Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
File: 84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa (raw, json)
Hash identifier: l23fLSLcml/+1KlqsbmcHVGXJQtaX3c0kisQbz5xmQY=
Subject key identifier: 5E:43:E0:A2:7D:A2:17:0A:D8:9A:79:A6:7C:F0:6A:97:04:EA:28:DE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 649630BB19A40A3661987BAF487E2E3CE8A68C25
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.236.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 00:45:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:96:30:bb:19:a4:0a:36:61:98:7b:af:48:7e:2e:3c:e8:a6:8c:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=4eedbdd47b8697a9f6dd579c119b37d929651c2835ae05612748e2d46618fb52, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:f6:0e:1a:af:3a:96:2e:2d:b3:1f:b7:47:ce:
04:48:75:c4:16:59:16:24:f9:f9:53:d7:ee:7d:cb:
eb:0d:ed:c0:5a:d9:8a:e2:c4:00:10:16:e8:ff:fd:
56:c6:a5:58:55:21:1c:19:53:73:1a:b0:a1:2c:ac:
02:66:37:aa:a2:27:05:9e:e0:be:29:f1:b0:d0:99:
e8:00:dd:c6:9c:d1:2f:74:0c:f4:8b:b9:a0:f5:ee:
e6:dc:95:cc:4e:b2:5b:75:2b:09:69:b5:08:25:45:
70:03:f6:66:cf:af:f1:81:af:6e:23:d0:71:35:d5:
fe:78:b2:62:eb:7d:dc:ca:6f:fa:db:65:9a:b6:82:
b8:3f:94:30:af:f8:cf:cf:2e:c6:84:94:b3:9e:ad:
d6:02:45:e4:97:fd:e0:56:ed:9a:c0:23:8d:d7:87:
9c:7f:84:1c:da:cf:d4:d8:5d:fd:7d:50:77:ad:46:
c6:0c:35:7f:23:16:5c:f1:14:a1:d4:fd:de:9f:ea:
2e:94:64:54:6a:bf:ed:ed:21:46:ab:7d:68:ae:05:
d4:bb:3e:48:87:03:3d:09:92:83:98:15:14:fe:58:
49:5a:21:e2:0c:ce:3a:0d:ea:50:85:ff:21:c5:94:
7e:64:a8:70:da:e9:18:d8:fa:6e:60:39:59:c9:00:
29:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:43:E0:A2:7D:A2:17:0A:D8:9A:79:A6:7C:F0:6A:97:04:EA:28:DE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.236.0.0/15
Signature Algorithm: sha256WithRSAEncryption
78:28:ae:51:f3:42:8c:13:37:01:5d:8c:eb:de:1a:45:8f:05:
1e:40:c3:ff:1b:f3:fa:e9:04:73:f4:cd:cc:2b:83:4a:64:06:
fc:98:37:a7:ba:48:00:ee:ef:07:ff:05:be:30:cd:ec:89:a8:
b3:82:61:94:e2:c5:53:e5:e3:5b:c1:ce:94:db:0b:30:e8:ea:
eb:9c:eb:2d:7f:94:a5:2f:89:d6:6c:d9:6d:a5:c0:71:e5:15:
db:c8:1a:9e:63:f8:55:6c:d1:f7:7a:e8:f9:1e:bb:13:85:0e:
d5:b7:59:d8:27:cd:ad:36:b9:ec:c9:0d:89:62:8b:87:e5:29:
47:d0:20:7c:72:a4:ce:bd:8b:8e:b8:7b:6d:2d:21:46:a5:c2:
3e:3f:bc:a4:fe:a2:dd:86:1b:ef:51:86:ba:27:d2:6e:b1:ce:
5f:84:df:67:2f:3a:70:93:35:7c:05:7b:cf:84:f8:fd:65:e3:
c9:12:4a:9c:f8:e7:d1:c8:66:56:ff:1d:87:08:ae:38:1d:7a:
15:39:f1:b3:d0:ec:e5:c1:b8:c6:61:63:71:d8:ce:ef:7b:9c:
d9:ed:e9:62:8f:69:84:72:ce:38:18:66:7e:69:6c:13:8c:db:
cc:5c:d0:bf:9c:17:82:a6:ff:9f:56:b2:7f:3b:9b:d8:d9:6a:
8d:df:66:c5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZJYwuxmkCjZhmHuvSH4uPOimjCUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDRlZWRiZGQ0N2I4Njk3YTlmNmRkNTc5YzExOWIzN2Q5Mjk2NTFjMjgzNWFl
MDU2MTI3NDhlMmQ0NjYxOGZiNTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOv2DhqvOpYuLbMft0fOBEh1xBZZFiT5+VPX7n3L6w3twFrZiuLEABAW6P/9
VsalWFUhHBlTcxqwoSysAmY3qqInBZ7gvinxsNCZ6ADdxpzRL3QM9Iu5oPXu5tyV
zE6yW3UrCWm1CCVFcAP2Zs+v8YGvbiPQcTXV/niyYut93Mpv+ttlmraCuD+UMK/4
z88uxoSUs56t1gJF5Jf94FbtmsAjjdeHnH+EHNrP1Nhd/X1Qd61Gxgw1fyMWXPEU
odT93p/qLpRkVGq/7e0hRqt9aK4F1Ls+SIcDPQmSg5gVFP5YSVoh4gzOOg3qUIX/
IcWUfmSocNrpGNj6bmA5WckAKYMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBReQ+Ci
faIXCtiaeaZ88GqXBOoo3jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODRjNDNiOTUtODVkMy00YzFkLWE2YmUtY2YxNzkwNmYxMWM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPsMA0G
CSqGSIb3DQEBCwUAA4IBAQB4KK5R80KMEzcBXYzr3hpFjwUeQMP/G/P66QRz9M3M
K4NKZAb8mDenukgA7u8H/wW+MM3siaizgmGU4sVT5eNbwc6U2wsw6OrrnOstf5Sl
L4nWbNltpcBx5RXbyBqeY/hVbNH3euj5HrsThQ7Vt1nYJ82tNrnsyQ2JYouH5SlH
0CB8cqTOvYuOuHttLSFGpcI+P7yk/qLdhhvvUYa6J9Jusc5fhN9nLzpwkzV8BXvP
hPj9ZePJEkqc+OfRyGZW/x2HCK44HXoVOfGz0OzlwbjGYWNx2M7ve5zZ7elij2mE
cs44GGZ+aWwTjNvMXNC/nBeCpv+fVrJ/O5vY2WqN32bF
-----END CERTIFICATE-----
Generated at Sat Apr 20 02:38:44 2024 by rpki-client on console-ams.rpki-client.org