Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/27a797e0-d86a-4e56-8092-d84689502090.roa
File: 27a797e0-d86a-4e56-8092-d84689502090.roa (raw, json)
Hash identifier: B8MowEOKzPbF8UnjVO0k+4mL1WEGBbpR42E83Nn7He8=
Subject key identifier: 76:91:08:2C:56:D8:9B:DF:32:9A:1E:D2:9E:8A:A3:78:26:69:7A:59
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 57C1B10384D9F975349B69A2D3BFAA16F3DEEA6C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/27a797e0-d86a-4e56-8092-d84689502090.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.24.0.0/13 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:c1:b1:03:84:d9:f9:75:34:9b:69:a2:d3:bf:aa:16:f3:de:ea:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=7ff4a3661fa9e76841ff8fd982e91097cd1ebe4dd7ce463659887371f97b980c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9f:2a:d5:aa:1d:c1:7b:74:7e:a1:6e:51:4d:
bc:49:fa:ef:47:4a:0b:96:fa:8a:3c:7a:10:33:1a:
51:4f:f4:65:fa:af:9c:48:6b:da:db:b9:be:50:14:
3d:0c:aa:b4:7a:b8:e5:20:0c:89:fa:22:26:8a:44:
45:2e:4c:af:de:41:f2:7c:39:3d:fd:e5:9b:60:00:
4e:e8:ac:24:b4:ff:a1:0d:c7:dc:8f:d7:67:56:fc:
2c:71:57:9d:fd:c9:77:54:d1:d4:1b:14:6d:4d:19:
60:9a:e8:2b:b6:a6:1d:33:76:99:cd:4b:7c:ec:c7:
19:39:04:d7:9b:17:47:c9:b0:12:c0:7d:ad:a0:7b:
16:5f:a4:84:c5:15:f9:a5:6b:61:98:b3:11:49:7c:
4e:8e:5e:73:ed:f2:20:88:9d:dc:c2:d4:7b:1c:39:
40:eb:96:ad:83:76:04:0e:23:cb:be:d6:cc:0c:69:
9c:57:33:7a:a4:fa:48:1f:dc:b7:0a:7d:c8:c0:f5:
f1:ba:88:61:2e:5a:60:7c:c3:b4:52:f4:b5:e3:90:
91:11:46:94:f0:3f:02:36:38:09:3e:23:73:12:6a:
1e:0b:8b:20:a1:f9:7c:f3:f1:64:42:31:89:b2:86:
ac:46:95:4d:3e:40:53:52:f7:19:d8:c8:41:8e:b5:
09:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:91:08:2C:56:D8:9B:DF:32:9A:1E:D2:9E:8A:A3:78:26:69:7A:59
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/27a797e0-d86a-4e56-8092-d84689502090.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.24.0.0/13
Signature Algorithm: sha256WithRSAEncryption
86:5a:16:f7:0f:fe:0c:03:a8:ef:92:63:13:d4:d9:c3:2c:74:
39:cd:d4:a5:06:54:63:82:9b:ac:89:4c:d8:31:74:8c:26:50:
db:d1:86:e0:67:8c:55:35:d2:d5:8e:5d:a2:03:5c:7d:09:1b:
51:e2:62:2d:86:69:d1:0c:62:e0:1b:30:da:f5:74:d4:2b:5e:
97:90:d6:96:92:10:65:f5:89:6c:a8:32:79:7f:f5:a9:ab:ad:
98:e7:9d:f8:25:65:27:fd:c3:cf:53:1f:8b:4e:b3:07:ba:c3:
a4:de:3a:56:96:54:d1:13:96:3a:1a:71:5d:2b:48:03:61:b1:
ea:10:63:41:05:16:ae:19:99:3a:c9:46:fe:13:e3:e1:8b:b1:
3b:12:ae:c6:e2:71:12:dc:66:76:d9:36:76:89:89:ad:7f:bf:
c8:8b:5a:00:d2:28:6d:92:b1:77:72:89:41:9f:58:3b:73:24:
5a:fe:cb:5e:17:ac:1b:47:f6:7c:d9:a4:9f:4b:d9:9d:83:ad:
28:53:41:3c:ff:e9:2c:b2:fc:75:64:22:da:fb:d9:2b:b4:38:
61:b6:8c:01:5e:7d:80:0c:09:f2:ce:3f:88:cc:f4:1c:09:99:
f1:03:0b:4d:cd:35:4f:18:b8:f8:cb:a0:70:3f:8e:71:bb:3a:
b1:23:fe:7d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUV8GxA4TZ+XU0m2mi07+qFvPe6mwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmZjRhMzY2MWZhOWU3Njg0MWZmOGZkOTgyZTkxMDk3Y2QxZWJlNGRkN2Nl
NDYzNjU5ODg3MzcxZjk3Yjk4MGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6fKtWqHcF7dH6hblFNvEn670dKC5b6ijx6EDMaUU/0ZfqvnEhr2tu5vlAU
PQyqtHq45SAMifoiJopERS5Mr95B8nw5Pf3lm2AATuisJLT/oQ3H3I/XZ1b8LHFX
nf3Jd1TR1BsUbU0ZYJroK7amHTN2mc1LfOzHGTkE15sXR8mwEsB9raB7Fl+khMUV
+aVrYZizEUl8To5ec+3yIIid3MLUexw5QOuWrYN2BA4jy77WzAxpnFczeqT6SB/c
twp9yMD18bqIYS5aYHzDtFL0teOQkRFGlPA/AjY4CT4jcxJqHguLIKH5fPPxZEIx
ibKGrEaVTT5AU1L3GdjIQY61CY0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR2kQgs
Vtib3zKaHtKeiqN4Jml6WTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjdhNzk3ZTAtZDg2YS00ZTU2LTgwOTItZDg0Njg5NTAyMDkwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzMYMA0G
CSqGSIb3DQEBCwUAA4IBAQCGWhb3D/4MA6jvkmMT1NnDLHQ5zdSlBlRjgpusiUzY
MXSMJlDb0YbgZ4xVNdLVjl2iA1x9CRtR4mIthmnRDGLgGzDa9XTUK16XkNaWkhBl
9YlsqDJ5f/Wpq62Y5534JWUn/cPPUx+LTrMHusOk3jpWllTRE5Y6GnFdK0gDYbHq
EGNBBRauGZk6yUb+E+Phi7E7Eq7G4nES3GZ22TZ2iYmtf7/Ii1oA0ihtkrF3colB
n1g7cyRa/steF6wbR/Z82aSfS9mdg60oU0E8/+kssvx1ZCLa+9krtDhhtowBXn2A
DAnyzj+IzPQcCZnxAwtNzTVPGLj4y6BwP45xuzqxI/59
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:32:18 2024 by rpki-client on console-fra.rpki-client.org