Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa
File: 709c8cf6-9d5d-47d6-8b70-40eff8390658.roa (raw, json)
Hash identifier: LnonnDg8UIe93qst/5aeu8o6zeS8P2VonkOXGZM8kr4=
Subject key identifier: B9:4E:69:31:78:D8:F0:54:28:2B:1B:37:28:9B:F3:A8:6F:B3:C5:D3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 64BA947389E3EEBD7AAF6B663F1C293E4749628E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.220.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:ba:94:73:89:e3:ee:bd:7a:af:6b:66:3f:1c:29:3e:47:49:62:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=0baae520a45d021163a8146a9fa85f3abca426d04dad25bd74fecc5af95edc8b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:7a:6f:9f:27:a7:91:73:c2:4c:06:44:b6:03:
ae:7a:cf:e3:10:d7:4e:39:7a:9d:b7:ff:76:19:2d:
d8:c3:a3:f5:3a:fa:71:d7:c5:0c:37:25:5b:3b:b1:
2c:f6:d7:05:d4:2b:dd:92:62:df:b3:c8:42:ba:cd:
72:b7:33:d4:c8:29:5e:47:3a:5e:f7:ec:37:66:fd:
3a:69:c1:e0:78:72:22:16:9f:36:5f:5d:50:b4:5d:
01:dd:5f:3b:83:5c:2d:1a:91:b1:73:2e:d8:12:04:
35:e7:eb:f6:8b:3f:42:62:0b:9a:dc:4b:81:81:e3:
3e:34:11:79:51:ad:62:28:55:65:39:38:48:84:00:
b4:af:68:5c:32:01:5c:df:4a:42:7a:39:ee:a5:9d:
5e:aa:28:0c:79:b2:e9:7e:e2:6f:2e:42:5b:e0:ea:
4a:2c:05:18:a4:78:48:5a:12:d3:e8:f4:0b:7e:2d:
2a:00:6e:b1:bc:24:0a:ed:08:df:8e:66:2c:af:a9:
bf:99:e0:6c:c2:e8:19:c2:a2:be:3a:34:75:4c:23:
50:c0:3a:63:03:5f:fb:04:59:2c:3b:e7:43:6f:c4:
e3:91:5c:81:bf:b8:58:a9:60:9e:7c:1e:13:89:07:
fb:1c:74:aa:75:1e:39:02:d8:b2:e5:eb:8b:73:47:
b0:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:4E:69:31:78:D8:F0:54:28:2B:1B:37:28:9B:F3:A8:6F:B3:C5:D3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.220.0.0/15
Signature Algorithm: sha256WithRSAEncryption
6e:6e:f7:f4:df:de:25:5f:cf:7a:c5:26:20:f1:f2:04:6d:9a:
4e:4e:2c:30:e0:ae:db:73:c0:c5:70:71:78:af:16:d5:22:f2:
2d:31:e3:96:3c:59:98:4a:d9:98:f2:75:23:8f:f6:b1:fa:c2:
c4:86:e0:78:41:5e:fe:76:5b:a8:ec:79:05:0c:31:b0:ce:d6:
62:d8:9e:ad:1f:81:1b:89:06:3e:f5:6e:98:28:ef:64:24:ec:
22:e4:28:f5:6b:8a:95:1f:89:09:21:9d:9f:3b:b8:8d:b7:dd:
83:f4:18:9c:3c:26:c4:4f:1b:36:1c:0f:a4:b9:fb:bb:71:97:
f7:3b:71:97:81:48:27:0a:66:6d:41:fc:c3:46:df:74:7e:98:
fa:6b:94:eb:69:07:ce:46:c2:e3:2a:d3:60:23:f5:d4:8c:25:
34:bb:9b:24:b3:0a:78:d8:d0:fc:29:5a:26:0d:83:b4:59:3c:
c3:49:e2:f5:87:c9:95:49:9a:85:ad:66:32:df:14:6e:f5:94:
33:b8:e8:ba:08:c8:09:e8:41:c8:31:ae:c7:63:67:80:2a:7c:
98:3c:87:60:4f:85:80:80:df:e4:7c:7a:da:3a:4f:1b:07:61:
8c:80:4e:fc:53:c9:df:8a:03:e8:33:57:d3:5b:49:04:e4:1b:
1c:71:75:ca
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZLqUc4nj7r16r2tmPxwpPkdJYo4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDBiYWFlNTIwYTQ1ZDAyMTE2M2E4MTQ2YTlmYTg1ZjNhYmNhNDI2ZDA0ZGFk
MjViZDc0ZmVjYzVhZjk1ZWRjOGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMp6b58np5FzwkwGRLYDrnrP4xDXTjl6nbf/dhkt2MOj9Tr6cdfFDDclWzux
LPbXBdQr3ZJi37PIQrrNcrcz1MgpXkc6XvfsN2b9OmnB4HhyIhafNl9dULRdAd1f
O4NcLRqRsXMu2BIENefr9os/QmILmtxLgYHjPjQReVGtYihVZTk4SIQAtK9oXDIB
XN9KQno57qWdXqooDHmy6X7iby5CW+DqSiwFGKR4SFoS0+j0C34tKgBusbwkCu0I
345mLK+pv5ngbMLoGcKivjo0dUwjUMA6YwNf+wRZLDvnQ2/E45Fcgb+4WKlgnnwe
E4kH+xx0qnUeOQLYsuXri3NHsKsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS5Tmkx
eNjwVCgrGzcom/Oob7PF0zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzA5YzhjZjYtOWQ1ZC00N2Q2LThiNzAtNDBlZmY4MzkwNjU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPcMA0G
CSqGSIb3DQEBCwUAA4IBAQBubvf0394lX896xSYg8fIEbZpOTiww4K7bc8DFcHF4
rxbVIvItMeOWPFmYStmY8nUjj/ax+sLEhuB4QV7+dluo7HkFDDGwztZi2J6tH4Eb
iQY+9W6YKO9kJOwi5Cj1a4qVH4kJIZ2fO7iNt92D9BicPCbETxs2HA+kufu7cZf3
O3GXgUgnCmZtQfzDRt90fpj6a5TraQfORsLjKtNgI/XUjCU0u5skswp42ND8KVom
DYO0WTzDSeL1h8mVSZqFrWYy3xRu9ZQzuOi6CMgJ6EHIMa7HY2eAKnyYPIdgT4WA
gN/kfHraOk8bB2GMgE78U8nfigPoM1fTW0kE5BsccXXK
-----END CERTIFICATE-----
Generated at Wed May 8 01:49:10 2024 by rpki-client on console-fra.rpki-client.org