Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e6895c8-ee33-4049-8388-c6ac073195e9.roa
File: 1e6895c8-ee33-4049-8388-c6ac073195e9.roa (raw, json)
Hash identifier: IvXNGmg9G3ZPpWUhL7jjTzmkJefM+1J7s19813eB7K4=
Subject key identifier: 9B:76:03:88:81:B0:7B:00:DD:07:D9:A1:0D:BF:3D:09:17:72:2C:1E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 210EB28782689BA511F43066ABC2A505327FD013
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e6895c8-ee33-4049-8388-c6ac073195e9.roa
Signing time: Mon 15 Apr 2024 00:00:00 +0000
ROA not before: Mon 15 Apr 2024 00:00:00 +0000
ROA not after: Mon 20 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.21.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 19:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:0e:b2:87:82:68:9b:a5:11:f4:30:66:ab:c2:a5:05:32:7f:d0:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 15 00:00:00 2024 GMT
Not After : May 20 23:59:59 2024 GMT
Subject: serialNumber=69ad7601aef6f08ea6e6507aac7f2fcb52a5ac0098ff9ba4218783bcc946cf72, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b8:04:8b:83:f3:3f:e6:34:11:42:30:11:49:
55:38:58:5f:5c:a4:6f:0f:0e:42:cd:5b:67:f4:86:
b3:de:07:0b:a6:32:1b:d7:68:54:78:e7:da:76:72:
97:37:4b:44:0d:ad:26:f6:47:99:93:3f:cb:fa:a5:
17:83:67:31:50:1c:93:34:a4:cb:7a:0f:05:61:a9:
ec:3b:fc:1e:5e:60:3d:59:61:8f:ad:99:72:d2:b9:
e2:07:bc:03:0b:3e:58:c7:b9:17:55:e3:9c:42:97:
29:a1:b4:f0:b4:b9:b3:b5:c1:89:82:18:1e:2b:ac:
5c:23:bf:43:99:67:2f:53:73:6c:08:73:76:ed:2b:
44:b5:5d:dc:43:5a:7c:01:37:9c:a1:25:05:bd:0d:
8b:2a:50:3c:da:53:d2:07:6c:9c:84:fa:b2:41:4a:
1d:30:7a:4a:50:93:c7:1a:84:28:f2:d3:0c:ee:bd:
35:7c:5b:3c:8f:33:ce:09:2b:5e:6f:a4:d7:02:58:
25:e3:7d:8b:41:aa:45:ee:cf:5c:7f:c8:d8:7c:11:
21:63:fb:f4:f8:10:c2:4a:73:23:08:ab:59:14:a8:
d4:40:ab:50:af:da:8d:2c:18:d5:e1:d5:d0:ac:c9:
c1:43:48:1a:37:ab:ce:15:45:2e:f1:48:db:42:78:
af:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:76:03:88:81:B0:7B:00:DD:07:D9:A1:0D:BF:3D:09:17:72:2C:1E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e6895c8-ee33-4049-8388-c6ac073195e9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.21.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b2:37:04:e0:38:ce:f4:1a:b4:51:24:42:cd:c2:0d:46:8e:23:
91:d3:7b:a9:d6:bc:22:e4:42:b0:bf:c9:06:e5:af:bb:df:95:
ac:bb:ff:e0:0d:a8:a9:e6:8a:a2:16:fd:d5:b8:74:bc:a4:83:
20:93:9f:4a:07:8f:ed:c5:df:58:f1:e4:8e:b8:98:45:9a:34:
91:f3:9e:62:6f:07:b0:b3:02:5f:d1:06:33:76:a7:66:e6:e8:
7e:cb:43:3a:18:e5:65:d1:1f:2c:06:35:51:d2:0e:12:5d:1d:
6c:5a:88:77:c2:65:1d:44:09:64:68:30:81:62:89:27:ce:59:
33:e1:16:e2:78:48:bd:31:05:91:48:f8:0b:08:b9:ee:b7:f6:
55:fd:ae:0d:8a:a6:37:7a:99:ba:4b:8c:2c:06:60:8d:77:b3:
b5:96:ec:76:d7:79:60:79:68:5e:91:13:5a:b8:5b:c3:a3:7e:
bd:ba:3e:d8:c7:08:0f:f9:be:01:a9:fa:44:50:ee:11:58:09:
f1:5c:bf:04:35:1a:cb:14:10:4a:96:38:2d:c1:ef:b5:91:7f:
5e:d7:f6:e7:9c:e2:4c:ab:18:c9:ec:c1:fe:d9:6b:ea:46:65:
e5:a7:83:d6:37:51:01:ca:e2:b1:a0:d1:09:dd:69:50:0f:c4:
77:95:71:c0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIQ6yh4Jom6UR9DBmq8KlBTJ/0BMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MTUwMDAwMDBaFw0yNDA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDY5YWQ3NjAxYWVmNmYwOGVhNmU2NTA3YWFjN2YyZmNiNTJhNWFjMDA5OGZm
OWJhNDIxODc4M2JjYzk0NmNmNzIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKG4BIuD8z/mNBFCMBFJVThYX1ykbw8OQs1bZ/SGs94HC6YyG9doVHjn2nZy
lzdLRA2tJvZHmZM/y/qlF4NnMVAckzSky3oPBWGp7Dv8Hl5gPVlhj62ZctK54ge8
Aws+WMe5F1XjnEKXKaG08LS5s7XBiYIYHiusXCO/Q5lnL1NzbAhzdu0rRLVd3ENa
fAE3nKElBb0NiypQPNpT0gdsnIT6skFKHTB6SlCTxxqEKPLTDO69NXxbPI8zzgkr
Xm+k1wJYJeN9i0GqRe7PXH/I2HwRIWP79PgQwkpzIwirWRSo1ECrUK/ajSwY1eHV
0KzJwUNIGjerzhVFLvFI20J4r2sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSbdgOI
gbB7AN0H2aENvz0JF3IsHjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWU2ODk1YzgtZWUzMy00MDQ5LTgzODgtYzZhYzA3MzE5NWU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMVMA0G
CSqGSIb3DQEBCwUAA4IBAQCyNwTgOM70GrRRJELNwg1GjiOR03up1rwi5EKwv8kG
5a+735Wsu//gDaip5oqiFv3VuHS8pIMgk59KB4/txd9Y8eSOuJhFmjSR855ibwew
swJf0QYzdqdm5uh+y0M6GOVl0R8sBjVR0g4SXR1sWoh3wmUdRAlkaDCBYoknzlkz
4RbieEi9MQWRSPgLCLnut/ZV/a4NiqY3epm6S4wsBmCNd7O1lux213lgeWhekRNa
uFvDo369uj7YxwgP+b4BqfpEUO4RWAnxXL8ENRrLFBBKljgtwe+1kX9e1/bnnOJM
qxjJ7MH+2WvqRmXlp4PWN1EByuKxoNEJ3WlQD8R3lXHA
-----END CERTIFICATE-----
Generated at Tue Apr 30 01:02:48 2024 by rpki-client on console-fra.rpki-client.org