1034a10f-29ad-43d5-9d62-abfa393cb0a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.88.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0c:fe:f5:75:9d:b4:de:6b:9d:a1:d7:52:65:1d:06:cb:ab:c7:
f0:be:62:b6:2c:3b:36:67:91:72:f6:68:36:16:ec:86:c0:45:
f3:bb:d7:ac:5e:fc:01:9e:47:5d:ee:a1:53:4c:a8:e1:30:43:
69:b3:e0:b2:dc:7e:65:3b:50:7c:09:94:d1:40:74:1c:e8:24:
c4:2a:61:1e:d0:12:46:c4:33:c1:fd:44:30:f4:23:cb:9b:98:
88:b9:0e:f6:f1:dc:91:08:02:e9:36:c3:8e:ff:e5:15:0b:41:
c4:fd:28:61:9c:05:c5:18:14:25:22:f9:42:6f:6a:c9:c1:23:
9f:ee:2a:c2:84:d9:92:fa:75:4a:7f:22:a1:3b:e3:e9:32:23:
97:e7:c9:88:cc:9b:62:5c:30:f5:34:2e:3d:db:47:30:55:e3:
5d:43:75:1a:e9:37:27:46:60:ec:28:81:99:be:3c:05:c6:46:
cc:c2:49:0a:6f:a3:b7:46:0f:44:b4:52:8b:72:ee:29:0f:86:
75:8d:cd:20:92:fa:63:3b:3e:d5:08:54:dd:2f:0e:e5:5a:c7:
57:ac:98:76:72:b2:f2:d8:9b:7a:06:6e:29:07:76:8d:47:c0:
e6:14:97:8b:d5:93:42:76:9a:56:6f:c5:3a:a9:31:c6:10:86:
29:4f:08:8a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUS/cQutyenSdDeyQQyqS3ENb9o1UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxY2I2ZTMxNmE5NTZmYmQ1MTBkMzBhZDE2YzNkNmIyNjE4MDJmOTI5OWJi
OWMwM2Q0NGJiN2JlYjdhMzE1MzIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJmqCjSueAbIz4SyLTt9i0xT/Uxk09CUzfQTcZG6QXmY5/oWLXhYXTOC9NWt
rGdED6OUJWkHDwxxySKFyIVNgweN9DlHRF7G3dJjeLg9st/FvqjBAIh2yShsH2TI
I4Xx8iuoji/y4u/eiXFr247XvyZWlDcKV5opEM0SuIWuFE5PrMwEzUpDdXNpAiaO
/iPFjnu7sHO6BKzsBdRT23l70iI84Ytr7JNe7fTolTHLvhmVXgFg/uxNelu02zN3
aIsl9rW3yCkrLgZohETN38PdOnFlgE++zLr0hTJEFu4RWAcOr7sB9pnSYjfo95hE
je30TIFJ/Bu+LfwAgmZcpSMaM8sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQhOtUc
tYC7eP+VqMUZ/Iqv5KFlvTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTAzNGExMGYtMjlhZC00M2Q1LTlkNjItYWJmYTM5M2NiMGEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNYMA0G
CSqGSIb3DQEBCwUAA4IBAQAM/vV1nbTea52h11JlHQbLq8fwvmK2LDs2Z5Fy9mg2
FuyGwEXzu9esXvwBnkdd7qFTTKjhMENps+Cy3H5lO1B8CZTRQHQc6CTEKmEe0BJG
xDPB/UQw9CPLm5iIuQ728dyRCALpNsOO/+UVC0HE/ShhnAXFGBQlIvlCb2rJwSOf
7irChNmS+nVKfyKhO+PpMiOX58mIzJtiXDD1NC4920cwVeNdQ3Ua6TcnRmDsKIGZ
vjwFxkbMwkkKb6O3Rg9EtFKLcu4pD4Z1jc0gkvpjOz7VCFTdLw7lWsdXrJh2crLy
2Jt6Bm4pB3aNR8DmFJeL1ZNCdppWb8U6qTHGEIYpTwiK
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:35:25 2024 by rpki-client on console-ams.rpki-client.org