Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4f5ffdac-d36c-4a69-b456-6de77be3057a.roa
File: 4f5ffdac-d36c-4a69-b456-6de77be3057a.roa (raw, json)
Hash identifier: TuSy7n3JinsunyiaqDEfjd018ukNZ+vwjDlSrcBqnvE=
Subject key identifier: 1A:FD:AC:BF:CE:AC:C6:47:85:7D:48:95:47:48:6D:0E:CB:05:75:CE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 68890A67969E14DC95EB28221C1F214C19E8CDA1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4f5ffdac-d36c-4a69-b456-6de77be3057a.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.228.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:89:0a:67:96:9e:14:dc:95:eb:28:22:1c:1f:21:4c:19:e8:cd:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=6f04b44c5f60f34cc741cf94a3bba93de20e28fab8039916479f1e674bd88694, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:94:4a:ba:6c:75:61:a2:01:79:d1:e7:3d:cb:
07:6a:8e:fd:e3:71:6b:d3:bc:cd:10:da:e4:80:ad:
fe:98:ef:11:01:c1:8a:c3:44:8f:1b:9d:8c:a2:43:
2d:66:b9:14:b8:9b:ea:d9:ee:8a:da:44:99:4f:82:
61:d6:32:f4:e8:40:41:b5:b2:9f:2d:66:06:46:a5:
e7:49:96:dd:a8:a9:9f:9f:7d:33:26:8f:cc:a1:3c:
b7:c0:7c:86:c1:a7:7e:85:5a:86:5a:e9:42:16:21:
76:69:c1:3a:11:7b:38:10:ed:2d:23:28:9f:58:b9:
49:fe:59:f9:d5:b5:a3:1b:f7:69:3b:e6:ea:15:fe:
23:76:38:ce:40:79:55:70:00:b8:b4:f6:1b:82:27:
44:e4:29:9f:19:c3:b5:ca:11:18:e8:aa:48:03:41:
df:07:f8:6c:02:17:4c:a1:1b:a5:bf:e7:3b:96:5f:
36:fa:01:27:7b:97:de:2e:e2:15:60:f3:b1:08:6c:
9c:be:08:c9:fd:bf:3a:a3:dd:51:fe:1a:0a:cc:09:
28:28:b7:99:f3:d0:cd:0e:bd:fd:db:5f:cc:e9:37:
e6:30:8a:3c:0f:f2:51:bc:a1:b4:92:40:63:e8:e7:
de:42:53:45:ee:e6:14:eb:c1:80:c0:65:d0:e4:39:
f3:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:FD:AC:BF:CE:AC:C6:47:85:7D:48:95:47:48:6D:0E:CB:05:75:CE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4f5ffdac-d36c-4a69-b456-6de77be3057a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.228.0.0/15
Signature Algorithm: sha256WithRSAEncryption
11:72:04:ae:f6:f1:41:99:5c:57:61:47:3a:49:b9:cd:19:17:
2d:e5:1c:58:2d:ce:35:69:9b:e7:58:82:d4:b0:dc:f7:42:84:
0b:6d:16:f3:e5:4f:66:44:9a:b0:18:19:69:45:f8:21:37:22:
02:e0:a4:2c:62:9d:f2:31:af:e7:7c:0f:58:b4:a9:8b:1f:a6:
49:4d:47:76:32:24:f8:7b:d0:88:1c:3f:e0:30:4a:8c:ce:ed:
5d:65:25:ce:fa:ed:32:3e:82:8c:bf:13:31:04:0e:67:4e:f1:
35:9b:c1:a5:33:b7:70:df:1a:0a:44:35:35:11:06:25:e4:9f:
07:9d:ef:35:df:29:65:8f:04:25:10:f8:2c:18:73:60:46:ff:
49:4b:02:3e:0a:d7:d1:18:8c:41:9f:8e:f7:04:76:56:fb:01:
26:0f:9e:ee:17:9f:8c:64:89:b3:01:7a:19:13:5f:6e:cf:7e:
c1:d6:58:e0:9f:3e:8d:b4:c3:1b:63:30:e5:ce:9a:28:8c:20:
d8:78:85:d9:c0:04:11:06:e0:a3:d1:bb:a4:23:ab:ee:ad:9d:
d6:aa:1f:61:c6:66:fd:57:0c:91:7e:5d:54:70:40:10:3b:74:
cd:eb:9e:66:6f:bd:08:d5:61:23:30:1c:6a:aa:07:a3:0e:71:
92:c4:3b:04
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUaIkKZ5aeFNyV6ygiHB8hTBnozaEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDZmMDRiNDRjNWY2MGYzNGNjNzQxY2Y5NGEzYmJhOTNkZTIwZTI4ZmFiODAz
OTkxNjQ3OWYxZTY3NGJkODg2OTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+USrpsdWGiAXnR5z3LB2qO/eNxa9O8zRDa5ICt/pjvEQHBisNEjxudjKJD
LWa5FLib6tnuitpEmU+CYdYy9OhAQbWyny1mBkal50mW3aipn599MyaPzKE8t8B8
hsGnfoVahlrpQhYhdmnBOhF7OBDtLSMon1i5Sf5Z+dW1oxv3aTvm6hX+I3Y4zkB5
VXAAuLT2G4InROQpnxnDtcoRGOiqSANB3wf4bAIXTKEbpb/nO5ZfNvoBJ3uX3i7i
FWDzsQhsnL4Iyf2/OqPdUf4aCswJKCi3mfPQzQ69/dtfzOk35jCKPA/yUbyhtJJA
Y+jn3kJTRe7mFOvBgMBl0OQ58w0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQa/ay/
zqzGR4V9SJVHSG0OywV1zjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGY1ZmZkYWMtZDM2Yy00YTY5LWI0NTYtNmRlNzdiZTMwNTdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPkMA0G
CSqGSIb3DQEBCwUAA4IBAQARcgSu9vFBmVxXYUc6SbnNGRct5RxYLc41aZvnWILU
sNz3QoQLbRbz5U9mRJqwGBlpRfghNyIC4KQsYp3yMa/nfA9YtKmLH6ZJTUd2MiT4
e9CIHD/gMEqMzu1dZSXO+u0yPoKMvxMxBA5nTvE1m8GlM7dw3xoKRDU1EQYl5J8H
ne813ylljwQlEPgsGHNgRv9JSwI+CtfRGIxBn473BHZW+wEmD57uF5+MZImzAXoZ
E19uz37B1ljgnz6NtMMbYzDlzpoojCDYeIXZwAQRBuCj0bukI6vurZ3Wqh9hxmb9
VwyRfl1UcEAQO3TN655mb70I1WEjMBxqqgejDnGSxDsE
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:29 2024 by rpki-client on console-fra.rpki-client.org