Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2263d6fb-d708-464c-8617-9f36a9814ed5.roa
File: 2263d6fb-d708-464c-8617-9f36a9814ed5.roa (raw, json)
Hash identifier: bFe82hD37YiWq/Fez0ueMZTgDhAN/kdaimnzxmdkflk=
Subject key identifier: B0:68:20:DE:0E:F6:FD:11:AD:15:D3:7A:53:68:04:E8:71:EB:26:E5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 178782F994948A4223B0F1E1E59B9CB338C9A720
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2263d6fb-d708-464c-8617-9f36a9814ed5.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.196.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Apr 2024 19:21:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:87:82:f9:94:94:8a:42:23:b0:f1:e1:e5:9b:9c:b3:38:c9:a7:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=b18bd852c0d4467d561bc73731520db5c6f13c5db06b4338a8ad530112e3449a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:82:bc:85:33:bc:ae:7a:60:35:b7:74:0e:44:
f8:b1:c2:9b:5f:7a:3a:ac:34:72:12:0f:2d:70:87:
31:4c:90:3c:f2:56:9c:b4:b7:11:3b:a0:69:47:1b:
2e:54:39:2b:b0:ab:76:01:78:a4:d0:1c:60:7c:d9:
f1:15:66:6e:62:f4:c4:15:be:0a:7a:ec:53:55:75:
b9:06:1c:90:54:15:a8:46:1b:eb:9d:53:8a:13:18:
db:67:9d:41:b4:7a:b8:b7:88:c9:6d:25:4d:03:fb:
c8:ab:ec:b1:42:63:51:3a:96:f2:5e:94:55:9e:91:
9d:7f:0c:8c:f0:8b:1b:4f:84:3f:94:af:24:c2:2e:
12:fd:2b:c0:f9:0b:4f:cb:b2:ae:08:82:c3:b3:84:
af:ea:cb:ed:5f:9a:cf:8f:39:8f:4e:b8:02:2a:6b:
ff:35:7f:e8:f7:51:23:3c:17:d0:84:ca:3e:fc:30:
bf:40:16:33:2f:6d:d2:94:86:79:40:94:bd:77:1d:
89:96:b3:b6:59:ce:ec:cd:5b:f7:5a:c1:a5:53:d4:
2d:55:68:16:d5:f3:b0:97:12:c5:b0:f2:ad:91:7d:
55:52:1d:28:e0:e6:7c:2d:d9:be:ec:d9:39:7f:8c:
91:1a:4f:25:b7:d6:e5:ff:6a:6a:f2:cb:2e:1f:f8:
dc:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:68:20:DE:0E:F6:FD:11:AD:15:D3:7A:53:68:04:E8:71:EB:26:E5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2263d6fb-d708-464c-8617-9f36a9814ed5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.196.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b6:f7:9c:cf:c4:f3:ea:10:c6:f8:dd:72:3f:73:86:c6:a8:b4:
e4:ea:04:fe:f9:01:9a:31:3e:d6:c2:9e:b9:74:d2:d1:9e:d6:
19:d2:43:01:b7:17:38:12:09:1d:37:3c:06:ad:c3:77:0a:68:
80:40:f3:43:30:68:33:5d:d4:31:e5:cf:5c:ae:a3:ee:6f:5c:
34:d6:d9:64:da:18:14:3e:82:f0:82:c6:18:94:9c:5c:c5:1c:
cb:0b:13:5f:2d:5c:a0:50:2e:06:7b:9b:80:f4:a0:66:4d:7a:
03:0a:aa:83:86:6d:9d:a6:9e:51:21:ba:5f:4f:99:74:d9:6a:
7e:7d:f1:23:be:33:73:b8:79:94:aa:f0:7c:a2:36:70:23:68:
5b:f0:8a:62:f3:4d:f3:d5:6b:1c:95:2d:ab:3d:21:7c:db:72:
ca:b6:96:59:6c:63:6c:20:6e:67:cc:7e:7d:c6:82:6c:29:38:
67:08:65:62:99:c3:f7:ed:6d:e2:64:e9:a6:2a:3a:a0:c4:29:
18:30:8b:49:a0:ce:a2:4d:2e:1c:f2:1f:38:af:dc:63:1d:7a:
a2:7b:28:0e:4c:c3:fd:1c:df:3e:34:3c:a5:cd:b6:5d:83:53:
29:e6:94:aa:64:df:9b:71:45:79:99:55:55:57:87:ed:ab:47:
bb:e3:95:74
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUF4eC+ZSUikIjsPHh5ZucszjJpyAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxOGJkODUyYzBkNDQ2N2Q1NjFiYzczNzMxNTIwZGI1YzZmMTNjNWRiMDZi
NDMzOGE4YWQ1MzAxMTJlMzQ0OWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJmCvIUzvK56YDW3dA5E+LHCm196Oqw0chIPLXCHMUyQPPJWnLS3ETugaUcb
LlQ5K7CrdgF4pNAcYHzZ8RVmbmL0xBW+CnrsU1V1uQYckFQVqEYb651TihMY22ed
QbR6uLeIyW0lTQP7yKvssUJjUTqW8l6UVZ6RnX8MjPCLG0+EP5SvJMIuEv0rwPkL
T8uyrgiCw7OEr+rL7V+az485j064Aipr/zV/6PdRIzwX0ITKPvwwv0AWMy9t0pSG
eUCUvXcdiZaztlnO7M1b91rBpVPULVVoFtXzsJcSxbDyrZF9VVIdKODmfC3ZvuzZ
OX+MkRpPJbfW5f9qavLLLh/43G8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSwaCDe
Dvb9Ea0V03pTaATocesm5TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjI2M2Q2ZmItZDcwOC00NjRjLTg2MTctOWYzNmE5ODE0ZWQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPEMA0G
CSqGSIb3DQEBCwUAA4IBAQC295zPxPPqEMb43XI/c4bGqLTk6gT++QGaMT7Wwp65
dNLRntYZ0kMBtxc4EgkdNzwGrcN3CmiAQPNDMGgzXdQx5c9crqPub1w01tlk2hgU
PoLwgsYYlJxcxRzLCxNfLVygUC4Ge5uA9KBmTXoDCqqDhm2dpp5RIbpfT5l02Wp+
ffEjvjNzuHmUqvB8ojZwI2hb8Ipi803z1WsclS2rPSF823LKtpZZbGNsIG5nzH59
xoJsKThnCGVimcP37W3iZOmmKjqgxCkYMItJoM6iTS4c8h84r9xjHXqieygOTMP9
HN8+NDylzbZdg1Mp5pSqZN+bcUV5mVVVV4ftq0e745V0
-----END CERTIFICATE-----
Generated at Tue Apr 16 01:21:45 2024 by rpki-client on console-ams.rpki-client.org