Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46b220b9-837f-4174-97e6-c711958273ea.roa
File: 46b220b9-837f-4174-97e6-c711958273ea.roa (raw, json)
Hash identifier: I8g0OCh5Yt0Irv+gY1p0RtpFGyvIkQ93rc7OrKBtCcw=
Subject key identifier: 18:A0:F3:C5:D5:AE:95:BB:7A:42:30:7C:F6:8D:CD:22:35:31:11:BD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7D55CE822DFDABE0C1812E5EEAFFA79EC3D0C056
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46b220b9-837f-4174-97e6-c711958273ea.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.78.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Apr 2024 17:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:55:ce:82:2d:fd:ab:e0:c1:81:2e:5e:ea:ff:a7:9e:c3:d0:c0:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=c154ecd7c95f161cf41546cd79aa165ec26f056fb251eeb38d5129950e976492, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:59:c2:81:a5:55:c6:2f:2c:74:34:ee:8d:c3:
29:16:a3:1e:06:d7:e8:33:c1:7a:1f:b6:90:d2:60:
27:58:fe:81:a2:2e:55:be:be:34:82:89:b6:9d:da:
f0:88:c4:e7:24:38:68:9d:f9:92:36:a2:a0:46:fd:
b6:87:d5:32:fe:14:e1:9d:8c:cc:0e:d0:1a:2c:c3:
bf:67:31:c3:8a:91:2d:13:f5:d1:e8:32:81:8d:18:
e7:8b:40:59:61:21:fe:84:d3:d8:7d:55:32:c5:fc:
81:5b:0c:22:0d:7b:0c:96:e6:81:51:34:fe:2e:d8:
02:b4:37:0e:6a:ca:67:83:fd:45:5c:11:a2:99:5c:
43:5b:fd:54:18:33:f1:f7:bd:9d:49:e6:bc:52:a1:
6f:e9:0e:7f:8e:9c:ff:8e:04:cb:e9:16:95:13:d0:
4d:18:92:e5:88:5e:45:c5:a8:c4:71:46:59:0e:09:
15:41:b9:ff:75:8e:1e:34:18:bd:bf:75:0e:7b:3d:
90:f6:81:9c:42:9e:4b:33:22:5b:d0:4f:af:2e:03:
f8:c4:f9:67:ac:94:b9:9b:72:ec:de:f1:6d:29:8e:
ac:89:9c:05:1b:51:ab:f2:e0:4f:8f:79:dc:da:ab:
43:60:10:bc:33:4c:c3:6b:ab:5f:f3:7a:36:e4:47:
1f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:A0:F3:C5:D5:AE:95:BB:7A:42:30:7C:F6:8D:CD:22:35:31:11:BD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46b220b9-837f-4174-97e6-c711958273ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.78.0.0/16
Signature Algorithm: sha256WithRSAEncryption
73:83:d0:e9:7c:e8:38:0c:4a:1c:97:03:14:64:57:84:e1:f6:
15:7e:47:6a:08:cf:27:77:d6:b3:f8:94:c5:d2:80:a2:2a:f0:
df:1b:1b:b0:0f:0e:87:cd:a5:f3:24:ad:fd:37:ca:e5:98:ef:
59:45:65:48:14:45:d2:3e:5e:2a:f6:e3:0d:a4:bd:b0:81:5c:
63:fe:85:1c:a7:8e:d2:65:22:81:32:8b:6f:5f:9f:45:7f:77:
c5:00:0c:fc:01:d9:be:98:0f:09:cd:07:be:aa:99:ab:ee:5d:
59:0f:f0:39:ca:94:8a:bd:8e:bd:d6:49:d3:3f:95:32:9d:04:
76:4a:e1:1d:4a:4e:0d:8c:92:be:d1:31:db:69:3d:e9:dc:03:
99:b0:8f:3a:58:51:77:6d:b1:79:e2:32:83:42:09:f3:83:70:
1f:c3:37:f1:27:f8:9e:10:cf:69:39:dc:05:30:cd:df:c9:13:
73:37:a3:5c:2d:30:69:54:b2:eb:5f:f4:86:05:c7:a9:59:e4:
f0:af:ee:92:3d:d3:b4:f9:65:37:1c:b9:56:8e:6a:12:f5:97:
65:6a:ba:b2:40:68:e5:f1:06:30:47:ee:c1:75:9c:5f:d6:71:
4c:b5:e9:ee:d0:73:74:ea:8f:d5:95:5e:9f:35:e7:63:d9:d1:
a7:10:ac:5a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfVXOgi39q+DBgS5e6v+nnsPQwFYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGMxNTRlY2Q3Yzk1ZjE2MWNmNDE1NDZjZDc5YWExNjVlYzI2ZjA1NmZiMjUx
ZWViMzhkNTEyOTk1MGU5NzY0OTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJNZwoGlVcYvLHQ07o3DKRajHgbX6DPBeh+2kNJgJ1j+gaIuVb6+NIKJtp3a
8IjE5yQ4aJ35kjaioEb9tofVMv4U4Z2MzA7QGizDv2cxw4qRLRP10egygY0Y54tA
WWEh/oTT2H1VMsX8gVsMIg17DJbmgVE0/i7YArQ3DmrKZ4P9RVwRoplcQ1v9VBgz
8fe9nUnmvFKhb+kOf46c/44Ey+kWlRPQTRiS5YheRcWoxHFGWQ4JFUG5/3WOHjQY
vb91Dns9kPaBnEKeSzMiW9BPry4D+MT5Z6yUuZty7N7xbSmOrImcBRtRq/LgT495
3NqrQ2AQvDNMw2urX/N6NuRHHx8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQYoPPF
1a6Vu3pCMHz2jc0iNTERvTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDZiMjIwYjktODM3Zi00MTc0LTk3ZTYtYzcxMTk1ODI3M2VhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNOMA0G
CSqGSIb3DQEBCwUAA4IBAQBzg9DpfOg4DEoclwMUZFeE4fYVfkdqCM8nd9az+JTF
0oCiKvDfGxuwDw6HzaXzJK39N8rlmO9ZRWVIFEXSPl4q9uMNpL2wgVxj/oUcp47S
ZSKBMotvX59Ff3fFAAz8Adm+mA8JzQe+qpmr7l1ZD/A5ypSKvY691knTP5UynQR2
SuEdSk4NjJK+0THbaT3p3AOZsI86WFF3bbF54jKDQgnzg3AfwzfxJ/ieEM9pOdwF
MM3fyRNzN6NcLTBpVLLrX/SGBcepWeTwr+6SPdO0+WU3HLlWjmoS9ZdlarqyQGjl
8QYwR+7BdZxf1nFMtenu0HN06o/VlV6fNedj2dGnEKxa
-----END CERTIFICATE-----
Generated at Sat Apr 20 01:48:10 2024 by rpki-client on console-fra.rpki-client.org