Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5bd93f6c-9c20-4393-a8f8-1424eaa1dcbe.roa
File: 5bd93f6c-9c20-4393-a8f8-1424eaa1dcbe.roa (raw, json)
Hash identifier: YAqUJIG51VCKgNaqkwhYlresyHzsQhB6SSwLESyeOtk=
Subject key identifier: 4A:35:2C:57:63:21:0D:B9:42:AB:F3:9E:06:40:4D:60:BB:C3:F6:2F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 252D85942D406121C1CB9F684A5811E7CC823593
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5bd93f6c-9c20-4393-a8f8-1424eaa1dcbe.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.20.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 00:45:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:2d:85:94:2d:40:61:21:c1:cb:9f:68:4a:58:11:e7:cc:82:35:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=9e7de46262cf7a8a65ecfeefd41da17c1b541ff2b73f89ff1486088d8ea50c8c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e0:5c:29:7b:7d:92:90:40:7a:bc:1c:6c:0a:
9d:98:1d:ad:a7:91:26:62:ff:a4:56:46:a8:0e:c0:
f5:69:9f:9b:9c:0d:f9:8f:d3:ee:8a:5c:0d:25:f1:
d7:25:2a:f0:ea:7a:8b:16:c2:7f:3b:0b:56:c0:10:
a2:64:fd:c4:14:cd:b4:61:99:f0:15:97:0e:9c:54:
3f:11:26:56:39:bf:dc:db:b1:f6:7b:35:f1:a2:4c:
68:bc:a1:90:03:59:2e:c5:81:80:ee:3f:84:26:be:
57:a5:a1:e3:ea:04:68:52:b9:99:ec:d5:1c:30:b2:
e3:ad:85:63:91:30:f5:6a:67:ad:9c:a5:fa:ff:a3:
2f:17:2d:a2:9f:ea:33:87:8d:b6:fe:65:b8:2d:93:
24:4c:8b:78:32:4a:a7:8a:4c:22:2a:ec:3d:92:90:
e7:18:d2:cb:83:2d:dc:f6:ad:bb:49:1a:8b:2e:3c:
e6:a3:23:b4:36:f7:9a:d6:f9:22:f0:7a:40:9a:bc:
41:39:b2:47:20:ca:73:3a:7f:d9:09:26:29:b6:53:
47:8a:40:69:67:0a:7f:2e:16:4c:c2:21:be:96:0e:
6f:1f:76:1d:ab:d3:b8:3a:af:c9:33:4f:92:66:1d:
f9:f7:ea:a1:49:30:e4:fe:8a:8d:c7:6d:d4:73:f9:
0f:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:35:2C:57:63:21:0D:B9:42:AB:F3:9E:06:40:4D:60:BB:C3:F6:2F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5bd93f6c-9c20-4393-a8f8-1424eaa1dcbe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.20.0.0/16
Signature Algorithm: sha256WithRSAEncryption
44:81:0a:c5:be:dc:b4:39:93:f9:5e:8a:ea:41:bb:07:14:86:
c7:2c:5b:7e:cb:36:54:b9:f3:b3:7f:1f:bf:71:e8:82:63:13:
6f:1e:26:b6:60:d6:fb:9d:7f:6f:07:61:af:f3:da:d3:3b:ce:
6b:42:ff:bd:74:4a:85:77:50:2a:9b:f0:1c:ac:9f:0f:21:2b:
0b:6a:9c:9f:c6:4f:86:f2:b5:39:95:01:b1:b0:90:c5:63:81:
20:dc:6d:66:ff:c0:0a:f1:7a:94:e7:81:1d:ca:08:e8:1a:89:
d7:42:eb:db:c0:b9:42:7c:be:88:3b:fe:04:2a:9b:60:c0:4e:
a7:ed:11:77:2e:d0:95:2f:d2:60:ae:c7:69:07:03:cf:12:db:
30:c3:0f:09:ef:6e:3f:c3:9b:fe:5b:69:a9:b4:31:92:8a:fc:
63:42:4f:49:3b:37:c5:0c:b8:35:d6:5c:0e:ed:48:b5:b9:67:
e7:6f:30:c2:39:17:d0:97:3f:f6:1f:de:ec:02:54:67:24:7d:
3d:36:2d:99:df:c8:d5:95:14:13:bb:04:af:5f:08:b0:86:45:
18:29:4d:21:7e:67:c3:15:3a:d4:49:fc:fb:ad:62:76:0b:56:
d8:42:7c:ab:31:f8:26:80:70:5f:f1:4a:50:d8:8f:20:af:e6:
9a:f7:55:31
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJS2FlC1AYSHBy59oSlgR58yCNZMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDllN2RlNDYyNjJjZjdhOGE2NWVjZmVlZmQ0MWRhMTdjMWI1NDFmZjJiNzNm
ODlmZjE0ODYwODhkOGVhNTBjOGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL/gXCl7fZKQQHq8HGwKnZgdraeRJmL/pFZGqA7A9Wmfm5wN+Y/T7opcDSXx
1yUq8Op6ixbCfzsLVsAQomT9xBTNtGGZ8BWXDpxUPxEmVjm/3Nux9ns18aJMaLyh
kANZLsWBgO4/hCa+V6Wh4+oEaFK5mezVHDCy462FY5Ew9WpnrZyl+v+jLxctop/q
M4eNtv5luC2TJEyLeDJKp4pMIirsPZKQ5xjSy4Mt3Patu0kaiy485qMjtDb3mtb5
IvB6QJq8QTmyRyDKczp/2QkmKbZTR4pAaWcKfy4WTMIhvpYObx92HavTuDqvyTNP
kmYd+ffqoUkw5P6Kjcdt1HP5DxECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRKNSxX
YyENuUKr854GQE1gu8P2LzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWJkOTNmNmMtOWMyMC00MzkzLWE4ZjgtMTQyNGVhYTFkY2JlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMUMA0G
CSqGSIb3DQEBCwUAA4IBAQBEgQrFvty0OZP5XorqQbsHFIbHLFt+yzZUufOzfx+/
ceiCYxNvHia2YNb7nX9vB2Gv89rTO85rQv+9dEqFd1Aqm/AcrJ8PISsLapyfxk+G
8rU5lQGxsJDFY4Eg3G1m/8AK8XqU54EdygjoGonXQuvbwLlCfL6IO/4EKptgwE6n
7RF3LtCVL9JgrsdpBwPPEtswww8J724/w5v+W2mptDGSivxjQk9JOzfFDLg11lwO
7Ui1uWfnbzDCORfQlz/2H97sAlRnJH09Ni2Z38jVlRQTuwSvXwiwhkUYKU0hfmfD
FTrUSfz7rWJ2C1bYQnyrMfgmgHBf8UpQ2I8gr+aa91Ux
-----END CERTIFICATE-----
Generated at Sat Apr 20 02:38:44 2024 by rpki-client on console-ams.rpki-client.org