Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4c110694-386d-49d5-9883-bd1723f43820.roa
File: 4c110694-386d-49d5-9883-bd1723f43820.roa (raw, json)
Hash identifier: V2XRjUUD0ASUUe8JbsEdnphP69oWRCET77jApf9CmTk=
Subject key identifier: 97:7B:F9:B8:EE:87:7C:B1:9B:84:FF:DF:AB:46:3B:A5:36:17:40:5D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7088388EFE134C1148E7AB18D25C424A2D2EC5D7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4c110694-386d-49d5-9883-bd1723f43820.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.212.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:88:38:8e:fe:13:4c:11:48:e7:ab:18:d2:5c:42:4a:2d:2e:c5:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=11919e9206fa145798a519d6d73ebb61a06b20399b17af2b0964e9de035e4b56, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:2a:9c:39:25:96:cd:11:3a:74:19:e4:dc:51:
d4:3f:d9:84:3a:31:1a:c6:28:35:e3:9c:24:20:4b:
87:60:f7:50:fe:d1:78:95:8e:50:e1:62:2c:92:01:
33:7d:b6:ab:a2:81:0c:1d:18:34:4f:42:6d:96:15:
01:58:fd:38:0b:a6:0d:e5:17:73:3c:27:ad:21:21:
78:e4:a2:1f:a9:f6:65:6b:3a:ab:62:ed:ff:22:2d:
dd:b5:7a:d5:f0:10:1b:0c:6d:14:3f:35:45:74:42:
87:50:51:d1:a6:c1:16:f3:56:70:fa:e6:66:79:c7:
3e:79:a4:96:05:ea:ed:93:d1:22:e1:0c:6d:37:9c:
d4:67:58:bb:35:97:00:ca:a4:0b:ce:f5:5d:d7:91:
b1:a5:97:b1:51:d9:0f:76:a6:2d:b4:66:8c:43:d1:
2b:a7:fd:aa:ce:6f:b1:07:37:a2:bb:43:cb:ac:e1:
5e:6c:56:a4:d1:6a:d6:d2:83:6c:5d:77:02:b7:f3:
36:fc:ed:86:89:c1:e7:b4:c4:af:a6:2e:68:d5:a8:
4c:8b:c0:f1:30:35:a3:98:03:18:e2:34:7a:73:87:
cc:d3:26:84:1a:28:99:f9:43:7a:50:73:69:8f:d2:
33:8c:a8:d7:82:1a:c3:9b:71:64:0b:24:3a:d3:89:
93:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:7B:F9:B8:EE:87:7C:B1:9B:84:FF:DF:AB:46:3B:A5:36:17:40:5D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4c110694-386d-49d5-9883-bd1723f43820.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.212.0.0/15
Signature Algorithm: sha256WithRSAEncryption
96:c8:be:ba:66:61:a0:57:75:13:17:49:d4:fc:d9:d0:51:3f:
fa:a0:c0:ce:84:4f:b8:fb:c1:4b:88:5a:1a:10:61:49:2d:25:
03:3b:ca:a5:db:55:37:ae:08:38:fe:bf:03:8e:82:0e:14:b5:
20:c1:85:31:3b:23:62:db:ab:60:30:19:31:7c:8d:f6:b6:da:
e7:3b:dc:49:24:2e:76:8c:de:95:22:d6:3b:f6:fc:e7:a0:ac:
51:1b:59:fe:6f:b5:e8:76:6d:e1:51:8e:1b:ee:8f:96:c8:e0:
f3:00:14:18:84:6f:4e:53:0e:09:af:e0:02:bf:4b:bf:62:ec:
47:09:3e:78:95:83:b2:e9:f3:77:3e:81:8c:52:49:7f:0c:66:
bd:eb:df:e6:d2:a7:6a:4d:8e:e0:f7:67:84:d7:15:5f:e1:3c:
de:ec:12:4c:a2:78:6e:09:5c:f8:cc:96:31:fc:0b:70:d2:f3:
e5:4b:a8:ad:95:cd:7c:02:af:06:ec:57:da:8d:26:1e:a3:ae:
be:00:8c:b1:f1:d5:6f:11:e0:cb:f2:2d:50:f7:0e:45:8c:32:
1f:df:6f:1c:c8:8e:dd:93:2e:67:93:d8:f3:29:81:a7:20:74:
3a:89:21:c6:72:e6:dd:4d:c1:1e:c6:e9:a7:7d:cb:78:a9:eb:
36:4f:6a:1a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcIg4jv4TTBFI56sY0lxCSi0uxdcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDExOTE5ZTkyMDZmYTE0NTc5OGE1MTlkNmQ3M2ViYjYxYTA2YjIwMzk5YjE3
YWYyYjA5NjRlOWRlMDM1ZTRiNTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIIqnDklls0ROnQZ5NxR1D/ZhDoxGsYoNeOcJCBLh2D3UP7ReJWOUOFiLJIB
M322q6KBDB0YNE9CbZYVAVj9OAumDeUXczwnrSEheOSiH6n2ZWs6q2Lt/yIt3bV6
1fAQGwxtFD81RXRCh1BR0abBFvNWcPrmZnnHPnmklgXq7ZPRIuEMbTec1GdYuzWX
AMqkC871XdeRsaWXsVHZD3amLbRmjEPRK6f9qs5vsQc3ortDy6zhXmxWpNFq1tKD
bF13ArfzNvzthonB57TEr6YuaNWoTIvA8TA1o5gDGOI0enOHzNMmhBoomflDelBz
aY/SM4yo14Iaw5txZAskOtOJk/cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSXe/m4
7od8sZuE/9+rRjulNhdAXTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGMxMTA2OTQtMzg2ZC00OWQ1LTk4ODMtYmQxNzIzZjQzODIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPUMA0G
CSqGSIb3DQEBCwUAA4IBAQCWyL66ZmGgV3UTF0nU/NnQUT/6oMDOhE+4+8FLiFoa
EGFJLSUDO8ql21U3rgg4/r8DjoIOFLUgwYUxOyNi26tgMBkxfI32ttrnO9xJJC52
jN6VItY79vznoKxRG1n+b7Xodm3hUY4b7o+WyODzABQYhG9OUw4Jr+ACv0u/YuxH
CT54lYOy6fN3PoGMUkl/DGa969/m0qdqTY7g92eE1xVf4Tze7BJMonhuCVz4zJYx
/Atw0vPlS6itlc18Aq8G7FfajSYeo66+AIyx8dVvEeDL8i1Q9w5FjDIf328cyI7d
ky5nk9jzKYGnIHQ6iSHGcubdTcEexumnfct4qes2T2oa
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:40:27 2024 by rpki-client on console-ams.rpki-client.org