Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2f0149f0-c984-4579-a478-0c4e7147bcd1.roa
File: 2f0149f0-c984-4579-a478-0c4e7147bcd1.roa (raw, json)
Hash identifier: cFa9YvbSYFenHvKQPr/TVzLlRuzLusY0cT7Fk9uU0F8=
Subject key identifier: 35:AB:1B:9C:50:C7:71:E7:E6:77:10:70:B8:55:91:65:BA:72:89:B0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4A4A129A3937EB1EB1223A294345D2652CD1F648
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2f0149f0-c984-4579-a478-0c4e7147bcd1.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:4a:12:9a:39:37:eb:1e:b1:22:3a:29:43:45:d2:65:2c:d1:f6:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=d3423886533281afff2e552e6e4072dedd9d4a7e6ba52cfed1fb4bcec42ad0d6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:bf:5a:37:0e:a6:3d:e9:24:ca:16:44:63:3e:
f7:a5:03:e0:79:2c:7d:dd:37:54:10:4e:f2:5f:0a:
bd:f8:4c:8c:19:ec:76:8b:59:78:b5:59:f0:27:87:
56:fd:94:51:e8:0c:6a:13:5b:25:b8:fa:b8:67:a9:
d3:96:2a:ad:0f:db:85:66:24:9b:15:ed:c8:63:93:
b1:ba:65:9f:7f:15:2d:bb:22:5d:f9:5a:82:55:f9:
d8:5d:41:64:ac:42:8f:6a:13:9c:4d:98:0c:67:1c:
d7:8b:e5:e4:c8:c4:2c:62:a5:b8:84:f2:71:f0:dc:
57:52:fd:f0:86:c1:be:39:11:77:d0:cf:fc:30:e4:
7b:d8:c4:9b:a2:f1:40:e0:f0:48:c1:fe:e8:cd:84:
41:20:10:fa:8d:5f:33:9e:6e:70:1d:36:81:01:95:
7c:55:34:70:59:0d:13:ef:37:cb:b6:0e:9f:37:00:
18:2d:f4:44:04:e0:96:bc:49:b2:ce:39:19:f6:89:
b6:82:01:43:76:1a:2b:ef:0e:b4:10:d7:e5:21:21:
7d:f3:83:51:3b:45:6e:a0:55:32:f0:87:2c:0b:35:
25:d9:42:7e:f9:d2:6e:6b:5c:bc:12:c9:3f:78:74:
ba:42:0d:d2:3f:39:f0:a2:15:e5:db:f9:cc:4f:e0:
ed:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:AB:1B:9C:50:C7:71:E7:E6:77:10:70:B8:55:91:65:BA:72:89:B0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2f0149f0-c984-4579-a478-0c4e7147bcd1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.128.0/17
Signature Algorithm: sha256WithRSAEncryption
8c:09:cb:93:b4:6e:67:13:ce:93:05:5d:08:24:e5:fa:1b:e6:
70:1f:3f:f6:31:c6:18:68:5f:21:79:f9:d9:f5:c4:bd:a4:c5:
a4:b4:58:71:80:43:97:7d:2a:da:83:d6:62:27:c7:65:bf:fa:
bf:c1:1f:d4:1e:ea:aa:f7:44:9d:20:bd:60:38:8c:6f:fe:c1:
fa:58:e3:c5:ff:3e:f5:f0:8a:4b:e5:d7:2d:29:52:21:4a:d1:
f8:60:68:f2:2d:ef:9a:00:1e:58:2f:36:c8:c4:a2:88:a5:b4:
8c:8c:71:b9:3a:3f:cf:1a:6a:9c:72:d6:54:19:5f:77:e0:52:
db:9b:fb:2b:9a:3e:4e:b1:60:1c:7e:9b:2a:f5:d8:fc:ad:bb:
e8:01:f0:2f:31:45:f4:81:ab:02:ad:9a:ac:1b:6d:4d:b7:b1:
ad:4a:e1:78:d6:8c:f0:b5:3c:3d:fa:ab:76:ab:1a:86:0b:d8:
81:c2:4f:50:ae:f0:25:ce:74:9f:c0:4a:20:66:64:89:fa:73:
ff:d8:ca:ef:6e:8e:30:1a:28:8e:75:ef:cf:46:7e:72:a5:67:
ef:ce:90:12:58:67:ee:d5:b6:7e:10:0f:87:5a:2d:96:dc:f6:
5c:36:11:0d:16:a8:19:1f:4b:29:fe:6c:7b:9e:3d:05:8e:68:
df:1d:e2:43
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUSkoSmjk36x6xIjopQ0XSZSzR9kgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQzNDIzODg2NTMzMjgxYWZmZjJlNTUyZTZlNDA3MmRlZGQ5ZDRhN2U2YmE1
MmNmZWQxZmI0YmNlYzQyYWQwZDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJW/WjcOpj3pJMoWRGM+96UD4Hksfd03VBBO8l8KvfhMjBnsdotZeLVZ8CeH
Vv2UUegMahNbJbj6uGep05YqrQ/bhWYkmxXtyGOTsbpln38VLbsiXflaglX52F1B
ZKxCj2oTnE2YDGcc14vl5MjELGKluITycfDcV1L98IbBvjkRd9DP/DDke9jEm6Lx
QODwSMH+6M2EQSAQ+o1fM55ucB02gQGVfFU0cFkNE+83y7YOnzcAGC30RATglrxJ
ss45GfaJtoIBQ3YaK+8OtBDX5SEhffODUTtFbqBVMvCHLAs1JdlCfvnSbmtcvBLJ
P3h0ukIN0j858KIV5dv5zE/g7X8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ1qxuc
UMdx5+Z3EHC4VZFlunKJsDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmYwMTQ5ZjAtYzk4NC00NTc5LWE0NzgtMGM0ZTcxNDdiY2QxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBzMAgDAN
BgkqhkiG9w0BAQsFAAOCAQEAjAnLk7RuZxPOkwVdCCTl+hvmcB8/9jHGGGhfIXn5
2fXEvaTFpLRYcYBDl30q2oPWYifHZb/6v8Ef1B7qqvdEnSC9YDiMb/7B+ljjxf8+
9fCKS+XXLSlSIUrR+GBo8i3vmgAeWC82yMSiiKW0jIxxuTo/zxpqnHLWVBlfd+BS
25v7K5o+TrFgHH6bKvXY/K276AHwLzFF9IGrAq2arBttTbexrUrheNaM8LU8Pfqr
dqsahgvYgcJPUK7wJc50n8BKIGZkifpz/9jK726OMBoojnXvz0Z+cqVn786QElhn
7tW2fhAPh1otltz2XDYRDRaoGR9LKf5se549BY5o3x3iQw==
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:35:25 2024 by rpki-client on console-ams.rpki-client.org