Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/501dbaae-8f4c-4119-bba2-497c304add44.roa
File: 501dbaae-8f4c-4119-bba2-497c304add44.roa (raw, json)
Hash identifier: xAEE3P6+nLnL8zoQnOp1niNiJJ6dG2yM32Np3n3Sq+g=
Subject key identifier: C8:66:C1:E5:1C:B3:72:64:58:03:97:4F:9F:98:07:F6:2F:57:90:26
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 23926CA7511E76419BDD0BF30E1176D6ECA34496
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/501dbaae-8f4c-4119-bba2-497c304add44.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.0.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Apr 2024 19:21:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:92:6c:a7:51:1e:76:41:9b:dd:0b:f3:0e:11:76:d6:ec:a3:44:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=dd3dfa3c87afab0d5d5926366f71590dac8456c063744c03278d3ccd1db74958, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:97:0d:bb:d1:bb:55:81:01:17:9d:92:2a:ee:
29:7d:1f:8b:06:f9:51:bc:f2:0c:6b:a3:33:5b:f5:
f6:76:34:fc:77:7c:a1:14:3d:c4:ff:b5:88:59:f3:
f9:21:21:13:fc:1f:66:f8:1c:cb:e2:96:9f:ac:2a:
84:80:d3:55:a8:72:2b:2f:43:ed:48:b9:d8:01:c1:
25:ea:f6:2c:1b:96:80:c1:bc:93:0e:f9:ff:16:c2:
71:10:ba:5e:09:4e:50:2f:cb:25:f5:0a:57:d1:b5:
a5:3c:19:e3:d0:03:d0:de:f5:d9:2b:4d:6b:c6:6e:
73:75:02:ee:77:45:d6:4d:55:bf:d7:04:da:5e:07:
27:b6:6f:9a:5d:3b:ca:d2:42:40:dd:eb:2c:6e:89:
51:ef:48:06:6e:42:f6:5a:c5:0c:3e:ad:eb:0a:a6:
f7:1a:a9:78:fa:64:0c:f9:05:9d:45:5c:f0:11:79:
01:11:aa:9b:ed:15:5b:2e:8b:97:22:e6:13:d6:5d:
7e:22:cf:69:4c:00:d8:a6:1d:fa:2a:db:f3:9a:30:
8a:46:1b:00:dc:8d:0b:ce:9d:14:4e:d9:98:7f:47:
25:d8:32:16:a6:72:8b:90:ec:f7:20:9d:c4:03:9a:
d9:c0:3c:0b:ed:4f:f6:d4:7a:8a:fb:50:36:47:66:
c0:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:66:C1:E5:1C:B3:72:64:58:03:97:4F:9F:98:07:F6:2F:57:90:26
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/501dbaae-8f4c-4119-bba2-497c304add44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.128.0/17
Signature Algorithm: sha256WithRSAEncryption
a1:25:11:f5:5f:86:52:3b:04:40:d0:69:6a:8e:1f:fb:30:b1:
e7:77:d9:ae:c2:b8:de:7d:1a:95:7b:29:50:9c:e5:6c:26:b7:
e8:95:35:66:81:ef:e9:34:cc:52:2d:74:3c:0e:a8:f1:a5:4b:
41:fe:19:42:dc:25:1c:55:7f:73:a3:c7:bb:13:2f:45:67:16:
88:c1:b9:40:39:e0:1a:88:b6:d0:87:69:6a:6d:37:04:91:ca:
d1:d8:e6:74:83:6f:52:7d:88:cc:28:d4:13:8c:5c:3b:c5:ea:
1a:a7:e2:7d:51:d5:d4:6e:0c:6f:91:c7:34:77:bf:0d:cf:78:
cb:9d:d7:7f:cf:54:1f:e0:ae:3b:7b:65:fa:22:bc:67:9d:3e:
6a:2c:68:59:45:6e:82:44:24:5e:90:50:f5:b5:37:1e:7d:a6:
7c:1c:00:98:5b:33:39:64:b5:21:49:12:6d:7f:86:6b:49:aa:
e6:e4:d9:97:0f:ab:10:98:0d:ed:82:08:2c:91:1c:99:34:bd:
30:46:95:94:ae:0d:bd:65:af:84:6b:99:56:bc:02:fa:0c:e4:
2e:0c:57:83:c7:d2:4e:f2:45:7e:24:63:0c:63:e4:42:d0:a7:
d5:2c:13:ea:f7:18:9c:e7:c3:f2:12:6a:4d:d8:20:40:b7:ef:
85:84:59:b5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUI5Jsp1EedkGb3QvzDhF21uyjRJYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkM2RmYTNjODdhZmFiMGQ1ZDU5MjYzNjZmNzE1OTBkYWM4NDU2YzA2Mzc0
NGMwMzI3OGQzY2NkMWRiNzQ5NTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIyXDbvRu1WBARedkiruKX0fiwb5UbzyDGujM1v19nY0/Hd8oRQ9xP+1iFnz
+SEhE/wfZvgcy+KWn6wqhIDTVahyKy9D7Ui52AHBJer2LBuWgMG8kw75/xbCcRC6
XglOUC/LJfUKV9G1pTwZ49AD0N712StNa8Zuc3UC7ndF1k1Vv9cE2l4HJ7Zvml07
ytJCQN3rLG6JUe9IBm5C9lrFDD6t6wqm9xqpePpkDPkFnUVc8BF5ARGqm+0VWy6L
lyLmE9ZdfiLPaUwA2KYd+irb85owikYbANyNC86dFE7ZmH9HJdgyFqZyi5Ds9yCd
xAOa2cA8C+1P9tR6ivtQNkdmwOcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTIZsHl
HLNyZFgDl0+fmAf2L1eQJjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTAxZGJhYWUtOGY0Yy00MTE5LWJiYTItNDk3YzMwNGFkZDQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBzMAgDAN
BgkqhkiG9w0BAQsFAAOCAQEAoSUR9V+GUjsEQNBpao4f+zCx53fZrsK43n0alXsp
UJzlbCa36JU1ZoHv6TTMUi10PA6o8aVLQf4ZQtwlHFV/c6PHuxMvRWcWiMG5QDng
Goi20Idpam03BJHK0djmdINvUn2IzCjUE4xcO8XqGqfifVHV1G4Mb5HHNHe/Dc94
y53Xf89UH+CuO3tl+iK8Z50+aixoWUVugkQkXpBQ9bU3Hn2mfBwAmFszOWS1IUkS
bX+Ga0mq5uTZlw+rEJgN7YIILJEcmTS9MEaVlK4NvWWvhGuZVrwC+gzkLgxXg8fS
TvJFfiRjDGPkQtCn1SwT6vcYnOfD8hJqTdggQLfvhYRZtQ==
-----END CERTIFICATE-----
Generated at Tue Apr 16 01:10:10 2024 by rpki-client on console-fra.rpki-client.org