Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15be84ca-a9ee-44c8-9bac-fcbe3415ae22.roa
File: 15be84ca-a9ee-44c8-9bac-fcbe3415ae22.roa (raw, json)
Hash identifier: Lso7G/xGAJxYngShXrOtTphNYP81soZq5g//IeqaiMU=
Subject key identifier: DA:7E:3F:3F:CD:49:41:3A:55:BC:DC:DA:5A:7D:F6:C1:3A:9F:DB:D3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4AC324C9ABA17A754241E8CBE4B643137E74E6F6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15be84ca-a9ee-44c8-9bac-fcbe3415ae22.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.0.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:c3:24:c9:ab:a1:7a:75:42:41:e8:cb:e4:b6:43:13:7e:74:e6:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=59e8f653216004a3805b85001c366349d4482c2d85340ed27ed7e78f40f73d02, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c4:2c:55:26:7b:92:92:31:41:95:d3:b7:e0:
92:20:f6:7c:a6:93:37:9e:da:f4:69:96:7f:35:00:
53:3e:4a:61:5a:81:a3:a6:a3:d4:60:24:c8:67:02:
31:3f:df:a0:88:28:43:1d:27:74:ea:e2:e7:62:75:
71:78:75:c2:51:6e:f8:f3:d7:8f:f6:8e:d1:a3:9c:
6e:85:09:0f:83:ef:d2:84:a8:6a:eb:cd:8f:ed:69:
16:3f:d3:58:96:42:bb:ee:0a:0d:b5:db:a6:5a:0d:
57:21:18:0e:b6:ff:a4:b5:b8:6c:8a:69:e7:81:ea:
81:2d:7c:21:6e:e0:23:70:62:96:d6:cb:65:1b:d2:
c7:61:34:24:f1:75:43:5e:c5:7b:03:ca:7b:79:a4:
b0:ed:30:0a:16:31:1f:8a:25:07:e9:c2:84:fb:6d:
76:6f:35:85:13:77:d5:bd:88:51:01:d5:6d:28:5f:
c7:6c:10:9c:4b:4e:d0:bd:4d:11:44:1a:fc:d0:14:
48:66:5f:17:9d:02:32:12:99:7b:4f:df:8e:9f:71:
57:fe:a3:95:67:c3:b1:27:c3:39:41:fb:3b:ed:18:
d5:f1:91:96:b5:23:31:36:fc:9a:01:1e:9c:27:d6:
2b:93:19:26:8c:58:4e:ec:c5:30:10:75:3d:28:d3:
f8:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:7E:3F:3F:CD:49:41:3A:55:BC:DC:DA:5A:7D:F6:C1:3A:9F:DB:D3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15be84ca-a9ee-44c8-9bac-fcbe3415ae22.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d4:2c:41:ca:4e:8e:12:50:62:63:dd:6b:53:a9:ce:8b:cf:ea:
a3:69:e4:b0:24:5b:13:da:7e:cb:44:6c:7f:0d:b9:fc:50:39:
ef:ea:01:64:25:70:3e:a8:c0:a6:22:3b:ed:e3:37:dd:9f:0b:
98:34:8b:6d:9e:e7:e0:2e:65:73:fb:f2:b6:15:d9:c2:01:9a:
60:06:96:20:6f:d7:ce:6b:4a:de:8f:e8:93:74:46:d4:f5:e6:
34:02:7a:66:4f:b3:00:64:c8:c0:1e:42:7d:33:b4:7b:64:f8:
53:25:4b:d0:fb:83:43:0a:f6:aa:69:8c:15:75:44:51:0c:b2:
09:22:bc:fd:5f:86:95:36:f8:58:7b:13:f9:21:a0:56:44:af:
43:e7:4a:6a:43:ce:2e:3a:2c:29:09:b5:ce:1b:b2:d3:b7:9e:
6d:8a:88:a1:00:ae:e3:47:5e:3c:4b:aa:31:4a:a5:bf:0e:ff:
ea:62:43:19:1f:8e:13:c0:e9:5c:2c:e2:fd:9c:64:f4:43:5d:
7c:08:5c:ef:84:bd:68:6a:9c:3a:01:cf:65:95:e3:46:bf:52:
92:7c:cd:dd:1f:10:f6:6a:7e:72:dc:82:45:1b:ba:f9:8a:09:
72:d7:e2:40:2a:7a:30:b8:04:26:60:16:ea:31:c3:64:d8:e1:
e5:ea:14:cc
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSsMkyauhenVCQejL5LZDE3505vYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5ZThmNjUzMjE2MDA0YTM4MDViODUwMDFjMzY2MzQ5ZDQ0ODJjMmQ4NTM0
MGVkMjdlZDdlNzhmNDBmNzNkMDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKXELFUme5KSMUGV07fgkiD2fKaTN57a9GmWfzUAUz5KYVqBo6aj1GAkyGcC
MT/foIgoQx0ndOri52J1cXh1wlFu+PPXj/aO0aOcboUJD4Pv0oSoauvNj+1pFj/T
WJZCu+4KDbXbploNVyEYDrb/pLW4bIpp54HqgS18IW7gI3BiltbLZRvSx2E0JPF1
Q17FewPKe3mksO0wChYxH4olB+nChPttdm81hRN31b2IUQHVbShfx2wQnEtO0L1N
EUQa/NAUSGZfF50CMhKZe0/fjp9xV/6jlWfDsSfDOUH7O+0Y1fGRlrUjMTb8mgEe
nCfWK5MZJoxYTuzFMBB1PSjT+NECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTafj8/
zUlBOlW83NpaffbBOp/b0zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTViZTg0Y2EtYTllZS00NGM4LTliYWMtZmNiZTM0MTVhZTIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMAMA0G
CSqGSIb3DQEBCwUAA4IBAQDULEHKTo4SUGJj3WtTqc6Lz+qjaeSwJFsT2n7LRGx/
Dbn8UDnv6gFkJXA+qMCmIjvt4zfdnwuYNIttnufgLmVz+/K2FdnCAZpgBpYgb9fO
a0rej+iTdEbU9eY0AnpmT7MAZMjAHkJ9M7R7ZPhTJUvQ+4NDCvaqaYwVdURRDLIJ
Irz9X4aVNvhYexP5IaBWRK9D50pqQ84uOiwpCbXOG7LTt55tioihAK7jR148S6ox
SqW/Dv/qYkMZH44TwOlcLOL9nGT0Q118CFzvhL1oapw6Ac9lleNGv1KSfM3dHxD2
an5y3IJFG7r5igly1+JAKnowuAQmYBbqMcNk2OHl6hTM
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:35:25 2024 by rpki-client on console-ams.rpki-client.org