Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4ed45413-5d05-4a62-b756-1f16aacf1cb3.roa
File: 4ed45413-5d05-4a62-b756-1f16aacf1cb3.roa (raw, json)
Hash identifier: StSYWIZ8PjAO3km1/W778Cx1PjWaQXdf6bbPlzL7m7Y=
Subject key identifier: 07:9F:DE:E0:AE:1F:E4:41:06:39:FD:A8:BF:0F:07:EA:FE:70:42:2E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 54B312496659E0CC88558B6480A0367F8161027F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4ed45413-5d05-4a62-b756-1f16aacf1cb3.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.48.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:b3:12:49:66:59:e0:cc:88:55:8b:64:80:a0:36:7f:81:61:02:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=d054f880344bb269da2f544e1b017f0aabbcbc71a7421e7b56c74f3f3bf4944d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:9a:aa:10:12:8e:3d:ff:37:0d:f0:1a:c7:76:
0a:59:75:a4:47:72:13:bc:91:7d:3e:92:91:ed:f6:
69:85:aa:99:40:62:b6:8d:2e:41:28:49:6c:9e:10:
11:a9:bc:4d:2e:37:81:5e:1d:27:98:dc:3a:88:5a:
d3:af:0b:b6:ca:a0:d7:3c:b0:9f:0d:4d:ea:a3:06:
38:e3:98:bd:2d:76:59:cf:21:cd:50:0b:c9:e4:06:
3c:70:45:2b:52:83:32:fe:80:38:86:eb:dd:cb:53:
bc:98:a6:f2:f0:2e:01:1a:9d:ec:d2:68:4a:27:8f:
64:5f:5c:ba:56:b8:a7:63:19:9e:ad:ec:e8:65:53:
ae:63:f8:3e:4b:e6:18:a9:39:e1:6b:23:f0:54:13:
18:ba:ff:75:ec:fc:8a:15:f8:66:e8:1e:42:19:7e:
47:ff:3c:c2:01:e9:9b:17:03:26:ba:6a:84:94:44:
19:5b:71:02:0a:74:f5:28:6b:9e:e5:ba:48:77:8a:
7c:bf:c6:b7:c7:54:da:e9:88:6d:0e:0c:98:e2:06:
13:f3:a4:82:7f:3d:fa:5f:71:4d:9c:98:4a:1a:1f:
7e:f2:01:15:50:d0:38:ef:a3:ce:c4:37:35:3a:bc:
d2:47:89:b6:67:b2:61:7a:51:de:cb:9b:d0:22:70:
a6:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:9F:DE:E0:AE:1F:E4:41:06:39:FD:A8:BF:0F:07:EA:FE:70:42:2E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4ed45413-5d05-4a62-b756-1f16aacf1cb3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.48.0.0/15
Signature Algorithm: sha256WithRSAEncryption
cb:dd:da:b7:d9:8e:3e:cc:94:f4:78:8d:c6:8e:de:6b:7c:16:
da:a0:66:ab:40:a0:c8:62:9e:5e:18:34:ae:05:be:a5:cd:86:
d8:32:5b:bd:8b:bf:34:fc:19:da:5b:bd:a4:32:ac:79:d0:f8:
b8:09:3c:90:a8:85:5d:8e:b6:b1:f7:65:4d:7b:d1:21:50:51:
98:56:e3:0d:2e:ff:61:12:0a:f3:c4:e0:e3:36:06:5d:4c:9c:
f5:fb:2d:51:29:bb:d0:81:de:26:a4:a3:05:cf:92:48:5e:23:
5b:8e:88:df:2a:06:e6:f9:25:6a:51:d1:2b:9a:65:13:fc:97:
57:a0:2c:5c:4f:ca:27:7a:02:26:9c:ec:64:95:9d:13:58:0f:
30:c2:2a:28:d6:cf:38:00:bc:f9:61:0e:e6:8a:bf:ae:58:f3:
30:51:d1:08:ea:a3:bd:57:c5:d1:18:e4:ca:a3:df:40:0f:db:
8e:25:cf:10:52:fc:5a:42:67:81:ab:69:65:53:72:6b:d6:4a:
41:99:ce:1c:7e:7c:c9:d0:c5:d7:c8:62:1b:95:5a:3e:db:76:
c0:8a:49:f7:fc:02:d5:23:bf:b3:2b:e9:63:0c:66:9c:00:6f:
14:b5:e7:36:6c:3c:88:f2:cb:ea:d5:5b:66:5d:00:83:df:04:
81:ea:57:f4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVLMSSWZZ4MyIVYtkgKA2f4FhAn8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjIwMDAwMDBaFw0yNDA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGQwNTRmODgwMzQ0YmIyNjlkYTJmNTQ0ZTFiMDE3ZjBhYWJiY2JjNzFhNzQy
MWU3YjU2Yzc0ZjNmM2JmNDk0NGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANqaqhASjj3/Nw3wGsd2Cll1pEdyE7yRfT6Ske32aYWqmUBito0uQShJbJ4Q
Eam8TS43gV4dJ5jcOoha068Ltsqg1zywnw1N6qMGOOOYvS12Wc8hzVALyeQGPHBF
K1KDMv6AOIbr3ctTvJim8vAuARqd7NJoSiePZF9cula4p2MZnq3s6GVTrmP4Pkvm
GKk54Wsj8FQTGLr/dez8ihX4ZugeQhl+R/88wgHpmxcDJrpqhJREGVtxAgp09Shr
nuW6SHeKfL/Gt8dU2umIbQ4MmOIGE/Okgn89+l9xTZyYShoffvIBFVDQOO+jzsQ3
NTq80keJtmeyYXpR3sub0CJwpnsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQHn97g
rh/kQQY5/ai/Dwfq/nBCLjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGVkNDU0MTMtNWQwNS00YTYyLWI3NTYtMWYxNmFhY2YxY2IzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMwMA0G
CSqGSIb3DQEBCwUAA4IBAQDL3dq32Y4+zJT0eI3Gjt5rfBbaoGarQKDIYp5eGDSu
Bb6lzYbYMlu9i780/BnaW72kMqx50Pi4CTyQqIVdjrax92VNe9EhUFGYVuMNLv9h
EgrzxODjNgZdTJz1+y1RKbvQgd4mpKMFz5JIXiNbjojfKgbm+SVqUdErmmUT/JdX
oCxcT8onegImnOxklZ0TWA8wwioo1s84ALz5YQ7mir+uWPMwUdEI6qO9V8XRGOTK
o99AD9uOJc8QUvxaQmeBq2llU3Jr1kpBmc4cfnzJ0MXXyGIblVo+23bAikn3/ALV
I7+zK+ljDGacAG8Utec2bDyI8svq1VtmXQCD3wSB6lf0
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:35:25 2024 by rpki-client on console-ams.rpki-client.org