Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5def5ced-6390-4a74-8bf9-cb677f0b05fc.roa
File: 5def5ced-6390-4a74-8bf9-cb677f0b05fc.roa (raw, json)
Hash identifier: VHD5/Z/vAli1rdqx0uqJLZ2qRkBIoo5taP4TwVHo3Es=
Subject key identifier: C1:02:E8:7F:BC:A2:BD:9C:9E:2C:7B:1A:F9:9E:4A:7E:DA:8E:91:A0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 49504F990CEE124981C5789C1AB5F052D0B5EB22
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5def5ced-6390-4a74-8bf9-cb677f0b05fc.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.82.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:50:4f:99:0c:ee:12:49:81:c5:78:9c:1a:b5:f0:52:d0:b5:eb:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=060b6fdf19c7538f8bc943c4ed2af051962dff292d5a7a56371b5eda26e73c85, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:fe:b1:12:86:c1:98:cb:4d:69:d4:03:c6:27:
10:55:50:aa:c8:ed:c1:22:94:0d:d9:30:db:bc:0f:
b2:e1:a3:f9:4a:3b:8b:f1:ec:fc:c4:fb:ec:86:f8:
98:05:55:28:7c:16:8a:69:b7:cf:d4:42:08:21:62:
32:d6:8e:e0:2a:1c:91:4e:74:4e:91:8c:42:c1:97:
b0:a2:2d:91:86:fa:ad:37:fc:b6:92:30:6b:a9:4c:
b9:33:29:66:35:5f:53:0f:98:73:ea:7f:9a:e7:e8:
59:55:83:93:5d:8a:83:dd:e1:88:82:70:a3:a0:24:
fb:a3:58:72:66:9e:0e:43:9c:58:4e:0f:c8:85:e8:
a8:28:4e:0e:41:64:0e:e8:92:73:35:50:f3:b7:1a:
16:34:d9:92:c2:ae:aa:68:d1:c0:1d:0d:9b:0d:fe:
36:bd:4e:bd:0a:7e:1b:7f:35:dd:8c:69:b2:6b:47:
9b:b1:27:4c:25:58:2e:15:55:f9:8e:d9:73:59:52:
3e:e4:ab:88:d9:85:8b:3d:a7:d3:02:79:e8:62:be:
c1:67:5f:e7:c9:df:50:55:e2:8f:15:50:05:8c:6b:
ed:e2:b4:2a:04:45:8f:c8:16:5b:59:eb:4d:78:b4:
9c:97:98:d2:7f:d3:eb:d2:4e:ba:ba:6b:e3:5b:2f:
d2:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:02:E8:7F:BC:A2:BD:9C:9E:2C:7B:1A:F9:9E:4A:7E:DA:8E:91:A0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5def5ced-6390-4a74-8bf9-cb677f0b05fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.82.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bd:fd:0a:e7:99:5b:73:cb:83:95:e0:96:7e:a4:99:0c:88:ef:
c7:d2:72:5b:9e:c3:e0:96:d9:c8:3f:d7:1b:9c:72:0c:71:c6:
9a:f7:e0:dc:7e:ba:e7:52:68:1a:e0:a5:ed:dc:78:de:6d:24:
24:c2:7f:da:67:70:14:92:21:72:2c:a6:a9:37:fb:67:35:4d:
13:a5:e8:21:d2:13:a6:be:68:a1:d2:9e:cd:f5:ba:e6:d9:e1:
96:e7:c5:08:36:d4:25:9e:07:d5:af:3c:94:db:1f:d1:a9:6f:
1c:ce:48:a8:bf:c2:95:10:80:b8:66:3e:cc:4a:11:0e:23:ab:
58:b4:28:f3:c7:d3:da:87:0d:0f:2d:ef:98:38:dd:cb:cb:a3:
73:3a:d1:94:13:dc:c2:0f:2e:f1:10:40:56:5f:11:88:9b:1e:
6c:b4:5b:7f:3f:f4:19:f9:fc:4d:d2:a9:21:56:b2:92:a4:bb:
32:48:ee:c6:0e:72:cf:99:cc:31:f5:62:84:2b:fe:43:95:a0:
c4:8d:3c:12:b1:2a:d6:01:f6:94:c1:64:b3:6b:74:74:90:10:
f9:8d:12:03:a4:47:bf:27:27:72:9b:b6:a6:15:bb:66:d3:36:
3f:fb:00:1b:db:3d:3f:d1:fa:d5:49:13:ac:62:f2:a5:2f:fd:
d8:1d:79:81
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSVBPmQzuEkmBxXicGrXwUtC16yIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2MGI2ZmRmMTljNzUzOGY4YmM5NDNjNGVkMmFmMDUxOTYyZGZmMjkyZDVh
N2E1NjM3MWI1ZWRhMjZlNzNjODUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANP+sRKGwZjLTWnUA8YnEFVQqsjtwSKUDdkw27wPsuGj+Uo7i/Hs/MT77Ib4
mAVVKHwWimm3z9RCCCFiMtaO4CockU50TpGMQsGXsKItkYb6rTf8tpIwa6lMuTMp
ZjVfUw+Yc+p/mufoWVWDk12Kg93hiIJwo6Ak+6NYcmaeDkOcWE4PyIXoqChODkFk
DuiSczVQ87caFjTZksKuqmjRwB0Nmw3+Nr1OvQp+G3813YxpsmtHm7EnTCVYLhVV
+Y7Zc1lSPuSriNmFiz2n0wJ56GK+wWdf58nfUFXijxVQBYxr7eK0KgRFj8gWW1nr
TXi0nJeY0n/T69JOurpr41sv0sECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTBAuh/
vKK9nJ4sexr5nkp+2o6RoDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWRlZjVjZWQtNjM5MC00YTc0LThiZjktY2I2NzdmMGIwNWZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNSMA0G
CSqGSIb3DQEBCwUAA4IBAQC9/QrnmVtzy4OV4JZ+pJkMiO/H0nJbnsPgltnIP9cb
nHIMccaa9+DcfrrnUmga4KXt3HjebSQkwn/aZ3AUkiFyLKapN/tnNU0Tpegh0hOm
vmih0p7N9brm2eGW58UINtQlngfVrzyU2x/RqW8czkiov8KVEIC4Zj7MShEOI6tY
tCjzx9Pahw0PLe+YON3Ly6NzOtGUE9zCDy7xEEBWXxGImx5stFt/P/QZ+fxN0qkh
VrKSpLsySO7GDnLPmcwx9WKEK/5DlaDEjTwSsSrWAfaUwWSza3R0kBD5jRIDpEe/
Jydym7amFbtm0zY/+wAb2z0/0frVSROsYvKlL/3YHXmB
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:52:15 2024 by rpki-client on console-ams.rpki-client.org