Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5c17e39c-5c0a-4f3f-bb8a-f35a3631a185.roa
File: 5c17e39c-5c0a-4f3f-bb8a-f35a3631a185.roa (raw, json)
Hash identifier: aCXo4t7juczGp24o+B4eIAI/RCeC4zbulGJYxj/ZPLU=
Subject key identifier: F7:AC:0B:36:08:BD:4E:D9:77:15:E6:64:ED:D5:AA:49:84:B3:67:02
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5689CD0465A59E29A0D2C6D6152D40C095DAB829
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5c17e39c-5c0a-4f3f-bb8a-f35a3631a185.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.78.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:89:cd:04:65:a5:9e:29:a0:d2:c6:d6:15:2d:40:c0:95:da:b8:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=6b353e69f2bb3587570ca64a16951e3ed526be4c4c6c815559a01182dc6539a7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:26:9c:e1:32:b5:d6:7e:67:33:3a:7e:12:9f:
cd:22:78:9c:89:f8:be:fa:06:36:73:70:78:63:73:
15:ae:14:d7:95:11:cf:86:9b:9b:c5:69:9e:59:93:
bc:47:c3:75:1b:ab:f8:a7:c0:3e:37:70:02:77:a3:
c4:00:b6:4e:3f:4c:8e:c0:42:0f:e6:8f:a4:23:e2:
9a:21:11:6b:f7:00:d5:70:43:5d:7a:9f:d6:ed:d7:
0b:58:5d:93:90:ec:b2:c7:8a:45:ad:7a:55:c5:f6:
fd:f0:f5:59:3d:15:2c:54:dd:e5:02:0c:a3:15:b8:
4a:2b:3c:4b:57:ba:87:55:32:4c:b8:c9:2b:c3:0f:
dd:fa:5c:1c:7c:af:31:bb:8a:ca:17:84:09:cb:c5:
00:65:b4:eb:96:b4:19:d7:25:b3:5d:2b:ba:01:82:
6f:a3:96:f4:3f:05:31:0b:39:9a:a2:80:b4:c6:c1:
f6:a3:9a:3d:26:83:76:9c:03:aa:2b:f0:0c:57:41:
2d:36:21:1d:72:89:f4:5a:9f:9a:65:d4:7c:0b:ec:
e7:c8:80:4d:aa:4b:bf:7c:1a:44:66:21:a4:ae:35:
1c:bc:13:07:27:29:f9:15:23:f7:a7:9a:31:a9:7f:
34:a2:ec:79:67:f7:67:b0:2d:e0:3a:09:aa:09:8e:
93:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:AC:0B:36:08:BD:4E:D9:77:15:E6:64:ED:D5:AA:49:84:B3:67:02
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5c17e39c-5c0a-4f3f-bb8a-f35a3631a185.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.78.0.0/16
Signature Algorithm: sha256WithRSAEncryption
aa:3e:66:b6:43:f9:5d:3f:62:37:34:2b:8d:a7:20:2b:1c:57:
2b:24:1b:90:80:e5:56:c6:d5:9c:05:ed:fe:ab:28:e1:0e:c9:
a8:ba:9c:a0:20:27:49:22:9b:56:10:ec:62:92:90:e2:95:9c:
58:9c:1e:a4:e0:60:56:60:6b:ec:70:fe:ed:f9:74:3b:d2:74:
bf:41:b4:63:4b:33:49:e2:a6:a5:ac:63:18:c4:2f:31:dc:d0:
f8:2f:2c:76:f0:f3:1d:a7:a7:39:08:33:4d:91:14:a1:f9:27:
91:81:52:aa:5c:e4:6d:31:63:18:cf:2a:db:8b:6b:ce:e0:28:
db:3f:69:2e:c5:ec:5c:a8:19:0e:0d:07:93:3f:69:0f:49:4e:
39:4b:57:10:56:da:46:06:24:bd:88:66:67:d2:3e:0e:a3:2e:
6c:d1:27:c9:7b:1a:8a:e4:35:9f:48:d2:e9:f0:12:ef:cc:29:
9b:cc:22:45:6a:db:8b:e5:fd:57:fc:a3:23:1e:d4:d1:4d:b1:
2b:4f:ba:71:ab:61:e3:7f:0a:7d:78:18:6e:20:33:7f:ab:68:
3e:dd:d4:a6:7f:01:a1:1b:8b:a0:a4:b8:c7:1f:19:6c:b1:cf:
d3:b6:6e:cb:05:da:b1:28:ed:bf:d5:12:80:2d:7c:80:ad:c7:
ce:2a:78:31
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVonNBGWlnimg0sbWFS1AwJXauCkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDZiMzUzZTY5ZjJiYjM1ODc1NzBjYTY0YTE2OTUxZTNlZDUyNmJlNGM0YzZj
ODE1NTU5YTAxMTgyZGM2NTM5YTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANkmnOEytdZ+ZzM6fhKfzSJ4nIn4vvoGNnNweGNzFa4U15URz4abm8VpnlmT
vEfDdRur+KfAPjdwAnejxAC2Tj9MjsBCD+aPpCPimiERa/cA1XBDXXqf1u3XC1hd
k5DssseKRa16VcX2/fD1WT0VLFTd5QIMoxW4Sis8S1e6h1UyTLjJK8MP3fpcHHyv
MbuKyheECcvFAGW065a0Gdcls10rugGCb6OW9D8FMQs5mqKAtMbB9qOaPSaDdpwD
qivwDFdBLTYhHXKJ9FqfmmXUfAvs58iATapLv3waRGYhpK41HLwTBycp+RUj96ea
Mal/NKLseWf3Z7At4DoJqgmOk5UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT3rAs2
CL1O2XcV5mTt1apJhLNnAjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWMxN2UzOWMtNWMwYS00ZjNmLWJiOGEtZjM1YTM2MzFhMTg1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNOMA0G
CSqGSIb3DQEBCwUAA4IBAQCqPma2Q/ldP2I3NCuNpyArHFcrJBuQgOVWxtWcBe3+
qyjhDsmoupygICdJIptWEOxikpDilZxYnB6k4GBWYGvscP7t+XQ70nS/QbRjSzNJ
4qalrGMYxC8x3ND4Lyx28PMdp6c5CDNNkRSh+SeRgVKqXORtMWMYzyrbi2vO4Cjb
P2kuxexcqBkODQeTP2kPSU45S1cQVtpGBiS9iGZn0j4Ooy5s0SfJexqK5DWfSNLp
8BLvzCmbzCJFatuL5f1X/KMjHtTRTbErT7pxq2Hjfwp9eBhuIDN/q2g+3dSmfwGh
G4ugpLjHHxlssc/Ttm7LBdqxKO2/1RKALXyArcfOKngx
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org