Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4305fc8e-966f-4fac-88dd-b53410014e6b.roa
File: 4305fc8e-966f-4fac-88dd-b53410014e6b.roa (raw, json)
Hash identifier: jylUOHKyPdv8QejVUtnBDNOBixihhPhHZLOZTev/KVg=
Subject key identifier: FA:C9:4A:8E:02:83:5B:BB:B8:2F:97:A2:05:E4:85:6E:71:9B:C4:D5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 17F864F4F26EB6436B86E9E5ED427C2CF318FCE7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4305fc8e-966f-4fac-88dd-b53410014e6b.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.164.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:f8:64:f4:f2:6e:b6:43:6b:86:e9:e5:ed:42:7c:2c:f3:18:fc:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=40d6118a421500bad36adf4a63b41f873ebe57320823a041bd44873eaffbabb7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d0:c1:d2:c5:61:53:3c:49:de:34:7a:45:f7:
ec:4d:a3:aa:23:7a:e1:79:85:e9:ba:f0:17:97:f5:
2f:c8:ac:24:48:76:5c:26:06:5f:49:56:61:23:a7:
e3:2b:12:b8:8a:c4:1b:5a:e9:a9:a8:1e:71:9c:76:
c8:56:2b:c9:47:57:b2:c2:92:c2:ac:57:6b:65:23:
5d:82:d0:db:9b:c0:1f:25:8a:10:a4:8d:0c:9e:ae:
d5:8b:8a:bb:2c:cf:bd:61:21:d8:05:c1:8b:b4:b1:
02:f2:1d:03:69:0b:1b:e4:b1:58:35:cb:5d:ef:50:
69:82:7d:f9:90:9c:77:e8:fc:38:a9:e1:4c:21:db:
f3:a4:26:89:04:0a:30:15:7d:34:35:65:9c:ae:95:
d7:d1:57:c9:75:40:30:6c:a7:61:a9:22:3a:82:9d:
f0:35:93:48:43:a2:a7:da:00:25:57:2a:24:30:c5:
3c:8f:46:cc:ea:4e:f5:8c:5f:5d:fb:9e:d3:43:b4:
47:8d:43:da:d0:ce:f8:d5:8e:f8:55:98:24:7f:1b:
a6:52:07:9a:72:8c:1c:88:7c:f3:22:dd:49:09:e1:
0e:18:44:48:33:14:0d:2b:c9:82:7f:cd:72:41:3a:
2f:71:dd:e9:ef:98:02:ec:c0:05:03:96:9b:0a:83:
4d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:C9:4A:8E:02:83:5B:BB:B8:2F:97:A2:05:E4:85:6E:71:9B:C4:D5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4305fc8e-966f-4fac-88dd-b53410014e6b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.164.0.0/15
Signature Algorithm: sha256WithRSAEncryption
ba:52:1a:b9:2d:18:bc:b1:8c:01:7e:00:66:51:e6:83:f5:66:
9e:0b:21:3d:2b:ef:28:9c:48:b8:eb:dc:e9:f9:ce:2f:68:75:
da:48:44:2c:c1:96:29:1a:2a:0b:73:4f:9f:d8:c9:85:11:4f:
2f:06:8f:69:a0:82:16:89:73:44:10:ef:a4:cd:df:47:46:7a:
77:05:ab:ef:e2:6f:05:9f:ef:84:4c:e6:c6:ba:98:69:66:a4:
89:40:00:9d:47:1b:0d:70:07:57:39:b3:ee:7b:13:53:b8:b8:
55:36:04:98:4d:50:6c:df:40:e7:5e:f8:26:62:fc:cf:3d:1c:
6f:07:f1:df:9c:49:1b:1d:c4:e0:7c:43:cb:99:77:5a:57:f7:
42:2a:50:9b:37:b5:94:79:27:df:e7:df:fe:4f:a0:3b:29:08:
1f:ab:79:c0:bc:4a:93:cd:26:25:51:7b:39:cc:87:13:3e:c8:
b7:14:68:76:c2:53:87:f4:21:d7:ec:09:33:fd:a6:fd:ff:18:
50:f9:c4:3a:82:12:a4:bc:48:53:b1:a0:82:85:3f:39:36:ba:
2f:ce:ae:b4:38:9b:de:17:3f:08:50:18:11:8b:25:e7:3d:74:
9e:35:bb:bd:d3:31:63:d4:50:07:08:20:08:22:a6:c9:ca:e7:
b6:e7:95:f7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUF/hk9PJutkNrhunl7UJ8LPMY/OcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwZDYxMThhNDIxNTAwYmFkMzZhZGY0YTYzYjQxZjg3M2ViZTU3MzIwODIz
YTA0MWJkNDQ4NzNlYWZmYmFiYjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALHQwdLFYVM8Sd40ekX37E2jqiN64XmF6brwF5f1L8isJEh2XCYGX0lWYSOn
4ysSuIrEG1rpqagecZx2yFYryUdXssKSwqxXa2UjXYLQ25vAHyWKEKSNDJ6u1YuK
uyzPvWEh2AXBi7SxAvIdA2kLG+SxWDXLXe9QaYJ9+ZCcd+j8OKnhTCHb86QmiQQK
MBV9NDVlnK6V19FXyXVAMGynYakiOoKd8DWTSEOip9oAJVcqJDDFPI9GzOpO9Yxf
Xfue00O0R41D2tDO+NWO+FWYJH8bplIHmnKMHIh88yLdSQnhDhhESDMUDSvJgn/N
ckE6L3Hd6e+YAuzABQOWmwqDTe8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT6yUqO
AoNbu7gvl6IF5IVucZvE1TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDMwNWZjOGUtOTY2Zi00ZmFjLTg4ZGQtYjUzNDEwMDE0ZTZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOkMA0G
CSqGSIb3DQEBCwUAA4IBAQC6Uhq5LRi8sYwBfgBmUeaD9WaeCyE9K+8onEi469zp
+c4vaHXaSEQswZYpGioLc0+f2MmFEU8vBo9poIIWiXNEEO+kzd9HRnp3Bavv4m8F
n++ETObGuphpZqSJQACdRxsNcAdXObPuexNTuLhVNgSYTVBs30DnXvgmYvzPPRxv
B/HfnEkbHcTgfEPLmXdaV/dCKlCbN7WUeSff59/+T6A7KQgfq3nAvEqTzSYlUXs5
zIcTPsi3FGh2wlOH9CHX7Akz/ab9/xhQ+cQ6ghKkvEhTsaCChT85Nrovzq60OJve
Fz8IUBgRiyXnPXSeNbu90zFj1FAHCCAIIqbJyue255X3
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:29 2024 by rpki-client on console-fra.rpki-client.org