Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6f2042b6-daa0-4132-a2fa-da355c9bd0c8.roa
File: 6f2042b6-daa0-4132-a2fa-da355c9bd0c8.roa (raw, json)
Hash identifier: b1K8+bOhV0Q/XB+yEls3PUIMOJ2567GNzMPskwAagRg=
Subject key identifier: E2:88:89:B2:12:56:73:48:E7:0E:D5:72:E7:E1:8C:1A:FD:F2:D8:63
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3AF43D4B5CA5C75F0174F2A064C370692C2A05A5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6f2042b6-daa0-4132-a2fa-da355c9bd0c8.roa
Signing time: Mon 29 Apr 2024 00:00:00 +0000
ROA not before: Mon 29 Apr 2024 00:00:00 +0000
ROA not after: Mon 03 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.92.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 19:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:f4:3d:4b:5c:a5:c7:5f:01:74:f2:a0:64:c3:70:69:2c:2a:05:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 29 00:00:00 2024 GMT
Not After : Jun 3 23:59:59 2024 GMT
Subject: serialNumber=cbe5be6f9e3cd391b274c2b09034a17b4dbb48ee9bdd102477156c9d356c3ea9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:34:e6:97:bd:72:91:a5:61:fa:29:66:9b:e2:
25:99:0a:03:44:38:b1:9d:5f:a7:97:18:f4:42:84:
b3:24:1a:19:7e:46:1f:58:76:e2:78:aa:a5:3a:5b:
5e:00:e1:80:f7:92:f5:9d:97:e9:a0:c9:79:c6:53:
f1:47:b7:66:5c:58:8f:e4:ad:28:1b:de:88:e3:07:
a6:d7:c6:1d:1a:43:c0:45:fb:d1:83:d4:aa:54:e0:
1b:f5:f2:c7:ac:65:d2:ee:79:39:8c:bc:38:86:62:
59:3d:02:60:2d:1c:3f:d2:5d:66:85:d2:28:bf:86:
da:b3:c8:19:7d:c2:de:e0:62:84:92:43:11:db:09:
d6:83:4d:bb:57:94:68:28:64:80:73:b4:8a:9e:60:
2f:8a:14:62:ba:e4:93:e4:89:32:40:ea:25:27:5a:
c0:c3:e5:a6:47:88:e9:d3:5a:65:16:ef:1d:e9:d7:
d1:d7:70:c4:8a:32:f4:e9:27:a7:25:67:b4:38:e6:
17:ec:81:cb:35:d5:c1:15:71:6c:73:95:1f:d5:df:
e6:98:8d:1d:9f:b9:58:e7:39:63:31:11:18:9d:8d:
c8:10:59:98:41:0e:68:b8:38:8b:ef:0a:75:c6:a2:
ff:15:73:86:1e:5a:8e:ba:fe:f8:40:ba:99:49:07:
3d:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:88:89:B2:12:56:73:48:E7:0E:D5:72:E7:E1:8C:1A:FD:F2:D8:63
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6f2042b6-daa0-4132-a2fa-da355c9bd0c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.92.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0b:2d:6e:d7:c7:70:3f:e6:5e:94:54:42:f0:d2:37:d9:14:ec:
4b:c3:61:02:0c:7d:29:68:83:7c:8d:96:b1:94:d2:3b:e1:c0:
f9:fd:62:2f:57:0c:2a:8a:49:bf:6e:6b:67:7e:be:34:fd:4c:
b3:e5:04:81:46:50:d0:a0:75:01:34:3a:12:ca:06:9d:87:96:
4f:3b:98:8f:c0:aa:7d:75:27:fe:03:0c:c3:b2:de:bd:a5:fa:
ad:4c:de:4d:2f:8b:52:f2:7d:43:4c:2b:b7:d9:df:3e:9c:e3:
ac:0b:53:36:52:d8:f1:7b:63:8c:ed:e7:ab:5b:2d:03:36:f1:
10:17:df:1e:05:9f:2e:f6:1a:36:e6:4e:fc:77:32:2d:86:e2:
c8:c9:a4:48:25:2b:3e:cc:35:aa:65:76:58:a2:ee:52:2e:71:
1a:bb:9a:e0:6a:de:1a:77:89:c5:38:a0:b1:de:8b:eb:35:1c:
49:9b:b9:f3:e9:14:74:8f:2e:ad:2c:d1:8c:98:00:c0:7a:5e:
d8:76:43:dc:53:53:fe:af:fc:cf:49:3c:5d:d6:33:71:ac:8b:
2e:a9:1f:c0:69:b7:2b:28:bf:3f:78:d2:f3:cb:ec:0d:42:9c:
1a:c5:51:a6:7a:76:e3:fa:be:8f:fb:95:b7:20:27:1c:89:e3:
16:82:ba:7c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOvQ9S1ylx18BdPKgZMNwaSwqBaUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjkwMDAwMDBaFw0yNDA2MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiZTViZTZmOWUzY2QzOTFiMjc0YzJiMDkwMzRhMTdiNGRiYjQ4ZWU5YmRk
MTAyNDc3MTU2YzlkMzU2YzNlYTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAME05pe9cpGlYfopZpviJZkKA0Q4sZ1fp5cY9EKEsyQaGX5GH1h24niqpTpb
XgDhgPeS9Z2X6aDJecZT8Ue3ZlxYj+StKBveiOMHptfGHRpDwEX70YPUqlTgG/Xy
x6xl0u55OYy8OIZiWT0CYC0cP9JdZoXSKL+G2rPIGX3C3uBihJJDEdsJ1oNNu1eU
aChkgHO0ip5gL4oUYrrkk+SJMkDqJSdawMPlpkeI6dNaZRbvHenX0ddwxIoy9Okn
pyVntDjmF+yByzXVwRVxbHOVH9Xf5piNHZ+5WOc5YzERGJ2NyBBZmEEOaLg4i+8K
dcai/xVzhh5ajrr++EC6mUkHPeUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTiiImy
ElZzSOcO1XLn4Ywa/fLYYzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NmYyMDQyYjYtZGFhMC00MTMyLWEyZmEtZGEzNTVjOWJkMGM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNcMA0G
CSqGSIb3DQEBCwUAA4IBAQALLW7Xx3A/5l6UVELw0jfZFOxLw2ECDH0paIN8jZax
lNI74cD5/WIvVwwqikm/bmtnfr40/Uyz5QSBRlDQoHUBNDoSygadh5ZPO5iPwKp9
dSf+AwzDst69pfqtTN5NL4tS8n1DTCu32d8+nOOsC1M2Utjxe2OM7eerWy0DNvEQ
F98eBZ8u9ho25k78dzIthuLIyaRIJSs+zDWqZXZYou5SLnEau5rgat4ad4nFOKCx
3ovrNRxJm7nz6RR0jy6tLNGMmADAel7YdkPcU1P+r/zPSTxd1jNxrIsuqR/Aabcr
KL8/eNLzy+wNQpwaxVGmenbj+r6P+5W3ICccieMWgrp8
-----END CERTIFICATE-----
Generated at Tue Apr 30 01:02:49 2024 by rpki-client on console-fra.rpki-client.org