Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/286f881c-8fa0-4200-ada2-20a0cc49038e.roa
File: 286f881c-8fa0-4200-ada2-20a0cc49038e.roa (raw, json)
Hash identifier: /6TTfR3eK7D8HtZ3EggRPrBs3qBCl0uIMNKgUuZc4GQ=
Subject key identifier: 0C:81:F8:C1:5B:93:51:1F:23:27:2E:7A:58:90:07:D3:A2:17:5F:F6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 10D1F3B05ACD12BCF0A90BC96E19D2A029B4DDFF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/286f881c-8fa0-4200-ada2-20a0cc49038e.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.166.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:d1:f3:b0:5a:cd:12:bc:f0:a9:0b:c9:6e:19:d2:a0:29:b4:dd:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=c7236328e2bc6deb26179719169b16d58d32486a123257c03b41f198cbb6bc0d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d9:9a:f7:be:df:f0:bc:5e:f8:ac:99:81:76:
1c:2b:d5:51:60:f1:55:d0:aa:61:7f:02:1e:38:f0:
15:a2:db:a9:95:45:3d:02:b8:11:58:5a:db:b8:53:
24:8f:99:53:55:2e:aa:94:2d:1f:6d:65:7e:b6:5c:
68:ff:ab:57:66:ba:36:a0:95:59:08:79:a6:5b:6a:
54:72:24:da:b9:0b:f2:4c:d1:08:b3:9a:0e:1c:9d:
bd:5c:1f:f7:34:b6:69:c2:33:d0:88:25:d8:e4:50:
06:df:72:fc:2d:70:c3:8c:a1:ae:02:73:45:f4:7b:
30:42:25:8b:77:81:04:11:46:f1:fd:d5:ff:03:b3:
a4:cd:05:28:28:8a:cd:f6:7d:c8:4a:20:ba:a3:05:
e1:49:73:3f:3a:ea:ca:5f:9b:8d:d0:18:80:dd:da:
2f:a9:d4:62:26:0d:c8:e3:78:8c:af:fa:bc:4f:d0:
73:3e:eb:28:97:e6:92:40:94:a0:21:14:10:24:7f:
57:96:fe:64:a9:0d:13:40:3c:a6:e7:0b:26:89:32:
fe:2b:cc:ec:a9:18:3d:d1:8f:37:3f:b5:0e:e1:53:
35:55:37:2d:79:f7:58:2a:e4:6e:65:2a:f2:9a:b8:
e6:d1:36:7b:de:11:4e:4c:f8:b5:d4:0b:0a:8e:bd:
7d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:81:F8:C1:5B:93:51:1F:23:27:2E:7A:58:90:07:D3:A2:17:5F:F6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/286f881c-8fa0-4200-ada2-20a0cc49038e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.166.0.0/15
Signature Algorithm: sha256WithRSAEncryption
cc:44:90:fe:7f:76:0a:89:e7:9e:48:44:6a:24:40:98:21:97:
04:b8:49:07:fd:41:61:87:49:06:b0:f8:bc:36:af:5d:26:9e:
ad:f1:0d:c8:ea:91:3d:59:e4:ad:0b:b7:86:fd:99:07:18:32:
a7:af:c4:5b:de:2c:0e:21:d1:3a:12:7d:41:0d:8a:37:33:6f:
8a:5f:a7:b5:23:8d:5f:21:5f:5a:d2:bb:3f:59:3d:78:a5:1b:
e6:99:d4:47:40:49:61:c0:f6:b8:8b:93:bf:7b:08:fc:42:f0:
8a:cb:53:1a:62:53:d8:f8:cd:9b:b3:df:b2:bf:af:ba:50:d4:
53:01:57:08:13:40:ac:fc:dd:cc:80:27:42:f2:49:23:1d:e3:
0a:28:57:34:c2:7b:43:f6:9c:07:2b:a1:ac:e4:b3:27:3e:eb:
fc:be:c8:d6:e1:6e:c3:08:78:ee:f4:b2:29:ec:76:ab:30:24:
aa:8d:79:f7:e4:07:c7:55:2c:99:4d:b8:bb:fd:96:d4:02:99:
7e:20:5a:b7:8b:0e:b9:66:f6:8e:b3:8c:de:db:6d:1b:d9:78:
a8:a3:e6:b4:e8:50:1b:0c:96:4a:70:89:17:89:77:5f:de:14:
56:5b:27:b1:6a:42:e0:17:4c:c8:13:87:1f:18:41:dd:c0:de:
94:56:62:ee
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUENHzsFrNErzwqQvJbhnSoCm03f8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGM3MjM2MzI4ZTJiYzZkZWIyNjE3OTcxOTE2OWIxNmQ1OGQzMjQ4NmExMjMy
NTdjMDNiNDFmMTk4Y2JiNmJjMGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKXZmve+3/C8XvismYF2HCvVUWDxVdCqYX8CHjjwFaLbqZVFPQK4EVha27hT
JI+ZU1UuqpQtH21lfrZcaP+rV2a6NqCVWQh5pltqVHIk2rkL8kzRCLOaDhydvVwf
9zS2acIz0Igl2ORQBt9y/C1ww4yhrgJzRfR7MEIli3eBBBFG8f3V/wOzpM0FKCiK
zfZ9yEoguqMF4UlzPzrqyl+bjdAYgN3aL6nUYiYNyON4jK/6vE/Qcz7rKJfmkkCU
oCEUECR/V5b+ZKkNE0A8pucLJoky/ivM7KkYPdGPNz+1DuFTNVU3LXn3WCrkbmUq
8pq45tE2e94RTkz4tdQLCo69ffUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQMgfjB
W5NRHyMnLnpYkAfTohdf9jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mjg2Zjg4MWMtOGZhMC00MjAwLWFkYTItMjBhMGNjNDkwMzhlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOmMA0G
CSqGSIb3DQEBCwUAA4IBAQDMRJD+f3YKieeeSERqJECYIZcEuEkH/UFhh0kGsPi8
Nq9dJp6t8Q3I6pE9WeStC7eG/ZkHGDKnr8Rb3iwOIdE6En1BDYo3M2+KX6e1I41f
IV9a0rs/WT14pRvmmdRHQElhwPa4i5O/ewj8QvCKy1MaYlPY+M2bs9+yv6+6UNRT
AVcIE0Cs/N3MgCdC8kkjHeMKKFc0wntD9pwHK6Gs5LMnPuv8vsjW4W7DCHju9LIp
7HarMCSqjXn35AfHVSyZTbi7/ZbUApl+IFq3iw65ZvaOs4ze220b2Xioo+a06FAb
DJZKcIkXiXdf3hRWWyexakLgF0zIE4cfGEHdwN6UVmLu
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:21 2024 by rpki-client on console-ams.rpki-client.org