Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8df5aab7-a216-44a9-8516-a0faa3f4bf05.roa
File: 8df5aab7-a216-44a9-8516-a0faa3f4bf05.roa (raw, json)
Hash identifier: GCdy0z7RYaBU9v51BWp8u9szIMErk9OmWT8HdYd0EOc=
Subject key identifier: 64:56:3C:8D:28:33:50:4A:9E:E8:1B:BE:C6:43:22:4A:7E:25:0A:60
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 43DC4955F69FB15209E7F1A2CAA9046CBF8FD797
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8df5aab7-a216-44a9-8516-a0faa3f4bf05.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.192.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:dc:49:55:f6:9f:b1:52:09:e7:f1:a2:ca:a9:04:6c:bf:8f:d7:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=4b84faf30073287b4ba972816d38a1410c125d8a48ee22eb0b27cf09c9ab09d6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7b:05:71:e2:83:ff:df:e1:f3:23:36:02:bf:
df:30:20:4d:df:10:ae:4f:c2:1a:96:4a:5d:47:e6:
e6:7b:25:0f:55:8d:77:5a:b0:46:b8:99:cb:6e:8b:
4a:76:8c:e0:09:2c:47:9d:20:5e:3a:b9:28:e0:16:
24:36:dd:21:99:c4:06:b9:a4:1c:86:74:e7:16:85:
6e:4f:41:59:ef:6d:80:f1:57:26:fe:cb:0b:d4:58:
9d:24:b6:22:bb:43:39:c9:1a:e7:2f:14:19:de:6b:
61:f8:93:e5:d5:0c:05:0b:b2:0a:0d:cb:9c:e2:e9:
87:18:12:51:b0:c3:c6:c8:70:8d:a6:cf:aa:4a:7e:
74:05:23:26:04:48:d5:e1:aa:4a:1d:c3:2f:58:53:
be:9c:5c:cb:d3:5b:16:76:3e:34:64:b9:87:fb:87:
bb:40:a8:f1:e7:4e:56:22:b9:ef:f9:64:4a:42:a1:
18:33:f0:fb:de:4b:44:4f:c3:f5:4b:73:0e:cf:37:
b5:2a:cc:47:05:4b:73:99:36:fa:4c:52:b7:92:74:
ac:14:12:95:9f:66:bc:27:0a:b7:55:b2:e1:a2:55:
63:c6:89:f1:a0:7b:8b:62:5d:50:44:0a:6c:7c:fa:
97:55:de:3a:1b:f2:79:cd:86:e0:da:03:2c:f9:55:
5a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:56:3C:8D:28:33:50:4A:9E:E8:1B:BE:C6:43:22:4A:7E:25:0A:60
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8df5aab7-a216-44a9-8516-a0faa3f4bf05.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.192.0.0/15
Signature Algorithm: sha256WithRSAEncryption
9a:f8:20:b5:a2:5a:c5:79:c0:5e:35:69:b8:af:f0:40:34:0d:
0a:6c:71:c6:21:c4:b9:45:04:ef:64:1d:63:24:5d:4d:ac:20:
30:76:fd:9a:b4:f4:ff:e1:7e:b7:6d:d8:f1:a5:f3:35:b1:a9:
05:c2:bb:63:29:1e:1e:81:3f:7d:ee:e6:af:dc:70:12:58:17:
2b:15:b9:4c:2e:94:f2:df:13:11:13:fb:6d:29:6a:dd:94:5f:
25:b0:36:5a:c7:42:e0:8c:04:a9:c4:24:c2:23:34:d0:f3:42:
13:ef:9b:4d:75:58:3e:5c:f8:bf:aa:43:98:0d:95:18:07:64:
2e:73:b0:4e:43:9a:39:bc:2a:4f:34:9f:2f:36:51:19:63:4f:
e2:f6:6d:ac:33:9e:27:1d:3d:e2:15:4c:30:f9:22:1a:1f:32:
db:25:8f:58:88:bc:29:0c:91:e6:ce:fa:f0:3b:ea:01:21:c1:
b4:ef:4c:44:58:24:39:5f:0f:f6:06:62:44:a6:c0:f6:f3:8f:
77:13:a2:d1:f8:9b:4f:da:5c:0e:a7:8b:05:cf:00:f0:c4:ab:
5f:d8:8f:7d:2f:2e:fd:c5:5b:66:06:5e:d0:32:ba:80:f1:34:
32:9f:cf:93:53:4d:a4:80:ea:3f:88:16:b5:fd:e5:52:b3:39:
14:66:fb:9c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQ9xJVfafsVIJ5/GiyqkEbL+P15cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiODRmYWYzMDA3MzI4N2I0YmE5NzI4MTZkMzhhMTQxMGMxMjVkOGE0OGVl
MjJlYjBiMjdjZjA5YzlhYjA5ZDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJ7BXHig//f4fMjNgK/3zAgTd8Qrk/CGpZKXUfm5nslD1WNd1qwRriZy26L
SnaM4AksR50gXjq5KOAWJDbdIZnEBrmkHIZ05xaFbk9BWe9tgPFXJv7LC9RYnSS2
IrtDOcka5y8UGd5rYfiT5dUMBQuyCg3LnOLphxgSUbDDxshwjabPqkp+dAUjJgRI
1eGqSh3DL1hTvpxcy9NbFnY+NGS5h/uHu0Co8edOViK57/lkSkKhGDPw+95LRE/D
9UtzDs83tSrMRwVLc5k2+kxSt5J0rBQSlZ9mvCcKt1Wy4aJVY8aJ8aB7i2JdUEQK
bHz6l1XeOhvyec2G4NoDLPlVWmkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRkVjyN
KDNQSp7oG77GQyJKfiUKYDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGRmNWFhYjctYTIxNi00NGE5LTg1MTYtYTBmYWEzZjRiZjA1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPAMA0G
CSqGSIb3DQEBCwUAA4IBAQCa+CC1olrFecBeNWm4r/BANA0KbHHGIcS5RQTvZB1j
JF1NrCAwdv2atPT/4X63bdjxpfM1sakFwrtjKR4egT997uav3HASWBcrFblMLpTy
3xMRE/ttKWrdlF8lsDZax0LgjASpxCTCIzTQ80IT75tNdVg+XPi/qkOYDZUYB2Qu
c7BOQ5o5vCpPNJ8vNlEZY0/i9m2sM54nHT3iFUww+SIaHzLbJY9YiLwpDJHmzvrw
O+oBIcG070xEWCQ5Xw/2BmJEpsD28493E6LR+JtP2lwOp4sFzwDwxKtf2I99Ly79
xVtmBl7QMrqA8TQyn8+TU02kgOo/iBa1/eVSszkUZvuc
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:29 2024 by rpki-client on console-fra.rpki-client.org