Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
File: 83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa (raw, json)
Hash identifier: nshITRIxdGTjpylYpb3Nmvb4+Yy5jmO/oEp1oBAthOc=
Subject key identifier: 60:5C:A1:2E:CE:3C:B4:4E:25:0A:8D:F1:AA:40:DD:82:C0:D6:99:E3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 78AC6C2ADE5EC16B3E07C124D8E89D8359A42C95
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
Signing time: Tue 05 Mar 2024 00:00:00 +0000
ROA not before: Tue 05 Mar 2024 00:00:00 +0000
ROA not after: Tue 09 Apr 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.150.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 29 Mar 2024 21:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:ac:6c:2a:de:5e:c1:6b:3e:07:c1:24:d8:e8:9d:83:59:a4:2c:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 00:00:00 2024 GMT
Not After : Apr 9 23:59:59 2024 GMT
Subject: serialNumber=ee662ffbbad5333c7e85c049fa4bb53e4e7e4e9bc7aab72a316ee4305ada0945, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:56:95:08:08:a4:73:93:97:d4:54:8b:fe:5f:
dc:f5:b1:64:57:7d:42:87:3c:06:ee:2f:db:79:ef:
35:9c:12:0c:9f:b9:1c:f3:28:b7:30:c4:10:1b:ad:
48:47:8d:af:94:30:93:90:6b:b5:b9:34:d1:e7:64:
b2:76:9d:af:86:3e:96:d3:e9:08:53:c0:84:92:a7:
e0:0c:e0:b2:0e:aa:66:6f:49:68:c2:17:e7:b4:f8:
2d:5a:d9:f7:96:dd:43:a8:37:37:b4:6d:b0:14:6c:
d4:0b:ea:30:9c:a2:cc:20:3c:64:eb:5f:3b:07:cb:
94:02:3c:8a:ca:7f:25:4a:bd:6f:de:56:24:31:a8:
60:c2:59:4f:40:a7:ed:83:e1:3b:ab:ea:75:b4:6e:
91:ed:79:e0:3d:24:06:04:61:5c:bb:98:8a:48:7f:
30:ba:e1:46:91:76:38:e7:ef:6a:8d:0a:1c:21:e4:
2a:62:1b:86:d5:d3:fb:84:cc:11:40:b9:66:86:e7:
a0:4f:b1:46:dc:26:84:8f:2c:49:9c:48:8d:eb:d6:
e5:88:cc:ef:ff:ec:4f:92:0b:90:6d:22:f7:d2:0b:
80:71:f8:b3:8e:98:cf:69:3b:28:63:70:89:f2:44:
a7:0a:12:d5:e6:08:28:4e:5d:cc:5f:70:0c:b7:35:
d5:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:5C:A1:2E:CE:3C:B4:4E:25:0A:8D:F1:AA:40:DD:82:C0:D6:99:E3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.150.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c0:22:87:d2:9a:e5:d3:6b:bd:0e:8a:2a:48:66:8c:90:e2:c3:
ed:f6:a7:5f:81:1f:1d:a0:66:bc:b2:7a:ac:51:e9:71:a4:ac:
79:51:05:3a:a2:13:e2:9b:e5:10:bb:95:a2:4b:ae:b3:a7:ae:
a8:eb:c4:87:35:0f:d2:c5:10:7f:90:e1:49:47:d5:3d:36:cd:
f9:2c:9c:2c:54:c4:bb:54:91:17:64:34:ae:be:fa:e8:2c:19:
1c:1f:56:8f:bc:74:a8:97:cc:a6:ed:89:96:a8:33:2b:a5:88:
a0:3b:8f:5c:b0:3e:b3:6a:bd:51:33:12:d5:6c:ef:c0:a2:bf:
b9:1b:2e:be:e8:48:e7:b1:0b:ae:08:12:e1:3b:83:25:93:3e:
f8:be:96:8f:e0:81:be:dd:5c:0e:57:81:a4:64:52:67:c9:40:
02:72:b2:ed:be:e0:16:e6:5e:f8:77:ff:22:ad:3f:19:9d:7c:
04:7c:b3:f2:10:d6:d0:8d:91:fb:31:f1:8a:0a:54:30:a0:1f:
ce:7f:ee:59:01:37:07:6b:2d:18:b4:5c:a0:7f:e3:84:71:ce:
d9:57:f9:6f:c9:aa:e5:fd:70:01:8e:b9:6c:5d:72:e0:6b:cc:
60:b5:7b:30:70:23:0d:71:77:4e:c4:68:57:7a:6f:c2:e9:2c:
d0:f0:80:e4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeKxsKt5ewWs+B8Ek2Oidg1mkLJUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMDUwMDAwMDBaFw0yNDA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGVlNjYyZmZiYmFkNTMzM2M3ZTg1YzA0OWZhNGJiNTNlNGU3ZTRlOWJjN2Fh
YjcyYTMxNmVlNDMwNWFkYTA5NDUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKNWlQgIpHOTl9RUi/5f3PWxZFd9Qoc8Bu4v23nvNZwSDJ+5HPMotzDEEBut
SEeNr5Qwk5Brtbk00edksnadr4Y+ltPpCFPAhJKn4Azgsg6qZm9JaMIX57T4LVrZ
95bdQ6g3N7RtsBRs1AvqMJyizCA8ZOtfOwfLlAI8isp/JUq9b95WJDGoYMJZT0Cn
7YPhO6vqdbRuke154D0kBgRhXLuYikh/MLrhRpF2OOfvao0KHCHkKmIbhtXT+4TM
EUC5ZobnoE+xRtwmhI8sSZxIjevW5YjM7//sT5ILkG0i99ILgHH4s46Yz2k7KGNw
ifJEpwoS1eYIKE5dzF9wDLc11cMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRgXKEu
zjy0TiUKjfGqQN2CwNaZ4zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNjOWY5YzQtMzlhMi00ZjVmLTkxODgtMWE5ZTBkY2NmMjA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOWMA0G
CSqGSIb3DQEBCwUAA4IBAQDAIofSmuXTa70OiipIZoyQ4sPt9qdfgR8doGa8snqs
UelxpKx5UQU6ohPim+UQu5WiS66zp66o68SHNQ/SxRB/kOFJR9U9Ns35LJwsVMS7
VJEXZDSuvvroLBkcH1aPvHSol8ym7YmWqDMrpYigO49csD6zar1RMxLVbO/Aor+5
Gy6+6EjnsQuuCBLhO4Mlkz74vpaP4IG+3VwOV4GkZFJnyUACcrLtvuAW5l74d/8i
rT8ZnXwEfLPyENbQjZH7MfGKClQwoB/Of+5ZATcHay0YtFygf+OEcc7ZV/lvyarl
/XABjrlsXXLga8xgtXswcCMNcXdOxGhXem/C6SzQ8IDk
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:18:28 2024 by rpki-client on console-ams.rpki-client.org