Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1b39e9a7-4f3d-4cfc-975f-d9eaceed0ed2.roa
File: 1b39e9a7-4f3d-4cfc-975f-d9eaceed0ed2.roa (raw, json)
Hash identifier: foLGc41vcDIg5Fmvxl8qSJSJ4HuhkkvbwhfeBopv2YY=
Subject key identifier: A2:C3:EE:69:3E:1A:29:2F:A0:87:76:7B:39:88:EF:A8:BE:B8:5B:F0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 746CCA085120CC48BC545C8F90235BE86C7940C0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1b39e9a7-4f3d-4cfc-975f-d9eaceed0ed2.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.134.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:6c:ca:08:51:20:cc:48:bc:54:5c:8f:90:23:5b:e8:6c:79:40:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=a8eba08d5536ca50787b1b527f3f480818319b19c3cac11a49a055a05f8b3450, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1d:17:00:28:a7:a8:a0:0d:34:1d:f5:da:49:
3b:88:56:d2:c0:49:a1:70:92:f8:ed:f7:df:50:d6:
18:60:fc:a8:e1:ab:99:d9:9b:28:c6:c5:17:31:46:
6c:4b:5b:73:3d:ec:0e:9a:7b:e3:3b:cc:9f:fb:8c:
7a:3b:86:7f:a6:84:bf:9d:9f:12:44:58:2a:13:a4:
0b:55:61:07:64:15:19:0a:3b:03:12:d3:a9:49:9a:
66:e2:6f:28:36:7d:92:30:98:bc:ca:fa:f8:3c:65:
f6:5b:01:e6:d6:a8:71:15:87:06:82:cd:17:90:9f:
76:0c:a4:0d:db:e9:91:26:c7:db:ff:3d:3c:61:b1:
13:e2:96:07:f5:2d:e5:d1:6a:46:71:7a:74:d6:fb:
95:4c:c1:c4:9a:c2:ec:de:ca:63:19:8f:68:a3:9e:
91:3d:25:1a:6e:8c:df:ca:b0:c7:2b:b7:8c:e2:bf:
23:22:a1:c2:40:69:8d:68:48:05:45:17:7d:c2:c6:
64:a3:e7:b5:2f:da:00:ed:47:ce:3d:ad:f7:9d:ca:
45:ae:6e:c8:35:2b:a7:ac:09:e6:06:b0:24:d0:e0:
f3:cc:88:35:9c:ad:d9:a3:ed:4d:37:16:c8:8f:a6:
2d:cc:d0:93:76:f9:dd:30:6e:13:4c:1d:68:06:2d:
66:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:C3:EE:69:3E:1A:29:2F:A0:87:76:7B:39:88:EF:A8:BE:B8:5B:F0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1b39e9a7-4f3d-4cfc-975f-d9eaceed0ed2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.134.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9b:b6:93:1f:52:ee:9b:32:e2:38:e2:19:c1:b6:f8:0d:91:ff:
67:cb:ad:d2:6e:f6:4d:61:84:6b:ed:17:61:64:1e:26:b5:c5:
6c:fc:64:28:19:31:94:b7:25:a2:bb:de:3a:2c:d6:09:3f:af:
e1:1e:cc:11:11:02:d8:70:13:d2:92:b3:72:fc:24:aa:66:88:
a8:78:b3:65:04:1a:d4:d9:e7:6b:6c:72:d9:db:29:70:b2:9f:
41:70:df:92:49:bd:63:dd:99:bc:47:09:44:91:3b:2b:67:9a:
9f:4c:b7:33:ba:db:5b:6e:e6:63:10:f9:58:6b:11:2f:7f:bb:
8e:13:11:d6:3e:9c:80:81:97:b6:36:f2:1d:40:bd:cc:90:89:
fa:42:e4:1b:7e:36:e7:d3:28:66:55:87:db:a1:85:3c:e3:7d:
a7:fe:97:21:ea:a0:37:9e:44:71:89:58:1d:69:9b:28:f6:35:
2b:32:55:57:3d:80:8f:38:42:bb:08:37:2d:0a:4a:fe:92:98:
f4:2a:6e:91:1f:49:c5:d1:d4:63:ac:25:f4:36:05:a6:af:60:
a8:23:f9:27:30:4c:cd:b3:d4:ff:4a:73:aa:09:dc:ee:2f:6a:
4c:c4:8b:39:ad:a1:53:8b:9b:ee:a8:85:20:8e:07:18:23:de:
39:4d:cf:66
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdGzKCFEgzEi8VFyPkCNb6Gx5QMAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4ZWJhMDhkNTUzNmNhNTA3ODdiMWI1MjdmM2Y0ODA4MTgzMTliMTljM2Nh
YzExYTQ5YTA1NWEwNWY4YjM0NTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK8dFwAop6igDTQd9dpJO4hW0sBJoXCS+O3331DWGGD8qOGrmdmbKMbFFzFG
bEtbcz3sDpp74zvMn/uMejuGf6aEv52fEkRYKhOkC1VhB2QVGQo7AxLTqUmaZuJv
KDZ9kjCYvMr6+Dxl9lsB5taocRWHBoLNF5CfdgykDdvpkSbH2/89PGGxE+KWB/Ut
5dFqRnF6dNb7lUzBxJrC7N7KYxmPaKOekT0lGm6M38qwxyu3jOK/IyKhwkBpjWhI
BUUXfcLGZKPntS/aAO1Hzj2t953KRa5uyDUrp6wJ5gawJNDg88yINZyt2aPtTTcW
yI+mLczQk3b53TBuE0wdaAYtZqMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSiw+5p
PhopL6CHdns5iO+ovrhb8DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWIzOWU5YTctNGYzZC00Y2ZjLTk3NWYtZDllYWNlZWQwZWQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOGMA0G
CSqGSIb3DQEBCwUAA4IBAQCbtpMfUu6bMuI44hnBtvgNkf9ny63SbvZNYYRr7Rdh
ZB4mtcVs/GQoGTGUtyWiu946LNYJP6/hHswREQLYcBPSkrNy/CSqZoioeLNlBBrU
2edrbHLZ2ylwsp9BcN+SSb1j3Zm8RwlEkTsrZ5qfTLczuttbbuZjEPlYaxEvf7uO
ExHWPpyAgZe2NvIdQL3MkIn6QuQbfjbn0yhmVYfboYU8432n/pch6qA3nkRxiVgd
aZso9jUrMlVXPYCPOEK7CDctCkr+kpj0Km6RH0nF0dRjrCX0NgWmr2CoI/knMEzN
s9T/SnOqCdzuL2pMxIs5raFTi5vuqIUgjgcYI945Tc9m
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:32:18 2024 by rpki-client on console-fra.rpki-client.org