Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51640291-7474-4374-9081-81d0d3d47792.roa
File: 51640291-7474-4374-9081-81d0d3d47792.roa (raw, json)
Hash identifier: DMxjJFu+VLjylHTNbMDrddIEj4E1h1kVSNQvJuMbeuQ=
Subject key identifier: A3:EE:2E:85:E9:EC:B1:4B:0A:78:93:51:31:49:2E:30:51:B9:B4:E0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5BE61026D3998FF275DE897E73621592F938E76D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51640291-7474-4374-9081-81d0d3d47792.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.156.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:e6:10:26:d3:99:8f:f2:75:de:89:7e:73:62:15:92:f9:38:e7:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=b134fde0ad82d670efad375ace833cef923816474a9aa681d80247b9e7bbc05c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:69:1c:fd:cf:ce:22:b2:e8:51:e0:40:0f:bd:
f3:48:6d:1e:27:28:c4:d0:07:af:98:9b:1b:d0:77:
57:11:f1:ad:3b:0e:70:fa:0f:19:e2:6e:38:d3:fe:
9b:10:92:33:4f:8f:07:8f:f9:bc:c4:03:66:55:02:
c2:d8:dd:df:4b:e8:4c:20:22:32:da:32:08:32:94:
ab:8f:d8:ef:34:36:95:a8:d8:38:b2:db:c6:e9:f6:
91:08:14:36:33:3c:af:29:fc:53:df:59:20:f3:40:
f1:72:8d:a2:73:c8:da:05:b1:4a:61:2a:f1:9b:cd:
1d:00:67:2e:5b:13:f2:78:4d:7e:96:bb:dd:79:45:
9a:d9:2e:3e:41:70:99:27:13:10:17:4c:42:0f:63:
19:06:ce:c8:ad:d6:47:79:80:e2:ef:e7:cc:44:ca:
b0:04:ba:19:09:e6:65:4d:19:76:ba:f7:43:52:f7:
d2:5f:9a:ad:d2:3e:02:69:d5:d8:b3:1c:86:c9:2f:
99:bb:72:9b:a2:46:b6:85:5b:0f:e6:67:47:0f:0e:
2b:37:a3:26:44:bd:30:2c:5c:60:b2:0e:0a:0f:ee:
3d:1f:71:63:29:e7:2f:47:d7:16:73:45:46:53:85:
7e:f7:d3:a8:42:84:c4:0f:3a:68:43:70:10:16:78:
5a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:EE:2E:85:E9:EC:B1:4B:0A:78:93:51:31:49:2E:30:51:B9:B4:E0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51640291-7474-4374-9081-81d0d3d47792.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.156.0.0/15
Signature Algorithm: sha256WithRSAEncryption
5d:59:bb:bc:e8:ee:39:6b:ab:a2:00:3e:9a:63:b6:a2:fe:d5:
27:b9:78:49:d9:57:5e:70:21:3e:23:d1:89:a2:14:50:8e:91:
d4:b3:7b:2d:d4:fd:2e:16:84:de:64:77:87:37:8f:1f:bd:5e:
2d:0b:eb:84:cb:47:88:c1:8e:27:e9:94:80:25:51:54:00:41:
d8:95:38:69:71:8d:9a:d9:ec:c2:6b:b0:4b:71:ea:fa:d0:65:
9d:c1:55:1d:4b:8c:61:a9:87:88:7f:41:51:67:58:3d:78:64:
a8:d8:6a:47:96:90:f1:3b:9e:c7:f2:e4:9e:6e:d6:0e:bd:cc:
c7:a1:b9:62:54:d5:58:a3:ee:71:c6:b1:4c:07:79:3e:a4:97:
f0:52:0f:1b:4a:b0:22:37:ec:63:2b:84:a2:37:ff:bd:41:8c:
73:09:46:01:32:a6:10:49:3c:31:a1:d0:b5:54:1c:ab:61:58:
0a:3a:b2:30:71:88:bc:32:93:fa:83:b6:8b:0a:c7:6f:5a:d2:
c9:dc:84:aa:0b:ce:42:83:b9:44:48:e8:45:fe:cd:c7:25:40:
0d:0f:f9:80:04:13:d4:d4:8a:11:78:2c:56:4e:9d:5d:6b:db:
57:04:eb:f7:5e:97:b1:b7:b2:d9:14:f3:37:f0:5c:bc:bf:22:
b5:68:6a:38
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUW+YQJtOZj/J13ol+c2IVkvk4520wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxMzRmZGUwYWQ4MmQ2NzBlZmFkMzc1YWNlODMzY2VmOTIzODE2NDc0YTlh
YTY4MWQ4MDI0N2I5ZTdiYmMwNWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMVpHP3PziKy6FHgQA+980htHicoxNAHr5ibG9B3VxHxrTsOcPoPGeJuONP+
mxCSM0+PB4/5vMQDZlUCwtjd30voTCAiMtoyCDKUq4/Y7zQ2lajYOLLbxun2kQgU
NjM8ryn8U99ZIPNA8XKNonPI2gWxSmEq8ZvNHQBnLlsT8nhNfpa73XlFmtkuPkFw
mScTEBdMQg9jGQbOyK3WR3mA4u/nzETKsAS6GQnmZU0Zdrr3Q1L30l+ardI+AmnV
2LMchskvmbtym6JGtoVbD+ZnRw8OKzejJkS9MCxcYLIOCg/uPR9xYynnL0fXFnNF
RlOFfvfTqEKExA86aENwEBZ4WkUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSj7i6F
6eyxSwp4k1ExSS4wUbm04DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTE2NDAyOTEtNzQ3NC00Mzc0LTkwODEtODFkMGQzZDQ3NzkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOcMA0G
CSqGSIb3DQEBCwUAA4IBAQBdWbu86O45a6uiAD6aY7ai/tUnuXhJ2VdecCE+I9GJ
ohRQjpHUs3st1P0uFoTeZHeHN48fvV4tC+uEy0eIwY4n6ZSAJVFUAEHYlThpcY2a
2ezCa7BLcer60GWdwVUdS4xhqYeIf0FRZ1g9eGSo2GpHlpDxO57H8uSebtYOvczH
obliVNVYo+5xxrFMB3k+pJfwUg8bSrAiN+xjK4SiN/+9QYxzCUYBMqYQSTwxodC1
VByrYVgKOrIwcYi8MpP6g7aLCsdvWtLJ3ISqC85Cg7lESOhF/s3HJUAND/mABBPU
1IoReCxWTp1da9tXBOv3Xpext7LZFPM38Fy8vyK1aGo4
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:52:15 2024 by rpki-client on console-ams.rpki-client.org