Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1c6a1167-c110-4a43-924e-7edbc1f49e2b.roa
File: 1c6a1167-c110-4a43-924e-7edbc1f49e2b.roa (raw, json)
Hash identifier: 2rg93ENrjEfgdvRv67gIj+o96+4gW5LxDn1c2A3Gm3M=
Subject key identifier: C6:07:5D:7B:D2:B1:D3:B8:5E:E4:B8:69:98:7B:46:4D:25:30:3E:1C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 33D42AF9435BF625DEA1AF22D7B95FF0E90EEF44
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1c6a1167-c110-4a43-924e-7edbc1f49e2b.roa
Signing time: Wed 27 Mar 2024 00:00:00 +0000
ROA not before: Wed 27 Mar 2024 00:00:00 +0000
ROA not after: Wed 01 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.206.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Apr 2024 19:21:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:d4:2a:f9:43:5b:f6:25:de:a1:af:22:d7:b9:5f:f0:e9:0e:ef:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 27 00:00:00 2024 GMT
Not After : May 1 23:59:59 2024 GMT
Subject: serialNumber=2fcf489dfdb0f3a15857ac02bc4873754d8b5b8819550f00232956b74a1dea7b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:32:f2:2e:55:fd:eb:25:81:7a:6c:13:54:39:
9b:8d:77:f5:e8:e1:43:f5:cb:3c:c0:3b:83:86:27:
97:05:69:43:db:7e:ab:fd:22:40:9c:8d:1f:b9:d8:
91:8e:fe:f7:9c:cb:dc:5b:83:db:c3:ed:0e:15:26:
7c:ae:4d:3f:16:fd:1c:e3:64:00:da:41:6d:68:08:
8a:f7:6f:2c:16:8b:59:14:b2:d0:fa:72:32:1d:ec:
0e:a1:18:cb:d7:2a:c7:74:14:02:77:cd:f3:7e:04:
25:13:a7:cf:82:3e:4e:cd:2b:6f:9d:cf:13:06:7e:
4a:a1:99:57:2c:ee:e1:29:f5:14:ac:62:10:76:7c:
62:97:3c:98:ef:b9:9f:d1:bc:b1:b7:99:67:95:b9:
89:ad:8d:de:39:b3:88:1a:fa:d6:5f:74:61:81:ae:
1a:f6:75:f8:97:27:3f:ba:78:be:6e:0d:06:e7:b7:
42:c3:66:a1:fb:f3:1d:e9:b8:d2:57:50:54:a4:f3:
3c:9c:24:83:e2:b4:dd:c0:ee:2d:45:05:72:c1:6c:
75:cc:61:34:40:5e:2a:1a:77:89:46:04:09:ca:49:
37:13:25:15:7c:42:33:7a:5a:83:57:04:6c:0a:fa:
ad:e4:80:81:b1:60:c0:aa:b2:b6:4f:5d:56:14:7c:
64:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:07:5D:7B:D2:B1:D3:B8:5E:E4:B8:69:98:7B:46:4D:25:30:3E:1C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1c6a1167-c110-4a43-924e-7edbc1f49e2b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.206.0.0/15
Signature Algorithm: sha256WithRSAEncryption
ab:1b:f1:b8:5b:23:48:8f:23:6d:07:10:78:7c:b3:2b:bb:64:
3c:72:3a:5e:46:54:82:29:d0:48:38:2e:f4:a4:fd:5f:a6:95:
cc:c9:ca:0f:e4:20:a8:47:f9:93:58:c0:a2:75:fa:e2:32:cb:
4d:30:77:d4:84:40:83:c4:d2:9e:55:d9:06:c1:42:30:3c:fa:
af:02:d1:92:e5:06:51:cc:07:4a:a4:c8:a3:e8:f8:35:e1:99:
0a:f6:9a:40:1a:10:bc:5c:6c:bf:5b:83:b2:b0:77:01:92:9d:
68:10:c9:d7:32:d7:06:3a:a2:ea:62:34:80:84:c1:33:30:5c:
ec:f5:c7:49:e7:48:f2:5e:cd:6b:f0:e3:d4:ab:85:7e:b4:c4:
20:61:49:f6:90:0d:9c:45:d6:d2:95:ac:94:ba:12:c0:33:f8:
66:e7:38:3f:52:38:1c:36:ed:61:3e:c2:78:f3:83:f7:81:de:
c1:3a:32:ab:72:17:2a:86:0b:1a:bd:67:1f:26:f3:56:87:6a:
f5:d1:0e:73:bf:0c:a4:06:86:98:35:bb:9f:00:ac:8a:1d:99:
53:c0:65:cf:f6:47:c4:91:80:a7:3c:80:99:70:52:a0:21:c4:
23:a0:dd:6a:76:31:77:0c:82:25:35:97:eb:08:9c:3f:7f:f8:
7f:71:38:e3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUM9Qq+UNb9iXeoa8i17lf8OkO70QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMjcwMDAwMDBaFw0yNDA1MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmY2Y0ODlkZmRiMGYzYTE1ODU3YWMwMmJjNDg3Mzc1NGQ4YjViODgxOTU1
MGYwMDIzMjk1NmI3NGExZGVhN2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJYy8i5V/eslgXpsE1Q5m4139ejhQ/XLPMA7g4YnlwVpQ9t+q/0iQJyNH7nY
kY7+95zL3FuD28PtDhUmfK5NPxb9HONkANpBbWgIivdvLBaLWRSy0PpyMh3sDqEY
y9cqx3QUAnfN834EJROnz4I+Ts0rb53PEwZ+SqGZVyzu4Sn1FKxiEHZ8Ypc8mO+5
n9G8sbeZZ5W5ia2N3jmziBr61l90YYGuGvZ1+JcnP7p4vm4NBue3QsNmofvzHem4
0ldQVKTzPJwkg+K03cDuLUUFcsFsdcxhNEBeKhp3iUYECcpJNxMlFXxCM3pag1cE
bAr6reSAgbFgwKqytk9dVhR8ZI8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTGB117
0rHTuF7kuGmYe0ZNJTA+HDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWM2YTExNjctYzExMC00YTQzLTkyNGUtN2VkYmMxZjQ5ZTJiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPOMA0G
CSqGSIb3DQEBCwUAA4IBAQCrG/G4WyNIjyNtBxB4fLMru2Q8cjpeRlSCKdBIOC70
pP1fppXMycoP5CCoR/mTWMCidfriMstNMHfUhECDxNKeVdkGwUIwPPqvAtGS5QZR
zAdKpMij6Pg14ZkK9ppAGhC8XGy/W4OysHcBkp1oEMnXMtcGOqLqYjSAhMEzMFzs
9cdJ50jyXs1r8OPUq4V+tMQgYUn2kA2cRdbSlayUuhLAM/hm5zg/UjgcNu1hPsJ4
84P3gd7BOjKrchcqhgsavWcfJvNWh2r10Q5zvwykBoaYNbufAKyKHZlTwGXP9kfE
kYCnPICZcFKgIcQjoN1qdjF3DIIlNZfrCJw/f/h/cTjj
-----END CERTIFICATE-----
Generated at Tue Apr 16 01:21:45 2024 by rpki-client on console-ams.rpki-client.org