Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
File: 1fa61929-412c-4540-85ff-6ae53d3a9f99.roa (raw, json)
Hash identifier: /GRU/j2lIwozHrkxedLDSJGOkEuhuUebxHy9bsVHBp0=
Subject key identifier: 09:E0:9B:01:45:54:7D:23:40:AE:CE:E8:D4:9D:6E:7A:BC:E0:DB:1D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2753805FC14DEBDEE029D3467F1B925100C8C887
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.212.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Apr 2024 20:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:53:80:5f:c1:4d:eb:de:e0:29:d3:46:7f:1b:92:51:00:c8:c8:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=811bc688b08e1785bf92db029470fac0076e96ed21b84cbf5c4d0999cba78b82, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8d:7c:1c:09:42:13:c9:74:da:90:d5:54:04:
b3:b0:d4:65:21:c7:9b:67:b0:58:28:3f:41:65:3d:
d2:ef:a4:64:c4:8e:c3:7e:ce:ab:50:1a:41:8c:07:
82:8c:d9:31:0e:a8:98:3f:a1:ed:9e:8c:21:90:aa:
0d:98:a2:0a:13:52:50:d7:35:69:75:12:83:e4:f9:
82:98:02:48:fe:94:55:94:ad:b7:d5:d4:1c:f7:0c:
64:2f:83:34:80:ed:d4:e7:f6:c1:ff:b3:ec:c4:9a:
82:64:57:52:29:56:9d:08:14:a7:42:aa:e0:2f:c8:
8f:ac:3b:a8:91:3f:cf:ba:6c:78:16:f7:98:a5:b9:
dd:e9:3d:e6:0d:81:f9:4a:cb:8b:60:6c:ea:24:7c:
9c:30:e3:d9:5f:ad:6f:13:80:7f:98:d5:21:bb:72:
d3:f5:d7:b7:49:0d:b6:4f:d4:b8:c3:ff:b4:a2:cc:
3d:d2:2e:62:01:35:be:a5:6e:46:1d:62:0c:5c:2c:
e9:37:57:cc:b3:9c:f0:72:af:8f:24:b1:04:04:30:
de:e0:0b:23:dd:80:43:af:77:5f:06:01:a3:54:cb:
94:c4:df:80:d1:4b:92:ac:3f:85:c8:23:74:89:ea:
61:05:62:8b:b1:fa:52:58:2d:bd:0a:83:cc:3b:95:
27:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:E0:9B:01:45:54:7D:23:40:AE:CE:E8:D4:9D:6E:7A:BC:E0:DB:1D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.212.0.0/15
Signature Algorithm: sha256WithRSAEncryption
83:34:77:13:ea:44:f4:4c:a4:a9:8e:6a:23:cb:f3:c9:aa:8a:
5d:cf:2c:a2:cf:e4:21:3b:8c:7e:29:25:0e:64:18:e7:61:5f:
a1:27:5f:e3:3e:b4:30:9f:1d:25:77:56:c9:39:ea:26:cb:1f:
0d:7b:0a:da:9b:8d:5d:57:58:5a:d1:d0:e3:e2:b1:80:fc:87:
72:39:4d:26:6d:aa:e6:71:6f:fb:28:72:4a:f7:bb:84:5f:35:
2a:25:ee:9d:59:6c:82:27:be:31:ca:b2:00:bb:63:97:2b:43:
15:ea:fa:ef:1d:26:69:f2:2c:16:2d:c9:43:1f:84:c1:e9:ea:
a7:dd:01:f4:f4:42:ac:ec:c3:5a:69:9e:98:59:9a:39:2a:21:
07:e5:99:d7:5a:75:bd:ad:ea:51:71:d5:a8:a3:3a:4f:75:21:
d2:5d:ef:d2:99:1d:a3:14:cf:97:71:62:ea:b6:92:bd:0b:f2:
59:64:97:a8:76:1a:ef:7a:58:12:38:aa:55:1f:f9:49:43:53:
ff:22:12:89:4a:7d:ec:eb:9e:f9:1c:5c:ce:c4:ae:d6:c2:22:
3a:5b:c2:72:5f:0e:82:e9:1f:d4:69:f9:d4:6d:db:f3:46:99:
5c:fd:5a:b7:fe:4f:ee:2b:a9:9e:d3:ee:d0:5b:9b:01:3d:45:
ea:97:15:19
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJ1OAX8FN697gKdNGfxuSUQDIyIcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxMWJjNjg4YjA4ZTE3ODViZjkyZGIwMjk0NzBmYWMwMDc2ZTk2ZWQyMWI4
NGNiZjVjNGQwOTk5Y2JhNzhiODIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6NfBwJQhPJdNqQ1VQEs7DUZSHHm2ewWCg/QWU90u+kZMSOw37Oq1AaQYwH
gozZMQ6omD+h7Z6MIZCqDZiiChNSUNc1aXUSg+T5gpgCSP6UVZStt9XUHPcMZC+D
NIDt1Of2wf+z7MSagmRXUilWnQgUp0Kq4C/Ij6w7qJE/z7pseBb3mKW53ek95g2B
+UrLi2Bs6iR8nDDj2V+tbxOAf5jVIbty0/XXt0kNtk/UuMP/tKLMPdIuYgE1vqVu
Rh1iDFws6TdXzLOc8HKvjySxBAQw3uALI92AQ693XwYBo1TLlMTfgNFLkqw/hcgj
dInqYQVii7H6UlgtvQqDzDuVJy0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQJ4JsB
RVR9I0CuzujUnW56vODbHTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWZhNjE5MjktNDEyYy00NTQwLTg1ZmYtNmFlNTNkM2E5Zjk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPUMA0G
CSqGSIb3DQEBCwUAA4IBAQCDNHcT6kT0TKSpjmojy/PJqopdzyyiz+QhO4x+KSUO
ZBjnYV+hJ1/jPrQwnx0ld1bJOeomyx8Newram41dV1ha0dDj4rGA/IdyOU0mbarm
cW/7KHJK97uEXzUqJe6dWWyCJ74xyrIAu2OXK0MV6vrvHSZp8iwWLclDH4TB6eqn
3QH09EKs7MNaaZ6YWZo5KiEH5ZnXWnW9repRcdWoozpPdSHSXe/SmR2jFM+XcWLq
tpK9C/JZZJeodhrvelgSOKpVH/lJQ1P/IhKJSn3s6575HFzOxK7WwiI6W8JyXw6C
6R/UafnUbdvzRplc/Vq3/k/uK6me0+7QW5sBPUXqlxUZ
-----END CERTIFICATE-----
Generated at Thu Apr 18 00:59:31 2024 by rpki-client on console-ams.rpki-client.org