Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15ca3bfd-cdcf-488b-a7f1-a2dfb7e29288.roa
File: 15ca3bfd-cdcf-488b-a7f1-a2dfb7e29288.roa (raw, json)
Hash identifier: hOK5Z0W/I+QeUQnutET413qs/4ioLZob4gtpc3vm4s4=
Subject key identifier: 29:9D:D7:61:29:F2:E1:D1:EA:6A:35:F5:04:8B:E7:65:42:B1:D7:DC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3711C71F5AF280838A3DD8D341E21707224B7F7B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15ca3bfd-cdcf-488b-a7f1-a2dfb7e29288.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.96.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:11:c7:1f:5a:f2:80:83:8a:3d:d8:d3:41:e2:17:07:22:4b:7f:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=fcb468e8194868d73f2d9efe8e058cc51e9ef2c43dcec42a675b3cd4d1290906, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:6a:f9:24:17:60:58:5c:08:04:68:d7:19:36:
8a:4f:6e:6e:01:b8:c7:d3:0d:c6:c4:50:db:d3:d4:
14:2a:27:97:98:91:8f:dd:03:23:b0:4a:b6:dc:90:
d5:49:58:30:91:05:d0:e7:5e:b5:8e:41:20:b6:a5:
94:1a:8c:2d:57:37:59:c5:83:f8:da:1c:c9:27:5a:
b4:82:d4:73:c0:99:e3:06:1f:fa:b9:0f:30:2e:84:
22:b9:7c:8a:62:8e:ad:6f:b0:58:c3:f3:29:e9:9e:
40:cf:0c:75:68:7f:ec:ea:20:8f:07:e1:d5:02:2d:
c0:c6:31:b4:39:d3:fe:44:01:af:7e:ce:f1:86:9b:
4d:c6:56:47:a4:c5:85:5b:bf:a6:cd:c2:f9:ad:06:
dc:ab:0c:dc:20:27:1f:d2:45:c6:d2:24:a7:a1:c1:
ff:f5:b5:be:6c:32:d7:e6:28:7f:47:6d:95:13:7a:
f1:10:0f:1a:40:36:3c:3a:72:be:5d:50:f6:25:9c:
33:aa:a7:9a:87:9d:9e:ac:7b:f2:e2:66:c8:15:48:
72:ea:01:76:88:f9:19:c2:15:2b:68:e5:74:29:e6:
58:ca:60:fb:f9:16:81:b7:6a:d7:51:74:2d:57:f2:
c3:f6:31:2f:f8:f4:bf:38:9e:dd:aa:e8:75:2f:19:
0e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:9D:D7:61:29:F2:E1:D1:EA:6A:35:F5:04:8B:E7:65:42:B1:D7:DC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15ca3bfd-cdcf-488b-a7f1-a2dfb7e29288.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.96.0.0/14
Signature Algorithm: sha256WithRSAEncryption
12:04:8c:0c:4a:07:b8:ae:e9:b7:66:08:5f:9a:cd:dd:98:be:
e8:c5:92:2f:bc:d6:61:4e:35:2f:7c:6e:e3:11:15:4c:af:66:
4a:e4:90:74:3a:e1:ff:1b:73:57:b8:7e:69:87:70:ae:e2:8b:
b6:b4:c7:32:72:e2:ff:0f:d7:7d:0f:80:6d:6d:0c:bc:97:08:
ea:7c:24:be:96:2f:e8:8f:b3:9c:3b:0c:92:9f:e1:9c:b8:e0:
f5:ce:2f:73:e9:41:d3:57:28:02:4e:a2:e9:6b:41:3b:e2:49:
1d:89:01:85:3b:4c:9c:7a:ac:44:22:87:1d:33:98:9b:a1:5f:
cb:79:e4:de:24:e2:2f:fc:60:bb:a0:8e:e2:2a:00:96:01:5c:
af:4f:72:6e:5a:fc:ca:e3:a0:96:56:ff:c3:61:e6:85:87:9a:
fe:11:f6:c8:40:1a:48:78:2c:32:16:0b:d6:3c:89:8b:4c:b6:
7b:e2:4a:5e:ac:20:e0:d1:7a:0d:81:28:b5:fc:d4:13:70:5e:
9e:bf:2c:c9:8e:db:93:32:06:bf:46:2e:b2:ed:17:24:b7:68:
65:5b:05:59:2c:40:d2:31:ea:e9:0c:35:8c:7c:5f:14:f3:63:
88:a1:16:6d:df:6b:c3:6b:65:bf:22:8f:58:f5:03:a5:a2:2a:
af:fb:dc:ed
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNxHHH1rygIOKPdjTQeIXByJLf3swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjIwMDAwMDBaFw0yNDA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjYjQ2OGU4MTk0ODY4ZDczZjJkOWVmZThlMDU4Y2M1MWU5ZWYyYzQzZGNl
YzQyYTY3NWIzY2Q0ZDEyOTA5MDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMRq+SQXYFhcCARo1xk2ik9ubgG4x9MNxsRQ29PUFConl5iRj90DI7BKttyQ
1UlYMJEF0OdetY5BILallBqMLVc3WcWD+NocySdatILUc8CZ4wYf+rkPMC6EIrl8
imKOrW+wWMPzKemeQM8MdWh/7Oogjwfh1QItwMYxtDnT/kQBr37O8YabTcZWR6TF
hVu/ps3C+a0G3KsM3CAnH9JFxtIkp6HB//W1vmwy1+Yof0dtlRN68RAPGkA2PDpy
vl1Q9iWcM6qnmoednqx78uJmyBVIcuoBdoj5GcIVK2jldCnmWMpg+/kWgbdq11F0
LVfyw/YxL/j0vzie3arodS8ZDmkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQpnddh
KfLh0epqNfUEi+dlQrHX3DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTVjYTNiZmQtY2RjZi00ODhiLWE3ZjEtYTJkZmI3ZTI5Mjg4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNgMA0G
CSqGSIb3DQEBCwUAA4IBAQASBIwMSge4rum3Zghfms3dmL7oxZIvvNZhTjUvfG7j
ERVMr2ZK5JB0OuH/G3NXuH5ph3Cu4ou2tMcycuL/D9d9D4BtbQy8lwjqfCS+li/o
j7OcOwySn+GcuOD1zi9z6UHTVygCTqLpa0E74kkdiQGFO0yceqxEIocdM5iboV/L
eeTeJOIv/GC7oI7iKgCWAVyvT3JuWvzK46CWVv/DYeaFh5r+EfbIQBpIeCwyFgvW
PImLTLZ74kperCDg0XoNgSi1/NQTcF6evyzJjtuTMga/Ri6y7Rckt2hlWwVZLEDS
MerpDDWMfF8U82OIoRZt32vDa2W/Io9Y9QOloiqv+9zt
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:35:25 2024 by rpki-client on console-ams.rpki-client.org