Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa
File: 49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa (raw, json)
Hash identifier: iPRmMbPHEYo+J/8qU0wWbVGzhUyrd88xQxhaOvOeG2A=
Subject key identifier: 83:D1:84:17:29:4A:0B:5E:EB:FF:5F:6D:A9:BA:E8:9C:43:33:DF:7F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 25692DDA72D1D08CC5DC3458E3408AE8BBAD6CF8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.192.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:69:2d:da:72:d1:d0:8c:c5:dc:34:58:e3:40:8a:e8:bb:ad:6c:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=91231ed12e94b24fec7008817d679c41a8af9c80d57af00a1e47eab2300a459e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b9:aa:d9:54:78:60:6c:a6:36:b9:7a:a6:50:
8f:a9:eb:ba:8e:a4:6e:a3:60:36:2e:fe:69:03:9d:
1c:f9:66:44:0f:20:3f:9e:0d:b8:d9:89:d5:78:08:
86:e7:a4:d4:35:f3:6b:18:df:6b:e4:60:95:aa:ef:
d5:74:6c:94:a2:bb:35:42:36:60:04:9d:d8:4e:76:
0b:2c:53:20:37:f2:20:42:80:ec:b7:29:f8:a3:ab:
75:4e:d8:4c:30:c5:40:88:4b:c5:1c:be:dd:3f:18:
46:c7:84:de:a3:8f:c5:fc:c1:58:aa:08:5b:02:29:
d5:fe:36:35:73:79:bb:34:e2:2f:48:cb:3e:44:eb:
fd:8d:b2:a3:7c:08:e2:fa:8a:02:cd:31:42:0c:39:
6f:ac:48:44:9a:97:60:e3:fc:c3:73:51:21:1f:44:
b9:05:0a:21:86:c6:aa:79:fc:24:29:67:2a:36:4e:
ce:19:35:6f:05:ea:a5:fc:83:a9:fa:c6:04:57:62:
c5:f2:59:7d:05:bf:5c:d8:b9:fb:f8:90:6b:ac:a8:
da:bc:79:25:ec:51:85:98:62:5f:8b:5e:d1:69:c2:
8e:d7:f3:af:2d:35:aa:ea:07:fb:36:36:3c:9e:c3:
84:a0:97:c8:75:4c:db:26:6f:89:d3:dd:fa:7d:7f:
bd:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:D1:84:17:29:4A:0B:5E:EB:FF:5F:6D:A9:BA:E8:9C:43:33:DF:7F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.192.0.0/15
Signature Algorithm: sha256WithRSAEncryption
28:80:b5:35:d6:fe:50:a3:d2:61:0d:7b:f8:ee:e0:3f:61:9c:
1f:c9:7f:5d:03:79:c8:d7:66:12:21:0b:0e:b9:d1:75:9a:53:
08:9d:d6:a8:df:9f:e3:ba:a7:ad:b4:8c:30:e2:91:3b:5f:76:
1d:ea:26:ba:f2:9e:c1:46:45:e8:5e:03:ac:df:74:19:52:bd:
90:3e:a3:7f:7d:5a:62:9a:2b:54:28:ca:3f:f3:c0:6c:8e:73:
68:97:88:5d:92:3d:2a:11:d3:f7:a4:d2:ed:3a:bd:c7:d9:a6:
ec:58:ba:b2:68:84:27:91:5c:ba:e2:5a:d6:4f:fa:02:a5:93:
d7:fd:6e:77:24:9a:05:42:b7:cf:47:c3:6d:cd:d4:ab:ff:83:
5f:44:73:77:0e:4c:7a:33:52:d6:c0:9d:65:a4:01:7d:8d:3d:
6c:d6:91:a2:66:73:83:7c:cf:4f:8e:0d:3c:7a:1d:f8:94:ad:
72:8a:5d:7c:c8:95:cd:f2:35:35:4a:eb:99:8a:4b:2a:aa:82:
67:16:e1:a4:e6:8a:63:93:75:48:e3:6c:d5:77:ef:d1:a3:ef:
2d:16:c7:85:1d:33:ee:98:f8:37:a3:22:c4:52:c4:e2:cd:8e:
75:72:00:63:5f:8d:90:d1:76:ac:a0:1d:f9:63:a7:67:04:aa:
92:cb:1f:ee
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJWkt2nLR0IzF3DRY40CK6LutbPgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDkxMjMxZWQxMmU5NGIyNGZlYzcwMDg4MTdkNjc5YzQxYThhZjljODBkNTdh
ZjAwYTFlNDdlYWIyMzAwYTQ1OWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKu5qtlUeGBspja5eqZQj6nruo6kbqNgNi7+aQOdHPlmRA8gP54NuNmJ1XgI
huek1DXzaxjfa+Rglarv1XRslKK7NUI2YASd2E52CyxTIDfyIEKA7Lcp+KOrdU7Y
TDDFQIhLxRy+3T8YRseE3qOPxfzBWKoIWwIp1f42NXN5uzTiL0jLPkTr/Y2yo3wI
4vqKAs0xQgw5b6xIRJqXYOP8w3NRIR9EuQUKIYbGqnn8JClnKjZOzhk1bwXqpfyD
qfrGBFdixfJZfQW/XNi5+/iQa6yo2rx5JexRhZhiX4te0WnCjtfzry01quoH+zY2
PJ7DhKCXyHVM2yZvidPd+n1/vcUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSD0YQX
KUoLXuv/X22puuicQzPffzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDliMmI1ZDUtNDZhNy00MmEzLTk5MDAtYmNiN2UzZWRmZmRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPAMA0G
CSqGSIb3DQEBCwUAA4IBAQAogLU11v5Qo9JhDXv47uA/YZwfyX9dA3nI12YSIQsO
udF1mlMIndao35/juqettIww4pE7X3Yd6ia68p7BRkXoXgOs33QZUr2QPqN/fVpi
mitUKMo/88BsjnNol4hdkj0qEdP3pNLtOr3H2absWLqyaIQnkVy64lrWT/oCpZPX
/W53JJoFQrfPR8NtzdSr/4NfRHN3Dkx6M1LWwJ1lpAF9jT1s1pGiZnODfM9Pjg08
eh34lK1yil18yJXN8jU1SuuZiksqqoJnFuGk5opjk3VI42zVd+/Ro+8tFseFHTPu
mPg3oyLEUsTizY51cgBjX42Q0XasoB35Y6dnBKqSyx/u
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:35:25 2024 by rpki-client on console-ams.rpki-client.org