Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
File: 4911793e-4031-4d2f-be54-a38fc617b3c5.roa (raw, json)
Hash identifier: QYpYMtAKdSae5ZDA57nr9qg75qwfr5/CTA8pL+T/o88=
Subject key identifier: CC:DC:A5:14:56:5D:3A:E7:7A:E4:B3:5F:29:E6:0F:BA:A8:9C:EA:E5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3D1BEE1FAE500685230FA23F72618BDE53BAE969
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.114.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:1b:ee:1f:ae:50:06:85:23:0f:a2:3f:72:61:8b:de:53:ba:e9:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=2dc2e8c20f0397cbd4cf1b2815f02b3c93da43605409b3927e7b4c705f95b3e1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:79:b2:78:f0:33:72:7f:03:01:18:4f:e1:ea:
90:23:fc:d7:3b:bb:0c:dd:25:1d:67:da:b7:a2:71:
ff:13:58:69:5d:f1:b7:58:e0:95:7b:a8:bc:63:20:
9d:98:ef:40:af:e5:a3:e5:f0:2a:ae:bf:59:3f:b1:
41:bb:58:c2:e7:c3:62:74:eb:0f:09:01:05:91:46:
6c:1e:9f:8f:8c:e9:07:ec:98:f1:1b:8a:8b:27:1b:
45:db:b9:96:85:1b:26:16:7d:18:b6:43:c2:4d:d1:
f2:b2:e2:71:d5:82:1f:55:86:7f:73:77:73:8f:91:
2a:89:4c:8c:d5:3a:b7:24:ff:65:d7:26:e2:93:36:
d6:e5:d3:d6:1a:cf:bb:80:56:e7:bd:4c:f9:3f:73:
09:38:53:e7:fc:4e:08:99:d7:60:18:33:3b:0c:ad:
44:d5:b9:48:fc:4f:98:76:d0:50:62:7a:bd:1a:c0:
36:ed:37:7f:15:6d:cf:89:3f:3d:e3:4f:dd:96:b5:
96:67:31:4c:86:40:6e:62:3e:95:0d:1b:31:32:66:
3f:5d:09:8a:1d:1e:5d:fc:2f:cc:c9:fb:ad:cd:4b:
4c:2b:6b:14:ca:a8:62:6c:81:d6:d0:bc:02:87:ed:
a7:44:ad:6a:5b:f9:fa:49:44:29:bc:85:c3:6d:20:
83:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:DC:A5:14:56:5D:3A:E7:7A:E4:B3:5F:29:E6:0F:BA:A8:9C:EA:E5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.114.0.0/16
Signature Algorithm: sha256WithRSAEncryption
95:d0:29:01:8f:8f:a3:6a:18:7f:b9:54:66:72:b9:4c:bd:37:
fb:a1:85:0f:18:69:83:77:e3:f4:41:2f:5f:b0:2f:84:e2:02:
92:97:77:2e:89:ae:bc:5c:21:11:59:34:96:65:d1:f0:a3:d1:
62:bd:23:c4:56:03:f7:8a:4d:c0:9c:a2:3b:34:64:c0:5d:b9:
76:b6:d7:04:f1:2f:0a:13:5b:4d:8e:79:53:3f:c8:7e:1d:87:
4a:71:e5:71:ee:4f:07:6f:d5:69:1f:72:e6:c5:ee:75:33:1c:
49:95:21:9f:b1:a7:30:9b:76:e3:fc:83:d3:3b:7b:34:37:48:
94:db:78:6e:59:ac:df:cd:0c:e7:d0:48:dc:08:c5:48:70:84:
09:ac:df:2a:b8:4c:1d:1f:bc:ef:ea:98:07:dd:b1:22:01:e9:
6e:57:a9:18:3a:f0:90:1b:45:91:ea:8f:b4:b8:92:67:7f:e9:
9d:62:87:d1:e4:c2:d6:d3:2a:6e:77:5e:2e:61:96:5a:90:a1:
31:f6:4a:80:af:85:de:96:d2:5e:dd:b3:ad:ce:a7:2f:e1:90:
78:7b:01:2c:92:6e:e7:b2:4b:6c:e5:4d:a4:3f:2e:83:6c:bb:
4c:89:ce:ba:aa:0b:14:b3:cd:0a:59:db:84:e8:94:fe:c2:c5:
cf:65:7c:b7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPRvuH65QBoUjD6I/cmGL3lO66WkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkYzJlOGMyMGYwMzk3Y2JkNGNmMWIyODE1ZjAyYjNjOTNkYTQzNjA1NDA5
YjM5MjdlN2I0YzcwNWY5NWIzZTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALx5snjwM3J/AwEYT+HqkCP81zu7DN0lHWfat6Jx/xNYaV3xt1jglXuovGMg
nZjvQK/lo+XwKq6/WT+xQbtYwufDYnTrDwkBBZFGbB6fj4zpB+yY8RuKiycbRdu5
loUbJhZ9GLZDwk3R8rLicdWCH1WGf3N3c4+RKolMjNU6tyT/Zdcm4pM21uXT1hrP
u4BW571M+T9zCThT5/xOCJnXYBgzOwytRNW5SPxPmHbQUGJ6vRrANu03fxVtz4k/
PeNP3Za1lmcxTIZAbmI+lQ0bMTJmP10Jih0eXfwvzMn7rc1LTCtrFMqoYmyB1tC8
Aoftp0Stalv5+klEKbyFw20gg18CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTM3KUU
Vl0653rks18p5g+6qJzq5TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDkxMTc5M2UtNDAzMS00ZDJmLWJlNTQtYTM4ZmM2MTdiM2M1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNyMA0G
CSqGSIb3DQEBCwUAA4IBAQCV0CkBj4+jahh/uVRmcrlMvTf7oYUPGGmDd+P0QS9f
sC+E4gKSl3cuia68XCERWTSWZdHwo9FivSPEVgP3ik3AnKI7NGTAXbl2ttcE8S8K
E1tNjnlTP8h+HYdKceVx7k8Hb9VpH3Lmxe51MxxJlSGfsacwm3bj/IPTO3s0N0iU
23huWazfzQzn0EjcCMVIcIQJrN8quEwdH7zv6pgH3bEiAeluV6kYOvCQG0WR6o+0
uJJnf+mdYofR5MLW0ypud14uYZZakKEx9kqAr4XeltJe3bOtzqcv4ZB4ewEskm7n
skts5U2kPy6DbLtMic66qgsUs80KWduE6JT+wsXPZXy3
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:32:18 2024 by rpki-client on console-fra.rpki-client.org