Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/356dd5ec-7559-45e8-81d0-9e45590b5ae5.roa
File: 356dd5ec-7559-45e8-81d0-9e45590b5ae5.roa (raw, json)
Hash identifier: LZlM/5ysKZ/A8FO3KOYJ8dVkk+Wu6qA03v7ooO4rf5w=
Subject key identifier: F0:42:82:AE:45:FF:5B:44:56:8D:79:85:FA:6D:08:DE:E2:81:3F:2E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 543602EC932F726504F02B900F33FCFF0176A551
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/356dd5ec-7559-45e8-81d0-9e45590b5ae5.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.176.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Apr 2024 17:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:36:02:ec:93:2f:72:65:04:f0:2b:90:0f:33:fc:ff:01:76:a5:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=f8dc3f48423619245d7145abe4b07a89a09cf571bfc77f8e2cb3440fedf0fcaa, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:74:2d:15:a9:6d:c7:bf:0b:72:13:b3:ef:75:
40:7a:60:a4:55:10:fe:29:bf:6d:6a:7c:3a:3b:90:
4e:fa:74:cc:a7:ab:0f:bc:23:aa:ef:08:9f:20:03:
ea:b0:c9:9c:7a:af:0b:79:89:3e:a0:f7:49:27:00:
d9:5f:89:51:25:b3:b3:8d:1a:02:42:31:c2:19:9e:
7f:41:99:b0:84:5c:2f:4c:73:42:48:d5:dc:23:37:
5b:61:34:92:bb:9f:6d:b2:f3:3b:fb:c2:e0:15:e2:
97:a9:66:e4:66:76:89:c9:0e:92:62:75:f2:59:72:
1f:75:c2:39:3b:fe:e9:2a:ed:1a:d0:b5:1b:26:7b:
02:65:d4:d1:ee:1f:d1:23:da:25:94:e2:f8:e6:ca:
ca:7d:25:92:b9:cf:c1:32:7c:64:7b:f4:76:c0:f7:
65:16:de:f4:87:bc:82:c0:12:f6:86:50:67:d0:46:
3c:47:e5:a3:ad:0b:24:e6:7b:72:20:08:31:29:66:
ba:b5:96:14:1a:f4:1b:1a:ae:eb:99:f1:e1:e0:50:
e4:a3:4d:09:2d:54:74:b3:e8:83:a4:3e:d3:62:b6:
3f:7f:7d:49:e5:1b:83:c1:3e:f4:e8:69:dc:61:c2:
2b:a2:39:57:d6:d6:17:7b:84:3d:be:8b:7a:85:48:
79:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:42:82:AE:45:FF:5B:44:56:8D:79:85:FA:6D:08:DE:E2:81:3F:2E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/356dd5ec-7559-45e8-81d0-9e45590b5ae5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.176.0.0/15
Signature Algorithm: sha256WithRSAEncryption
32:09:7e:66:43:c5:e7:fc:4d:c2:b8:3f:68:11:22:1f:39:7c:
bf:38:d1:e6:2a:2a:20:38:54:11:a0:09:20:d0:1e:28:fe:76:
d2:d4:2c:2a:96:5c:0c:f4:db:ed:6b:b8:ee:bd:ab:c4:35:fe:
8d:dd:1d:fe:fd:6a:57:a8:3c:46:fb:bf:83:a4:5f:72:8a:79:
fb:48:03:68:d5:0a:a3:c4:a0:98:7d:e0:31:01:09:85:fb:ec:
13:b3:56:51:0e:7b:d9:6a:f3:1a:09:dc:30:b0:4f:f8:dd:b5:
be:48:24:27:d5:36:19:cf:fa:f7:68:60:ef:23:fb:da:a0:d6:
2b:3f:7f:4d:c1:65:31:6f:e1:bf:05:b1:60:b5:22:86:9f:7b:
32:20:64:54:88:2e:1c:a6:52:52:69:18:22:a4:19:0c:a3:73:
ab:5e:c6:50:1c:44:8f:ad:49:af:ac:80:f2:3c:f7:ac:01:fe:
95:ee:8a:49:cb:60:ae:84:07:74:3b:3a:19:6e:aa:fa:da:e2:
1e:2b:9c:39:f3:b9:0f:df:c0:c3:d5:3d:0d:83:09:ad:93:80:
58:cf:86:12:6a:43:e9:2f:f9:cc:36:32:2e:78:09:96:82:64:
d5:1a:07:37:4f:8d:37:f6:6c:d7:fd:48:72:5a:05:a2:47:39:
76:62:8c:f5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVDYC7JMvcmUE8CuQDzP8/wF2pVEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGY4ZGMzZjQ4NDIzNjE5MjQ1ZDcxNDVhYmU0YjA3YTg5YTA5Y2Y1NzFiZmM3
N2Y4ZTJjYjM0NDBmZWRmMGZjYWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJd0LRWpbce/C3ITs+91QHpgpFUQ/im/bWp8OjuQTvp0zKerD7wjqu8InyAD
6rDJnHqvC3mJPqD3SScA2V+JUSWzs40aAkIxwhmef0GZsIRcL0xzQkjV3CM3W2E0
krufbbLzO/vC4BXil6lm5GZ2ickOkmJ18llyH3XCOTv+6SrtGtC1GyZ7AmXU0e4f
0SPaJZTi+ObKyn0lkrnPwTJ8ZHv0dsD3ZRbe9Ie8gsAS9oZQZ9BGPEflo60LJOZ7
ciAIMSlmurWWFBr0Gxqu65nx4eBQ5KNNCS1UdLPog6Q+02K2P399SeUbg8E+9Ohp
3GHCK6I5V9bWF3uEPb6LeoVIeSUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTwQoKu
Rf9bRFaNeYX6bQje4oE/LjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MzU2ZGQ1ZWMtNzU1OS00NWU4LTgxZDAtOWU0NTU5MGI1YWU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOwMA0G
CSqGSIb3DQEBCwUAA4IBAQAyCX5mQ8Xn/E3CuD9oESIfOXy/ONHmKiogOFQRoAkg
0B4o/nbS1CwqllwM9Nvta7juvavENf6N3R3+/WpXqDxG+7+DpF9yinn7SANo1Qqj
xKCYfeAxAQmF++wTs1ZRDnvZavMaCdwwsE/43bW+SCQn1TYZz/r3aGDvI/vaoNYr
P39NwWUxb+G/BbFgtSKGn3syIGRUiC4cplJSaRgipBkMo3OrXsZQHESPrUmvrIDy
PPesAf6V7opJy2CuhAd0OzoZbqr62uIeK5w587kP38DD1T0Ngwmtk4BYz4YSakPp
L/nMNjIueAmWgmTVGgc3T4039mzX/UhyWgWiRzl2Yoz1
-----END CERTIFICATE-----
Generated at Wed Apr 17 01:27:23 2024 by rpki-client on console-ams.rpki-client.org