Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e5dcc27-9bc3-4b82-8be2-a41315c61b33.roa
File: 8e5dcc27-9bc3-4b82-8be2-a41315c61b33.roa (raw, json)
Hash identifier: 92vdgQ/v+BMMllwQXNPnjVpmE/dz3EX37KufogGutv4=
Subject key identifier: 71:C0:A1:3F:C8:97:D5:E6:0D:C7:2C:84:B3:CE:6D:4F:54:89:67:76
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 26ED8F62CBFC6B4E459724F08CEC62037225A9E9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e5dcc27-9bc3-4b82-8be2-a41315c61b33.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.160.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:ed:8f:62:cb:fc:6b:4e:45:97:24:f0:8c:ec:62:03:72:25:a9:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=64a55ee1340cb43c038408cd7df9fb98d164a1d2807dce8e92984a5e4d19216e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:54:b8:b2:18:93:9a:e2:4d:03:78:fa:d6:07:
f2:7d:d2:ec:5f:27:ec:59:99:ee:f3:5e:c0:ef:c0:
c0:a1:7b:1d:f0:bf:d4:e9:72:f2:c8:dc:13:f5:6e:
f9:7b:77:2f:a3:12:f1:3f:24:95:02:73:d3:28:61:
05:d4:a1:ce:77:c8:61:cc:a7:5c:b4:bc:60:ec:96:
4b:55:bd:9b:85:b8:f3:6f:39:68:b3:8e:fc:69:9e:
88:36:db:93:8c:f6:a2:77:7f:95:5a:ca:21:ec:4a:
43:d3:02:12:6d:57:69:8d:dc:94:9d:4a:cc:f3:cc:
9a:3a:28:99:e6:fc:a5:3f:93:aa:93:b1:05:76:dc:
e7:f1:27:5d:4a:8f:da:46:49:61:d7:4f:dd:93:75:
07:4e:6f:b6:8a:13:46:80:c7:03:72:47:35:16:27:
72:80:f3:42:42:0e:31:1d:a7:78:67:82:e8:58:b9:
36:40:0c:f6:94:14:cd:1a:be:75:f0:e4:32:8f:ad:
ca:63:2e:9c:0c:51:01:aa:84:93:ca:9b:16:81:fe:
02:b2:d3:4b:00:cc:5c:e2:31:6e:61:de:39:e2:96:
34:e6:cc:dd:b6:36:75:ef:a2:8b:45:97:7e:af:c3:
3e:f2:24:e0:6d:83:ba:39:18:73:d7:cb:8d:ac:94:
5f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:C0:A1:3F:C8:97:D5:E6:0D:C7:2C:84:B3:CE:6D:4F:54:89:67:76
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e5dcc27-9bc3-4b82-8be2-a41315c61b33.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.160.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b6:f9:f8:3f:9d:f7:79:2d:9c:2d:db:39:0f:b9:3e:e0:84:42:
43:c9:37:69:8b:10:fb:e0:10:cf:7b:6a:0b:7a:72:87:66:97:
8d:45:89:3c:c4:ef:c5:4a:52:ad:75:1e:e8:1a:ea:8c:69:9e:
5c:22:a8:d2:30:6f:66:25:de:d9:6a:bd:4d:21:28:20:f1:ee:
bd:26:c4:15:c2:7f:ec:20:22:b0:92:a2:6c:16:d6:30:0a:13:
99:4e:84:40:29:7c:79:2b:9f:53:ad:2b:23:36:6c:31:35:82:
9d:4e:73:63:de:64:49:bc:d5:3e:fa:96:ab:cb:fe:7d:fd:55:
37:16:ec:27:9b:eb:a0:c0:f0:18:0a:22:35:60:00:46:70:31:
8c:4b:e2:24:90:c2:6f:3d:bf:07:c3:0d:ae:79:8d:d6:3d:70:
1d:7d:37:4f:82:25:c9:b8:ea:fa:88:03:ed:4e:b4:13:4b:0f:
8c:1c:70:ac:01:d4:e9:f2:fa:9e:91:f3:fc:7a:81:e3:a3:cd:
de:9f:af:14:a0:57:e6:30:61:be:cf:be:87:15:34:fe:95:65:
1d:e6:58:fe:3b:fd:24:af:68:07:5d:fb:7f:c3:86:40:f5:87:
35:a8:ac:df:3e:65:28:6d:81:6e:36:0a:54:a7:95:6e:13:a3:
62:aa:b1:83
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJu2PYsv8a05FlyTwjOxiA3IlqekwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDY0YTU1ZWUxMzQwY2I0M2MwMzg0MDhjZDdkZjlmYjk4ZDE2NGExZDI4MDdk
Y2U4ZTkyOTg0YTVlNGQxOTIxNmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKZUuLIYk5riTQN4+tYH8n3S7F8n7FmZ7vNewO/AwKF7HfC/1Oly8sjcE/Vu
+Xt3L6MS8T8klQJz0yhhBdShznfIYcynXLS8YOyWS1W9m4W48285aLOO/GmeiDbb
k4z2ond/lVrKIexKQ9MCEm1XaY3clJ1KzPPMmjoomeb8pT+TqpOxBXbc5/EnXUqP
2kZJYddP3ZN1B05vtooTRoDHA3JHNRYncoDzQkIOMR2neGeC6Fi5NkAM9pQUzRq+
dfDkMo+tymMunAxRAaqEk8qbFoH+ArLTSwDMXOIxbmHeOeKWNObM3bY2de+ii0WX
fq/DPvIk4G2DujkYc9fLjayUX7kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRxwKE/
yJfV5g3HLISzzm1PVIlndjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGU1ZGNjMjctOWJjMy00YjgyLThiZTItYTQxMzE1YzYxYjMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOgMA0G
CSqGSIb3DQEBCwUAA4IBAQC2+fg/nfd5LZwt2zkPuT7ghEJDyTdpixD74BDPe2oL
enKHZpeNRYk8xO/FSlKtdR7oGuqMaZ5cIqjSMG9mJd7Zar1NISgg8e69JsQVwn/s
ICKwkqJsFtYwChOZToRAKXx5K59TrSsjNmwxNYKdTnNj3mRJvNU++pary/59/VU3
Fuwnm+ugwPAYCiI1YABGcDGMS+IkkMJvPb8Hww2ueY3WPXAdfTdPgiXJuOr6iAPt
TrQTSw+MHHCsAdTp8vqekfP8eoHjo83en68UoFfmMGG+z76HFTT+lWUd5lj+O/0k
r2gHXft/w4ZA9Yc1qKzfPmUobYFuNgpUp5VuE6NiqrGD
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:52:15 2024 by rpki-client on console-ams.rpki-client.org