Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/156cb8b7-b25d-44ed-8f7a-44e741154b2e.roa
File: 156cb8b7-b25d-44ed-8f7a-44e741154b2e.roa (raw, json)
Hash identifier: ruX+tv67oV2IFa1pGFlyiimPXDsd5Ri0eV0lQVbT5cw=
Subject key identifier: 61:81:96:DF:D7:8D:02:13:92:09:18:7D:80:3E:4A:08:A6:04:62:B1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2978500DC18CE64DC1F5EA8F650F7C8B7F58049A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/156cb8b7-b25d-44ed-8f7a-44e741154b2e.roa
Signing time: Wed 27 Mar 2024 00:00:00 +0000
ROA not before: Wed 27 Mar 2024 00:00:00 +0000
ROA not after: Wed 01 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.44.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 00:45:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:78:50:0d:c1:8c:e6:4d:c1:f5:ea:8f:65:0f:7c:8b:7f:58:04:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 27 00:00:00 2024 GMT
Not After : May 1 23:59:59 2024 GMT
Subject: serialNumber=2a3036220519c5caa4b874286480bc569f0198560ca45f804b416dd7efa61cb1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:be:e6:d1:71:07:bc:77:2b:1c:d6:61:cb:53:
fc:df:df:1f:97:16:ed:ce:96:8a:d4:a1:e8:72:27:
dd:09:7d:b4:07:14:04:1f:d3:c2:73:b3:4c:5d:c3:
6e:d2:43:57:e8:18:12:f9:90:5f:60:b6:e6:9d:62:
be:7c:f7:51:ea:68:62:c3:65:d7:eb:50:0a:7d:32:
d3:7f:89:73:bd:fa:35:67:19:7a:bb:77:3c:fe:62:
b5:3a:f3:f1:a8:97:86:37:ea:b0:77:7b:45:c6:ab:
17:bc:de:32:3b:5d:ad:84:03:aa:dc:b1:e2:54:2d:
c3:e8:23:12:2f:8d:78:6d:5b:23:96:75:a0:bb:13:
97:39:4a:56:a5:68:6c:33:cc:7d:3f:63:37:72:47:
9f:97:36:a3:72:ce:c5:f6:af:b5:49:df:5b:2d:2c:
99:63:93:de:c3:1d:26:50:77:10:1c:c4:d8:1e:d1:
0f:3e:0b:07:c8:39:35:67:7f:f3:bd:ef:79:9a:1c:
a3:8d:75:b4:40:da:c5:5d:78:8e:d8:71:4e:01:56:
25:ab:15:d3:d5:14:04:5e:a3:47:ae:81:32:20:18:
57:a0:4d:a1:07:ea:d3:ed:66:cb:c3:cc:36:cf:67:
90:05:1d:56:ee:29:65:78:25:37:87:b4:35:23:3f:
89:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:81:96:DF:D7:8D:02:13:92:09:18:7D:80:3E:4A:08:A6:04:62:B1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/156cb8b7-b25d-44ed-8f7a-44e741154b2e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.44.0.0/14
Signature Algorithm: sha256WithRSAEncryption
64:28:49:4e:9a:ea:89:8f:8d:66:82:40:25:83:f0:4c:c7:9a:
4c:9b:dc:d4:d6:8d:fe:c5:e0:80:cb:d0:2a:87:5d:6e:4b:21:
f9:82:85:a5:11:ef:de:25:f4:b9:8e:93:a5:15:e5:5f:e0:8b:
e3:fd:31:16:93:6f:1b:ee:f3:50:44:d5:49:64:57:a6:40:04:
3d:88:d0:ff:58:fa:90:53:f2:d7:8a:90:f7:8b:1c:3f:ce:4c:
3f:96:b6:72:58:50:40:6a:a7:8c:fb:b2:52:71:1a:72:72:d6:
b5:2b:e4:e6:5a:72:05:19:e9:65:b6:75:26:bd:50:de:34:b9:
32:a6:68:cb:39:ae:fc:94:2a:ed:b0:6e:07:7f:1f:cb:6f:bd:
94:2a:72:97:54:d2:aa:fe:8e:c9:64:c1:d9:a1:6a:aa:7f:90:
03:5a:8a:5f:49:ae:38:1b:fe:60:5b:c0:74:38:30:5b:ec:bf:
fa:79:7f:0c:4e:30:5a:15:04:51:f0:7a:5d:e5:6e:16:14:7a:
00:f1:04:09:6c:51:f7:78:f7:1c:a4:49:d8:46:2c:92:e9:f5:
f3:0a:8f:9b:a5:4a:db:19:8b:d8:96:d9:f8:5b:0e:de:cd:16:
53:39:1f:3c:46:4b:f9:bb:63:f3:80:0a:9e:f8:6c:01:ef:90:
77:7c:05:57
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKXhQDcGM5k3B9eqPZQ98i39YBJowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMjcwMDAwMDBaFw0yNDA1MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhMzAzNjIyMDUxOWM1Y2FhNGI4NzQyODY0ODBiYzU2OWYwMTk4NTYwY2E0
NWY4MDRiNDE2ZGQ3ZWZhNjFjYjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALq+5tFxB7x3KxzWYctT/N/fH5cW7c6WitSh6HIn3Ql9tAcUBB/TwnOzTF3D
btJDV+gYEvmQX2C25p1ivnz3UepoYsNl1+tQCn0y03+Jc736NWcZert3PP5itTrz
8aiXhjfqsHd7RcarF7zeMjtdrYQDqtyx4lQtw+gjEi+NeG1bI5Z1oLsTlzlKVqVo
bDPMfT9jN3JHn5c2o3LOxfavtUnfWy0smWOT3sMdJlB3EBzE2B7RDz4LB8g5NWd/
873veZoco411tEDaxV14jthxTgFWJasV09UUBF6jR66BMiAYV6BNoQfq0+1my8PM
Ns9nkAUdVu4pZXglN4e0NSM/iasCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRhgZbf
140CE5IJGH2APkoIpgRisTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTU2Y2I4YjctYjI1ZC00NGVkLThmN2EtNDRlNzQxMTU0YjJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMsMA0G
CSqGSIb3DQEBCwUAA4IBAQBkKElOmuqJj41mgkAlg/BMx5pMm9zU1o3+xeCAy9Aq
h11uSyH5goWlEe/eJfS5jpOlFeVf4Ivj/TEWk28b7vNQRNVJZFemQAQ9iND/WPqQ
U/LXipD3ixw/zkw/lrZyWFBAaqeM+7JScRpycta1K+TmWnIFGelltnUmvVDeNLky
pmjLOa78lCrtsG4Hfx/Lb72UKnKXVNKq/o7JZMHZoWqqf5ADWopfSa44G/5gW8B0
ODBb7L/6eX8MTjBaFQRR8Hpd5W4WFHoA8QQJbFH3ePccpEnYRiyS6fXzCo+bpUrb
GYvYltn4Ww7ezRZTOR88Rkv5u2PzgAqe+GwB75B3fAVX
-----END CERTIFICATE-----
Generated at Sat Apr 20 02:38:44 2024 by rpki-client on console-ams.rpki-client.org