Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
File: 2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa (raw, json)
Hash identifier: PwYV4blQDRgQvdO2zR7LR4zK0GEV7KABdVs+Lgyn1Bk=
Subject key identifier: 02:A4:A0:37:FA:26:E6:11:6C:1B:64:18:13:74:34:1A:EA:69:B4:46
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 29784961A7D6BB1C3F2531C294505AD6C4B9BBAA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.127.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:78:49:61:a7:d6:bb:1c:3f:25:31:c2:94:50:5a:d6:c4:b9:bb:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=bf2b4c9ad645e457e6e57702400262f2698741aa1c8755ced49e39ad39e6bc1b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:10:78:e7:f5:91:df:4c:57:4d:48:f1:e5:85:
ff:55:c5:9b:59:48:fc:17:f2:93:93:c8:2b:09:27:
fb:c4:d4:61:b2:5e:f9:9d:9a:d2:72:ee:83:20:fe:
07:7a:8e:a2:7b:4c:bb:11:cb:64:ab:9b:c5:99:62:
5b:a4:19:a1:a0:2a:48:d6:08:02:79:06:21:bc:bd:
7b:d9:13:4f:25:fd:00:62:c6:a9:6c:07:a1:53:5d:
ce:e9:e9:8f:1b:91:3b:44:af:e1:2e:dd:5f:86:8a:
1d:12:89:80:e7:9d:fc:50:5a:ca:11:7f:37:70:ae:
50:ca:97:48:75:d7:e7:81:55:93:62:41:15:6d:f3:
0a:8f:85:d7:3a:63:81:54:3c:4d:31:3e:9b:6f:9a:
95:b7:4d:54:97:51:90:92:2b:07:12:54:02:d7:71:
db:d3:ee:b8:a0:2d:6a:53:06:ba:9f:9b:73:37:0c:
b6:8d:77:62:38:57:d8:c1:a3:26:e1:ab:f0:62:b0:
06:ec:93:83:b5:a7:7d:99:30:3c:98:75:be:de:eb:
0a:0c:ad:12:af:80:92:71:a8:f7:2b:77:7c:07:1d:
ad:1d:5f:76:f7:c3:65:e9:fe:26:7f:1f:2e:23:07:
4e:fc:08:48:89:c5:68:4d:82:80:00:42:9c:fe:8d:
7e:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:A4:A0:37:FA:26:E6:11:6C:1B:64:18:13:74:34:1A:EA:69:B4:46
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.127.0.0/16
Signature Algorithm: sha256WithRSAEncryption
62:cc:c5:6e:0e:d2:2c:9d:8b:fc:07:a9:b7:f6:d8:9e:5f:ce:
19:d3:1a:15:da:70:56:25:6d:ef:7f:8e:b7:52:de:05:70:9e:
1e:34:3b:16:f3:e8:68:c9:1c:fe:42:10:54:ea:5d:2a:75:bb:
c4:04:48:5c:ff:e4:2b:76:90:59:c8:d5:71:6b:34:aa:42:ac:
a4:3b:37:e8:dd:28:d5:ea:43:96:b0:a5:53:ab:eb:fd:80:90:
de:c8:6d:55:e0:5d:ec:1f:39:4a:3e:d8:0b:30:5f:fb:1c:08:
27:0a:6b:67:0e:16:02:3f:0b:27:10:0e:f5:42:47:e4:85:15:
58:e1:4a:72:bb:7b:42:5e:9b:15:4a:78:e1:5b:e5:9f:2a:b1:
59:f5:63:0c:64:af:41:6f:c6:25:d2:dd:ce:28:e2:68:19:c9:
d7:f1:e9:1a:62:a2:e9:3d:d4:c7:89:d6:3b:c1:2a:ae:6b:06:
67:23:74:2a:45:16:7d:e0:be:69:4d:a5:4e:17:8d:6f:d8:c8:
3e:78:ea:10:ec:02:ee:fc:0f:01:27:6c:ad:5c:01:bf:66:01:
e5:60:9f:a3:5f:12:82:2f:94:a9:77:36:ca:58:ca:34:d9:08:
54:02:92:17:75:3a:b5:b5:be:80:45:00:89:c9:38:52:a5:19:
04:12:57:b6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKXhJYafWuxw/JTHClFBa1sS5u6owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGJmMmI0YzlhZDY0NWU0NTdlNmU1NzcwMjQwMDI2MmYyNjk4NzQxYWExYzg3
NTVjZWQ0OWUzOWFkMzllNmJjMWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO0QeOf1kd9MV01I8eWF/1XFm1lI/Bfyk5PIKwkn+8TUYbJe+Z2a0nLugyD+
B3qOontMuxHLZKubxZliW6QZoaAqSNYIAnkGIby9e9kTTyX9AGLGqWwHoVNdzunp
jxuRO0Sv4S7dX4aKHRKJgOed/FBayhF/N3CuUMqXSHXX54FVk2JBFW3zCo+F1zpj
gVQ8TTE+m2+albdNVJdRkJIrBxJUAtdx29PuuKAtalMGup+bczcMto13YjhX2MGj
JuGr8GKwBuyTg7WnfZkwPJh1vt7rCgytEq+AknGo9yt3fAcdrR1fdvfDZen+Jn8f
LiMHTvwISInFaE2CgABCnP6Nfs8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQCpKA3
+ibmEWwbZBgTdDQa6mm0RjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmZjNmEyNTMtZGM2MC00NjExLThiYzAtZjRiMTE4NTFjY2YxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN/MA0G
CSqGSIb3DQEBCwUAA4IBAQBizMVuDtIsnYv8B6m39tieX84Z0xoV2nBWJW3vf463
Ut4FcJ4eNDsW8+hoyRz+QhBU6l0qdbvEBEhc/+QrdpBZyNVxazSqQqykOzfo3SjV
6kOWsKVTq+v9gJDeyG1V4F3sHzlKPtgLMF/7HAgnCmtnDhYCPwsnEA71QkfkhRVY
4Upyu3tCXpsVSnjhW+WfKrFZ9WMMZK9Bb8Yl0t3OKOJoGcnX8ekaYqLpPdTHidY7
wSquawZnI3QqRRZ94L5pTaVOF41v2Mg+eOoQ7ALu/A8BJ2ytXAG/ZgHlYJ+jXxKC
L5SpdzbKWMo02QhUApIXdTq1tb6ARQCJyThSpRkEEle2
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:40:27 2024 by rpki-client on console-ams.rpki-client.org