Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/55ede288-20da-46a9-b532-c24cfd455a05.roa
File: 55ede288-20da-46a9-b532-c24cfd455a05.roa (raw, json)
Hash identifier: ZNdzzTJI/S+JEx9/aMSHUtvr6mpGSZC53m8V8izLNro=
Subject key identifier: D9:C3:F7:FF:77:40:85:BA:BF:15:2C:AA:E6:80:8B:4E:DD:07:30:8B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4CC92BB49CCED09C85A2930D83BB797A181D5B77
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/55ede288-20da-46a9-b532-c24cfd455a05.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.128.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 00:45:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:c9:2b:b4:9c:ce:d0:9c:85:a2:93:0d:83:bb:79:7a:18:1d:5b:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=40ac2008d000785cd6a70c80fc04a669bc2835fe5bfd3c483ce352139aa6c2c8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b6:8c:ac:86:a4:6c:cb:72:41:87:0f:49:80:
52:d2:b5:d2:ba:7f:ca:ae:f6:52:34:83:a7:5d:20:
6d:a3:97:6e:2d:18:e5:61:58:de:ad:0c:81:be:94:
18:3b:de:31:d1:4c:3f:95:6b:21:0a:42:35:7e:3f:
d2:fd:00:c2:a2:23:f7:36:5d:24:db:23:ec:7b:9e:
dd:89:78:4e:dd:38:dc:d1:19:8a:8f:dc:20:a2:e8:
b7:63:de:c7:53:e5:e4:04:9b:17:10:de:89:ff:31:
7c:b7:6e:38:4a:76:07:2a:93:39:4d:f3:43:34:9d:
fd:e1:07:bf:06:89:11:ae:dc:f7:5b:03:8b:82:9f:
6a:1d:a1:f0:07:b2:97:2a:da:4c:01:14:4a:01:f4:
64:6f:52:39:28:ff:93:5e:97:07:ea:dd:48:84:e4:
92:95:be:2c:bb:d1:01:62:0b:e6:2c:56:08:aa:20:
b4:3f:24:77:fe:da:3d:f4:95:2f:c8:d0:91:02:ef:
bf:14:c4:ea:7a:81:8b:8d:3c:2f:01:59:15:83:65:
8a:0a:2f:e8:27:98:61:bb:4d:23:af:39:c8:a5:b2:
b7:9e:95:e6:f8:d5:51:17:98:24:8e:d2:5e:c1:45:
a7:02:ca:c3:5f:9f:29:63:c0:5a:6d:a0:44:6d:fc:
75:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:C3:F7:FF:77:40:85:BA:BF:15:2C:AA:E6:80:8B:4E:DD:07:30:8B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/55ede288-20da-46a9-b532-c24cfd455a05.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.128.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a4:c6:d9:43:70:21:ef:25:13:69:c3:08:a4:47:61:c1:a2:ab:
3d:85:26:74:38:94:12:b5:23:17:da:3c:a0:3e:45:fc:95:9f:
ec:54:0b:d3:b3:85:e4:cf:e3:b4:1f:6f:02:da:28:fc:29:74:
92:80:c3:dc:45:9e:5a:8b:2e:0b:31:6d:49:b6:87:44:47:c5:
12:cd:69:47:cc:26:9a:e0:fd:14:e5:a6:3e:3e:58:fe:8b:83:
2a:b4:fc:4e:db:46:8f:55:88:9a:28:a1:89:ec:45:b6:d3:0b:
28:59:a7:b0:89:20:36:d2:bf:6e:7e:87:bf:0b:73:a8:8c:e3:
10:43:56:f8:e4:f1:0d:38:4d:34:e4:b2:bd:e6:58:5d:76:94:
a3:85:88:45:cf:8f:fc:42:cc:0c:69:07:7c:bf:65:cf:e4:24:
38:8e:9d:14:10:5b:a2:d2:dc:67:41:ab:45:f9:06:16:16:46:
39:00:da:fb:f0:3d:1e:a1:1b:83:b6:a2:74:e8:50:ef:e7:35:
a0:62:12:af:db:5d:bf:a6:f9:bb:8d:be:c9:ef:d5:24:e7:d7:
a4:70:20:9f:c2:20:ad:83:c4:85:87:39:44:7d:e4:f9:f3:e0:
ce:88:4f:b6:a9:c0:95:26:07:fb:66:f3:86:5f:21:fb:10:e7:
1c:ef:cd:51
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTMkrtJzO0JyFopMNg7t5ehgdW3cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwYWMyMDA4ZDAwMDc4NWNkNmE3MGM4MGZjMDRhNjY5YmMyODM1ZmU1YmZk
M2M0ODNjZTM1MjEzOWFhNmMyYzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMS2jKyGpGzLckGHD0mAUtK10rp/yq72UjSDp10gbaOXbi0Y5WFY3q0Mgb6U
GDveMdFMP5VrIQpCNX4/0v0AwqIj9zZdJNsj7Hue3Yl4Tt043NEZio/cIKLot2Pe
x1Pl5ASbFxDeif8xfLduOEp2ByqTOU3zQzSd/eEHvwaJEa7c91sDi4Kfah2h8Aey
lyraTAEUSgH0ZG9SOSj/k16XB+rdSITkkpW+LLvRAWIL5ixWCKogtD8kd/7aPfSV
L8jQkQLvvxTE6nqBi408LwFZFYNligov6CeYYbtNI685yKWyt56V5vjVUReYJI7S
XsFFpwLKw1+fKWPAWm2gRG38dS0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTZw/f/
d0CFur8VLKrmgItO3QcwizAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTVlZGUyODgtMjBkYS00NmE5LWI1MzItYzI0Y2ZkNDU1YTA1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOAMA0G
CSqGSIb3DQEBCwUAA4IBAQCkxtlDcCHvJRNpwwikR2HBoqs9hSZ0OJQStSMX2jyg
PkX8lZ/sVAvTs4Xkz+O0H28C2ij8KXSSgMPcRZ5aiy4LMW1JtodER8USzWlHzCaa
4P0U5aY+Plj+i4MqtPxO20aPVYiaKKGJ7EW20wsoWaewiSA20r9ufoe/C3OojOMQ
Q1b45PENOE005LK95lhddpSjhYhFz4/8QswMaQd8v2XP5CQ4jp0UEFui0txnQatF
+QYWFkY5ANr78D0eoRuDtqJ06FDv5zWgYhKv212/pvm7jb7J79Uk59ekcCCfwiCt
g8SFhzlEfeT58+DOiE+2qcCVJgf7ZvOGXyH7EOcc781R
-----END CERTIFICATE-----
Generated at Sat Apr 20 02:38:44 2024 by rpki-client on console-ams.rpki-client.org