Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa
File: 2740a5f5-ec55-42ac-b7df-f4c863c83981.roa (raw, json)
Hash identifier: kFjJct5YIhlfYD7WyExBiQJkLTZcC4UnUUd8lNSansg=
Subject key identifier: F5:EA:4C:8A:34:BE:A6:8B:14:0D:82:C5:8A:62:AD:C8:03:9C:C7:0F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 665B9E0456B1C35CC4591FD1EE8F93196B53D521
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa
Signing time: Tue 05 Mar 2024 00:00:00 +0000
ROA not before: Tue 05 Mar 2024 00:00:00 +0000
ROA not after: Tue 09 Apr 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.125.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 29 Mar 2024 21:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:5b:9e:04:56:b1:c3:5c:c4:59:1f:d1:ee:8f:93:19:6b:53:d5:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 00:00:00 2024 GMT
Not After : Apr 9 23:59:59 2024 GMT
Subject: serialNumber=d1d584deff998ae9f53f66d7e017f2c1f7e0d79274ba66ea87993aefe41a6ee3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ea:e9:2c:fd:24:d6:9a:e5:7d:3f:f7:97:37:
78:80:d7:1e:6d:eb:6a:c5:b8:75:11:63:aa:75:16:
35:ae:2c:36:a7:ce:a3:a7:c9:31:c1:56:90:a2:52:
ec:99:10:21:ac:c4:b0:b0:85:b0:83:45:28:55:7a:
d5:1f:8e:d1:43:e6:d9:fd:7d:5d:09:f1:a6:8d:f8:
6c:76:20:1a:79:28:d3:d5:2c:f5:e4:20:4e:2a:2c:
11:3f:8d:dc:a4:cd:45:99:72:6b:64:e6:52:71:ee:
cd:d1:ce:77:69:a4:5d:bb:4d:df:9f:e1:51:3a:89:
ba:4c:24:3f:2d:a3:1c:80:75:c9:99:3e:d2:c6:63:
e9:b2:30:c1:cc:af:e6:72:16:21:9f:c6:f4:a3:c5:
a8:3c:b4:8b:9d:7f:07:15:08:39:4c:82:0c:39:f7:
ff:5e:62:41:89:b4:d6:22:d9:1d:2b:81:28:71:74:
d3:27:15:ec:8e:74:4f:34:71:43:aa:dd:b5:e0:59:
1b:86:91:8a:a5:38:74:6e:a8:df:3b:4c:76:e9:84:
67:ec:f8:1e:1e:7b:28:de:a4:7d:d0:a2:d4:d1:f1:
63:b4:bf:c8:6f:e7:d2:45:f2:5b:3a:90:f6:d3:58:
75:11:d0:24:4f:c0:3c:84:49:f4:ee:ea:ca:9b:d1:
ae:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:EA:4C:8A:34:BE:A6:8B:14:0D:82:C5:8A:62:AD:C8:03:9C:C7:0F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.125.0.0/16
Signature Algorithm: sha256WithRSAEncryption
17:1d:0b:0d:c0:ae:d3:8e:b3:04:ed:17:46:e9:ae:4f:5f:e6:
56:55:71:be:14:49:6c:ae:77:6e:14:dd:a1:32:f3:ba:f8:76:
3f:52:9d:6d:e0:5a:89:cd:04:e3:71:43:32:eb:83:00:81:0b:
6b:58:39:08:81:62:68:16:ae:70:58:49:86:ec:2d:04:bb:e4:
53:14:84:7a:47:a4:91:63:dc:1a:ad:c7:79:de:1a:d9:c8:b0:
45:d9:3f:aa:cc:51:54:c2:55:60:f7:f3:80:fc:0c:6b:61:18:
c9:da:82:e9:4e:54:32:0e:56:b2:63:11:df:62:70:73:b6:49:
0f:c1:d4:f1:57:d6:88:05:93:e4:4e:0c:54:49:85:55:bb:1c:
ae:aa:12:25:61:a6:1d:4b:25:84:b6:53:7d:55:a5:33:97:51:
d4:2e:28:4e:b6:7c:33:9e:30:1a:26:6b:aa:d1:87:ef:22:f5:
bb:9d:6f:2d:1c:2b:5e:37:43:b4:8f:12:27:de:80:d0:e4:3c:
47:89:cc:6f:10:42:47:87:72:ae:09:23:c9:d3:16:82:66:44:
86:58:b3:59:6c:07:ce:22:d5:83:23:57:af:9f:ac:46:98:5b:
e5:7d:ac:c8:b4:15:51:7d:ec:20:9a:7f:28:92:c8:5e:17:33:
51:67:08:d9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZlueBFaxw1zEWR/R7o+TGWtT1SEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMDUwMDAwMDBaFw0yNDA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxZDU4NGRlZmY5OThhZTlmNTNmNjZkN2UwMTdmMmMxZjdlMGQ3OTI3NGJh
NjZlYTg3OTkzYWVmZTQxYTZlZTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbq6Sz9JNaa5X0/95c3eIDXHm3rasW4dRFjqnUWNa4sNqfOo6fJMcFWkKJS
7JkQIazEsLCFsINFKFV61R+O0UPm2f19XQnxpo34bHYgGnko09Us9eQgTiosET+N
3KTNRZlya2TmUnHuzdHOd2mkXbtN35/hUTqJukwkPy2jHIB1yZk+0sZj6bIwwcyv
5nIWIZ/G9KPFqDy0i51/BxUIOUyCDDn3/15iQYm01iLZHSuBKHF00ycV7I50TzRx
Q6rdteBZG4aRiqU4dG6o3ztMdumEZ+z4Hh57KN6kfdCi1NHxY7S/yG/n0kXyWzqQ
9tNYdRHQJE/APIRJ9O7qypvRrmUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT16kyK
NL6mixQNgsWKYq3IA5zHDzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mjc0MGE1ZjUtZWM1NS00MmFjLWI3ZGYtZjRjODYzYzgzOTgxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN9MA0G
CSqGSIb3DQEBCwUAA4IBAQAXHQsNwK7TjrME7RdG6a5PX+ZWVXG+FElsrnduFN2h
MvO6+HY/Up1t4FqJzQTjcUMy64MAgQtrWDkIgWJoFq5wWEmG7C0Eu+RTFIR6R6SR
Y9warcd53hrZyLBF2T+qzFFUwlVg9/OA/AxrYRjJ2oLpTlQyDlayYxHfYnBztkkP
wdTxV9aIBZPkTgxUSYVVuxyuqhIlYaYdSyWEtlN9VaUzl1HULihOtnwznjAaJmuq
0YfvIvW7nW8tHCteN0O0jxIn3oDQ5DxHicxvEEJHh3KuCSPJ0xaCZkSGWLNZbAfO
ItWDI1evn6xGmFvlfazItBVRfewgmn8oksheFzNRZwjZ
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:18:27 2024 by rpki-client on console-ams.rpki-client.org