Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
File: 8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa (raw, json)
Hash identifier: 543Qh1Fzl3kaBaG6q4dN7DdmCmJeG4u3LfIpD39R8so=
Subject key identifier: 73:5C:A4:B2:87:23:72:75:FC:AC:7C:BC:1C:DB:8A:58:B7:14:81:14
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 524128E307DE1005C401D18ECDC74C84A89440A5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.226.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Apr 2024 17:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:41:28:e3:07:de:10:05:c4:01:d1:8e:cd:c7:4c:84:a8:94:40:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=f403be2d0cd1cc0096d46089616a7b3e27c3186e23d793a4aa75d433e2e6ce61, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:62:1f:a9:18:05:e6:45:dd:a9:5b:68:30:03:
85:10:ba:5b:dd:da:f7:36:b9:fb:5e:c5:4c:ed:99:
54:81:7d:2a:15:dd:89:a9:56:77:c8:15:85:27:9d:
4e:63:00:f7:79:09:01:04:51:d4:41:ab:cf:10:37:
cc:9e:82:9c:aa:84:55:e5:41:fa:7c:05:2e:11:d0:
76:b2:74:7a:d2:b0:30:3c:7b:d0:c7:98:86:05:92:
cb:c7:0d:1e:e0:89:3c:da:24:69:88:94:6a:d9:1b:
16:fd:e6:38:4f:5b:b2:16:71:f9:f7:fa:53:f0:80:
fc:64:20:50:80:46:20:bf:07:bb:67:14:ca:19:11:
83:23:f3:37:b7:88:8f:e5:c1:42:24:9b:d9:3a:e8:
03:21:40:e6:fb:cd:29:e9:1f:75:60:b6:2f:18:e5:
92:00:ea:97:e5:ea:b2:ac:a6:b1:5b:cf:88:89:22:
7c:0d:6a:6f:ae:c6:cd:66:70:31:9b:56:07:ec:7b:
9c:af:da:d4:ab:89:54:47:43:6f:c5:a5:f5:45:14:
cc:d8:fb:7c:99:2a:a2:5d:99:90:41:47:ba:4f:d8:
02:be:af:8d:0f:cd:22:80:30:00:58:74:39:01:53:
7d:12:e7:f9:70:17:c3:a2:66:09:9f:f6:5e:cf:79:
dd:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:5C:A4:B2:87:23:72:75:FC:AC:7C:BC:1C:DB:8A:58:B7:14:81:14
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.226.0.0/15
Signature Algorithm: sha256WithRSAEncryption
ce:9b:1e:42:f7:db:a6:30:21:8a:70:f1:2e:ba:19:0c:87:72:
e9:7f:04:f0:df:d0:58:c3:83:a9:aa:8d:1c:77:0f:f5:d5:2b:
39:21:aa:83:2a:3c:55:f9:cf:82:71:41:84:39:84:be:0e:23:
cd:47:cf:41:9e:30:13:ad:b7:6a:a8:76:d0:b5:41:43:98:4d:
32:10:38:67:cb:e3:b9:7b:ae:3f:2c:78:d6:36:11:b6:af:14:
d9:74:f2:8e:f9:70:e9:fe:ed:89:be:a0:b5:53:12:ce:5f:4c:
3b:0b:81:4b:03:55:f2:5c:d7:1a:25:35:3e:21:a5:48:47:52:
49:81:13:00:86:5b:64:d4:aa:d7:de:3d:2b:e6:df:b5:ff:be:
00:2c:59:78:6e:26:cf:8d:37:8a:7f:94:0e:98:1c:27:f7:1c:
9e:7d:1b:fb:bd:9b:14:54:be:76:5e:3d:83:68:e4:15:63:71:
cd:05:43:f0:69:87:04:76:6a:04:28:09:d3:94:d0:76:b6:b4:
da:98:b4:0d:32:38:ee:cb:3f:d9:17:1a:9f:aa:f5:81:d0:a2:
68:ef:7d:e7:ea:e9:69:f6:e5:a1:0d:e6:2a:df:90:b1:67:8d:
cd:e8:36:9b:a6:98:ab:34:1e:e1:ea:bf:76:de:a7:67:77:ab:
14:4a:94:5f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUkEo4wfeEAXEAdGOzcdMhKiUQKUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0MDNiZTJkMGNkMWNjMDA5NmQ0NjA4OTYxNmE3YjNlMjdjMzE4NmUyM2Q3
OTNhNGFhNzVkNDMzZTJlNmNlNjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALtiH6kYBeZF3albaDADhRC6W93a9za5+17FTO2ZVIF9KhXdialWd8gVhSed
TmMA93kJAQRR1EGrzxA3zJ6CnKqEVeVB+nwFLhHQdrJ0etKwMDx70MeYhgWSy8cN
HuCJPNokaYiUatkbFv3mOE9bshZx+ff6U/CA/GQgUIBGIL8Hu2cUyhkRgyPzN7eI
j+XBQiSb2TroAyFA5vvNKekfdWC2LxjlkgDql+XqsqymsVvPiIkifA1qb67GzWZw
MZtWB+x7nK/a1KuJVEdDb8Wl9UUUzNj7fJkqol2ZkEFHuk/YAr6vjQ/NIoAwAFh0
OQFTfRLn+XAXw6JmCZ/2Xs953RkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRzXKSy
hyNydfysfLwc24pYtxSBFDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGRjZDEwMzEtMGM4ZC00ZWU0LTk1NjMtNTdkZGI2M2UxNjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPiMA0G
CSqGSIb3DQEBCwUAA4IBAQDOmx5C99umMCGKcPEuuhkMh3LpfwTw39BYw4Opqo0c
dw/11Ss5IaqDKjxV+c+CcUGEOYS+DiPNR89BnjATrbdqqHbQtUFDmE0yEDhny+O5
e64/LHjWNhG2rxTZdPKO+XDp/u2JvqC1UxLOX0w7C4FLA1XyXNcaJTU+IaVIR1JJ
gRMAhltk1KrX3j0r5t+1/74ALFl4bibPjTeKf5QOmBwn9xyefRv7vZsUVL52Xj2D
aOQVY3HNBUPwaYcEdmoEKAnTlNB2trTamLQNMjjuyz/ZFxqfqvWB0KJo733n6ulp
9uWhDeYq35CxZ43N6DabppirNB7h6r923qdnd6sUSpRf
-----END CERTIFICATE-----
Generated at Wed Apr 17 01:27:24 2024 by rpki-client on console-ams.rpki-client.org