Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78a98b8d-81ac-4e41-a012-084be89be1cb.roa
File: 78a98b8d-81ac-4e41-a012-084be89be1cb.roa (raw, json)
Hash identifier: Os71cienRS9wmBH2qpMpvuWsG85EN3S72EmFRGdU6o8=
Subject key identifier: F1:F1:28:BE:36:C6:DB:CD:9C:38:CA:82:A9:53:7D:DF:28:A0:0C:57
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 477215C2C2D6282E39E8BE5C5E389C3E36EE75E4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78a98b8d-81ac-4e41-a012-084be89be1cb.roa
Signing time: Tue 05 Mar 2024 00:00:00 +0000
ROA not before: Tue 05 Mar 2024 00:00:00 +0000
ROA not after: Tue 09 Apr 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.112.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 29 Mar 2024 21:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:72:15:c2:c2:d6:28:2e:39:e8:be:5c:5e:38:9c:3e:36:ee:75:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 00:00:00 2024 GMT
Not After : Apr 9 23:59:59 2024 GMT
Subject: serialNumber=4775270c2182db957e71681d8786f60a02260c0c60669d15aa9b192aa2400221, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:9d:1a:33:ea:8c:c1:29:82:d3:ed:aa:9c:33:
24:9d:f9:a0:f2:e3:7d:ba:a9:12:4d:93:12:1b:af:
47:96:a6:3b:18:ce:30:de:40:0a:ac:e5:b9:81:f6:
18:9c:7a:9c:3e:04:c1:2c:7f:a4:86:1f:eb:5c:0a:
c7:fa:ed:ab:d1:bb:af:15:f0:d9:c2:d0:25:39:4f:
3c:f9:1a:e1:ac:37:c1:63:b6:11:1b:c4:9f:77:12:
95:ca:f3:36:09:66:cf:73:7e:8f:b5:e4:89:6b:5c:
f6:8c:bc:84:b6:c1:98:35:2c:42:08:ce:1b:f6:dd:
e8:0d:4d:63:a6:73:b2:ec:53:9d:95:31:19:92:f1:
bd:d0:e6:97:6b:bf:50:fb:e8:61:7a:21:77:0d:ae:
d2:3d:b5:20:f9:02:51:e1:42:d7:60:e2:2e:96:32:
35:24:9a:c7:67:ce:d9:9a:d4:8c:cc:07:08:1c:ed:
79:59:a4:69:89:40:d2:66:d2:a7:d9:15:ea:00:56:
40:d7:c2:90:83:3d:3b:25:01:b2:ce:b4:13:f6:b5:
62:dd:64:06:b9:08:a3:dd:ad:dc:0c:32:f0:80:93:
4a:dc:2f:7b:6b:ca:1e:82:b5:1f:0c:24:20:b0:0f:
3a:81:bd:00:2d:90:b7:18:3e:f2:23:7a:07:84:75:
14:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:F1:28:BE:36:C6:DB:CD:9C:38:CA:82:A9:53:7D:DF:28:A0:0C:57
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78a98b8d-81ac-4e41-a012-084be89be1cb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.112.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a6:7c:8a:98:dc:82:7e:0c:ff:08:29:b0:54:09:9b:b1:d0:3d:
35:8d:96:88:90:fa:90:fd:ca:6e:aa:cc:a2:af:16:2a:e6:8f:
47:86:1b:9c:2c:ff:8c:40:38:92:12:9c:c0:a2:6e:ad:ac:37:
10:6f:1c:4f:1c:3f:db:8b:62:ab:bb:45:ce:6e:aa:11:85:06:
3a:f9:78:b7:d7:a2:7b:e6:8a:95:dd:94:22:78:62:ca:1b:d7:
27:21:8c:cf:9a:14:5a:93:80:c8:5e:a1:33:84:05:52:a8:84:
cc:fe:3f:4e:cf:f1:99:b5:5e:02:15:23:6a:9a:6d:fa:0b:62:
37:a2:d8:3e:d4:b7:95:22:64:a4:1c:64:3e:97:1b:b1:d8:bf:
71:ae:7b:c2:c5:96:df:fd:b9:ec:2c:7f:a7:64:f6:55:fc:57:
a7:b2:07:00:c0:4f:1d:a6:e3:d8:0c:4a:5c:d9:bc:5e:3c:08:
22:3b:d8:89:5a:23:d6:66:d6:ad:2d:8d:1e:ee:be:c9:1a:89:
25:d1:a9:3c:03:c3:ba:96:7f:90:87:a6:be:26:78:31:01:7c:
01:58:e3:bd:42:80:8b:7f:d0:74:e9:11:a8:f6:72:0b:d4:6b:
49:75:59:96:0a:8a:3e:32:a0:3e:ff:ba:bd:8f:ca:b9:89:99:
d9:59:15:49
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUR3IVwsLWKC456L5cXjicPjbudeQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMDUwMDAwMDBaFw0yNDA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ3NzUyNzBjMjE4MmRiOTU3ZTcxNjgxZDg3ODZmNjBhMDIyNjBjMGM2MDY2
OWQxNWFhOWIxOTJhYTI0MDAyMjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOydGjPqjMEpgtPtqpwzJJ35oPLjfbqpEk2TEhuvR5amOxjOMN5ACqzluYH2
GJx6nD4EwSx/pIYf61wKx/rtq9G7rxXw2cLQJTlPPPka4aw3wWO2ERvEn3cSlcrz
Nglmz3N+j7XkiWtc9oy8hLbBmDUsQgjOG/bd6A1NY6ZzsuxTnZUxGZLxvdDml2u/
UPvoYXohdw2u0j21IPkCUeFC12DiLpYyNSSax2fO2ZrUjMwHCBzteVmkaYlA0mbS
p9kV6gBWQNfCkIM9OyUBss60E/a1Yt1kBrkIo92t3Awy8ICTStwve2vKHoK1Hwwk
ILAPOoG9AC2Qtxg+8iN6B4R1FNkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTx8Si+
NsbbzZw4yoKpU33fKKAMVzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzhhOThiOGQtODFhYy00ZTQxLWEwMTItMDg0YmU4OWJlMWNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNwMA0G
CSqGSIb3DQEBCwUAA4IBAQCmfIqY3IJ+DP8IKbBUCZux0D01jZaIkPqQ/cpuqsyi
rxYq5o9HhhucLP+MQDiSEpzAom6trDcQbxxPHD/bi2Kru0XObqoRhQY6+Xi316J7
5oqV3ZQieGLKG9cnIYzPmhRak4DIXqEzhAVSqITM/j9Oz/GZtV4CFSNqmm36C2I3
otg+1LeVImSkHGQ+lxux2L9xrnvCxZbf/bnsLH+nZPZV/FensgcAwE8dpuPYDEpc
2bxePAgiO9iJWiPWZtatLY0e7r7JGokl0ak8A8O6ln+Qh6a+JngxAXwBWOO9QoCL
f9B06RGo9nIL1GtJdVmWCoo+MqA+/7q9j8q5iZnZWRVJ
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:18:28 2024 by rpki-client on console-ams.rpki-client.org