Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/582a854d-4985-4bca-ae2a-4cc422726702.roa
File: 582a854d-4985-4bca-ae2a-4cc422726702.roa (raw, json)
Hash identifier: d0jOqhFnexuIg09VUvCK7FYCwiU8SsfcNpOF0A8I328=
Subject key identifier: 93:16:1F:38:C6:D6:78:26:97:C3:4C:9B:7A:87:E8:7A:70:BA:C0:C3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2D10EB5C9C32A061BD341A6CBD868B1E78D2A300
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/582a854d-4985-4bca-ae2a-4cc422726702.roa
Signing time: Tue 05 Mar 2024 00:00:00 +0000
ROA not before: Tue 05 Mar 2024 00:00:00 +0000
ROA not after: Tue 09 Apr 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.40.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 Mar 2024 18:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:10:eb:5c:9c:32:a0:61:bd:34:1a:6c:bd:86:8b:1e:78:d2:a3:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 00:00:00 2024 GMT
Not After : Apr 9 23:59:59 2024 GMT
Subject: serialNumber=67d104937902a15f7dea4503a47420484a40c518abb5af67b1c5ec14dfe3b568, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:c6:3a:43:52:1d:c2:6f:cd:ba:a8:a3:38:f0:
2e:b7:a5:55:35:54:56:d9:53:12:ef:ff:ea:32:f1:
40:05:9e:ec:7a:83:79:47:79:b0:f6:4e:34:e3:bb:
4c:a5:85:06:62:43:32:f0:5b:62:65:0a:e3:86:ae:
95:ba:0e:ab:1d:9e:42:24:f1:ba:65:fa:28:7b:6c:
a2:4b:9e:bb:2c:c6:65:db:9d:ec:1c:83:b9:02:c3:
c8:be:bc:26:0a:e4:60:16:2b:80:d9:ba:3e:37:5f:
e6:3a:1f:64:cc:b4:80:44:1d:35:1a:c1:56:ec:2b:
00:d3:37:b0:69:3f:f8:96:96:b6:17:4c:d0:76:b9:
0c:09:0e:d6:25:1b:5d:6c:f5:b4:9a:28:e3:ac:49:
99:81:77:af:11:6a:92:75:b9:41:34:b7:63:43:b5:
b6:0a:85:6b:dd:a9:00:e3:ff:ee:39:3f:96:fa:3f:
21:93:8d:a2:2b:f0:aa:b2:2d:1f:d0:80:46:02:38:
2c:2d:52:23:29:34:21:a8:16:a7:e8:c1:88:c4:3b:
34:cd:e5:79:48:34:40:ac:2a:0e:8a:58:03:13:48:
5e:c6:c2:3e:35:05:18:fe:6d:4e:03:8b:b0:3c:fe:
df:a8:c5:16:d4:a0:3b:80:e3:29:66:44:06:9c:aa:
43:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:16:1F:38:C6:D6:78:26:97:C3:4C:9B:7A:87:E8:7A:70:BA:C0:C3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/582a854d-4985-4bca-ae2a-4cc422726702.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.40.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a7:1c:fe:52:a3:5d:64:f5:33:02:56:81:a0:43:b2:5c:67:a7:
57:ca:aa:9b:af:e5:dc:6a:da:e4:74:1e:99:23:4b:58:c1:43:
9e:66:e1:ec:53:6f:1d:94:24:6a:a2:9a:2b:e3:77:50:db:f5:
99:4f:38:f9:5c:42:d4:90:11:cc:b3:98:60:30:8a:1f:11:dc:
ed:34:59:39:b7:a4:45:ac:29:2e:e5:53:5a:ad:cf:21:0e:11:
d2:1a:87:e0:76:43:3e:db:9e:c6:46:b2:4e:bf:2b:65:09:ab:
41:81:48:2a:22:b7:3d:4e:03:8e:72:2b:fc:75:98:2c:94:df:
cf:b4:d4:72:de:44:7f:a6:20:dd:53:75:9b:71:5d:45:b3:c4:
4c:a8:0f:5c:84:8b:c2:99:28:0a:40:41:91:c0:f1:2b:86:28:
53:f3:dc:cd:21:16:98:27:f1:bc:67:60:c3:9c:c7:4c:17:33:
84:5b:4a:3b:1f:6f:52:72:5a:41:0b:c2:86:98:1e:bd:4f:dd:
f7:e9:b0:43:4c:65:c2:e0:d9:6d:58:60:70:cf:26:39:7e:fe:
25:d2:7f:40:33:ee:36:c5:2b:d2:e0:41:6d:5b:86:39:db:ab:
3d:18:d7:aa:7b:17:c5:c2:8a:1d:04:4a:af:f8:86:21:0d:a0:
bc:60:d9:65
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULRDrXJwyoGG9NBpsvYaLHnjSowAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMDUwMDAwMDBaFw0yNDA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDY3ZDEwNDkzNzkwMmExNWY3ZGVhNDUwM2E0NzQyMDQ4NGE0MGM1MThhYmI1
YWY2N2IxYzVlYzE0ZGZlM2I1NjgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN7GOkNSHcJvzbqoozjwLrelVTVUVtlTEu//6jLxQAWe7HqDeUd5sPZONOO7
TKWFBmJDMvBbYmUK44aulboOqx2eQiTxumX6KHtsokueuyzGZdud7ByDuQLDyL68
JgrkYBYrgNm6Pjdf5jofZMy0gEQdNRrBVuwrANM3sGk/+JaWthdM0Ha5DAkO1iUb
XWz1tJoo46xJmYF3rxFqknW5QTS3Y0O1tgqFa92pAOP/7jk/lvo/IZONoivwqrIt
H9CARgI4LC1SIyk0IagWp+jBiMQ7NM3leUg0QKwqDopYAxNIXsbCPjUFGP5tTgOL
sDz+36jFFtSgO4DjKWZEBpyqQ68CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSTFh84
xtZ4JpfDTJt6h+h6cLrAwzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTgyYTg1NGQtNDk4NS00YmNhLWFlMmEtNGNjNDIyNzI2NzAyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMoMA0G
CSqGSIb3DQEBCwUAA4IBAQCnHP5So11k9TMCVoGgQ7JcZ6dXyqqbr+XcatrkdB6Z
I0tYwUOeZuHsU28dlCRqopor43dQ2/WZTzj5XELUkBHMs5hgMIofEdztNFk5t6RF
rCku5VNarc8hDhHSGofgdkM+257GRrJOvytlCatBgUgqIrc9TgOOciv8dZgslN/P
tNRy3kR/piDdU3WbcV1Fs8RMqA9chIvCmSgKQEGRwPErhihT89zNIRaYJ/G8Z2DD
nMdMFzOEW0o7H29SclpBC8KGmB69T9336bBDTGXC4NltWGBwzyY5fv4l0n9AM+42
xSvS4EFtW4Y526s9GNeqexfFwoodBEqv+IYhDaC8YNll
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:06:40 2024 by rpki-client on console-ams.rpki-client.org