Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/397b5a86-52b0-4a8c-87de-e6da77812b46.roa
File: 397b5a86-52b0-4a8c-87de-e6da77812b46.roa (raw, json)
Hash identifier: OmeYb50xseVo20bb7Trs/LQt6W7qkcZ2JGm2bVud/uA=
Subject key identifier: 09:21:25:92:5D:63:A6:3B:F7:F0:D1:93:F4:80:63:31:64:64:34:0C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 21B3ECF8C2D5716281F4E988773E8B64546AFD2C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/397b5a86-52b0-4a8c-87de-e6da77812b46.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.248.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:b3:ec:f8:c2:d5:71:62:81:f4:e9:88:77:3e:8b:64:54:6a:fd:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=dbf75e409a270fbb02b42df5bef77d8b4a8fc7f6fe32bfc62d9840dc2722d3ff, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:48:66:5a:b1:d1:8f:ad:4e:4c:11:74:8f:0f:
ab:59:dd:46:2c:4f:c6:fc:30:bd:40:fb:2e:0b:90:
0e:86:54:5a:17:49:8f:e5:dc:53:03:50:f6:45:69:
71:7c:9e:10:ba:52:fc:58:0a:70:ee:20:40:f7:01:
e3:93:cc:55:b6:d3:a6:ed:c4:ce:3f:10:95:ba:32:
81:77:61:4e:17:55:fa:16:34:ce:48:9a:d9:d0:31:
79:f2:db:b9:ca:4c:f1:48:77:a3:a9:fd:00:1a:5d:
76:3f:bf:fc:f6:58:29:af:f0:87:30:88:b4:ca:97:
64:24:44:07:3e:17:d2:eb:16:b1:d4:38:f6:8c:d9:
52:75:8a:3d:b6:94:b8:08:5d:d8:03:bc:da:8d:14:
ba:bc:f1:4d:99:33:74:29:d1:cd:1d:f0:99:dc:80:
3c:e8:fc:17:70:26:39:70:c5:c0:a9:1e:8e:b3:65:
9c:92:50:23:ba:76:98:8e:87:f9:da:c7:cd:5e:c9:
66:43:1e:a2:45:a3:59:5d:b1:93:b6:22:e0:15:a8:
5b:ca:93:ed:29:ca:30:7c:77:af:21:11:5c:94:8a:
1b:ac:5d:ae:c6:2c:47:73:a0:25:36:d5:68:cb:27:
b9:65:77:a0:5f:35:f6:28:09:fc:bf:48:8a:ed:4a:
0d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:21:25:92:5D:63:A6:3B:F7:F0:D1:93:F4:80:63:31:64:64:34:0C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/397b5a86-52b0-4a8c-87de-e6da77812b46.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.248.0.0/15
Signature Algorithm: sha256WithRSAEncryption
73:6e:3e:94:cb:0d:fa:73:1b:19:06:3c:63:35:6f:89:c2:21:
bc:70:cb:30:23:b7:63:61:c7:81:d6:c0:05:17:fc:f7:34:1c:
9e:05:77:96:1a:99:94:40:2a:56:6b:81:9e:20:ac:72:ba:39:
4e:6f:b8:28:7a:78:07:28:0b:57:be:ce:7b:ec:bc:d3:40:8f:
02:59:73:fc:0a:12:4b:45:6d:3f:85:0a:04:ad:d9:f5:1d:80:
cd:08:4d:0e:d7:9a:2a:a2:41:a8:a1:a6:92:05:b6:8f:0a:19:
da:af:95:f0:2a:c2:7e:53:32:04:58:00:98:45:5e:3d:e2:6d:
26:07:f3:ab:6d:1f:f6:92:d0:4c:a6:10:18:bc:2d:8e:c7:f3:
db:49:20:7b:1a:36:c0:73:0e:b6:15:06:ca:3f:e2:f9:67:5a:
a3:d8:9d:70:67:a0:de:b7:99:4c:30:fa:db:a8:09:ea:9e:1d:
cb:ff:c5:a0:dc:d2:c1:4e:f0:ff:c0:85:e7:78:39:83:b1:3d:
a4:6b:f5:c3:ad:66:ff:44:88:df:4e:7b:6b:c9:c3:fb:2b:b0:
1b:0f:f0:45:d4:a4:f9:1e:f9:79:1f:ca:d9:28:7e:36:32:bc:
81:a4:61:b2:9a:21:69:b1:1b:13:59:de:b3:9d:e2:c3:25:e7:
09:f4:66:48
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIbPs+MLVcWKB9OmIdz6LZFRq/SwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiZjc1ZTQwOWEyNzBmYmIwMmI0MmRmNWJlZjc3ZDhiNGE4ZmM3ZjZmZTMy
YmZjNjJkOTg0MGRjMjcyMmQzZmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALRIZlqx0Y+tTkwRdI8Pq1ndRixPxvwwvUD7LguQDoZUWhdJj+XcUwNQ9kVp
cXyeELpS/FgKcO4gQPcB45PMVbbTpu3Ezj8QlboygXdhThdV+hY0zkia2dAxefLb
ucpM8Uh3o6n9ABpddj+//PZYKa/whzCItMqXZCREBz4X0usWsdQ49ozZUnWKPbaU
uAhd2AO82o0UurzxTZkzdCnRzR3wmdyAPOj8F3AmOXDFwKkejrNlnJJQI7p2mI6H
+drHzV7JZkMeokWjWV2xk7Yi4BWoW8qT7SnKMHx3ryERXJSKG6xdrsYsR3OgJTbV
aMsnuWV3oF819igJ/L9Iiu1KDe8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQJISWS
XWOmO/fw0ZP0gGMxZGQ0DDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mzk3YjVhODYtNTJiMC00YThjLTg3ZGUtZTZkYTc3ODEyYjQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATP4MA0G
CSqGSIb3DQEBCwUAA4IBAQBzbj6Uyw36cxsZBjxjNW+JwiG8cMswI7djYceB1sAF
F/z3NByeBXeWGpmUQCpWa4GeIKxyujlOb7goengHKAtXvs577LzTQI8CWXP8ChJL
RW0/hQoErdn1HYDNCE0O15oqokGooaaSBbaPChnar5XwKsJ+UzIEWACYRV494m0m
B/OrbR/2ktBMphAYvC2Ox/PbSSB7GjbAcw62FQbKP+L5Z1qj2J1wZ6Det5lMMPrb
qAnqnh3L/8Wg3NLBTvD/wIXneDmDsT2ka/XDrWb/RIjfTntrycP7K7AbD/BF1KT5
Hvl5H8rZKH42MryBpGGymiFpsRsTWd6zneLDJecJ9GZI
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:35:25 2024 by rpki-client on console-ams.rpki-client.org