Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/92aa3163-803c-4865-acea-681184356c4d.roa
File: 92aa3163-803c-4865-acea-681184356c4d.roa (raw, json)
Hash identifier: 2CzbQowBfXvIHC3DWywFKLAv10S2wvcr6ACSft80mQc=
Subject key identifier: AE:FF:3F:B9:CB:AB:4A:6F:89:A9:BD:56:33:90:8C:07:26:80:CA:8A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1C9FD7ED94A532329E89DF83764F1FDF964C2853
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/92aa3163-803c-4865-acea-681184356c4d.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.226.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:9f:d7:ed:94:a5:32:32:9e:89:df:83:76:4f:1f:df:96:4c:28:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=b60e86ddf7b67d7811d047580fc8d4d6a2cc0c2aa1024c629a5f13ea1ad6b0a0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9a:85:91:70:9f:5f:08:2d:52:0d:31:c9:32:
b1:54:e4:9d:2b:7a:0f:2d:4f:c1:c8:93:58:78:b9:
5b:36:38:9e:1b:03:aa:4a:47:1a:b9:a2:a0:84:54:
0e:ad:9e:64:10:80:0c:39:d1:0d:6f:29:f3:9d:c1:
af:5c:cb:ec:93:3d:8e:cc:b6:3b:3e:66:69:b7:e1:
0a:60:aa:99:8d:5c:9f:ac:86:a7:38:9d:e2:8d:41:
6d:37:e9:a6:81:9e:a4:b8:08:76:70:05:f5:0a:b8:
e1:f8:13:98:20:e7:3d:37:20:26:90:f5:98:57:c7:
ad:c9:1a:a7:c2:84:b8:6d:58:83:76:43:d8:c2:3d:
bb:8c:9c:19:4d:69:15:4c:6e:f7:d8:f9:ec:47:d7:
2d:31:fe:94:01:f9:a4:ea:50:a0:45:1c:77:d9:6f:
32:c7:71:18:c2:26:78:13:c1:82:12:81:27:e7:0f:
2a:24:ac:1d:42:db:aa:62:7c:24:f7:84:2e:fb:54:
1c:b1:10:2c:75:b4:b4:f4:9c:cd:d5:4f:f6:66:10:
42:12:43:04:b9:c7:51:cd:3d:7b:f7:80:b5:c7:08:
ce:07:be:60:27:b1:26:e0:43:7c:9b:0f:8a:b3:8a:
f3:dc:12:42:11:40:2f:55:dc:30:60:40:df:92:c1:
5c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:FF:3F:B9:CB:AB:4A:6F:89:A9:BD:56:33:90:8C:07:26:80:CA:8A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/92aa3163-803c-4865-acea-681184356c4d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.226.0.0/15
Signature Algorithm: sha256WithRSAEncryption
1c:cc:d2:1c:17:fd:d7:eb:93:bb:f4:6c:44:b0:f9:42:8e:41:
df:08:98:a9:9f:ec:08:91:c5:54:80:75:a6:92:db:67:12:5b:
4a:86:60:c1:f4:83:d2:c5:b6:0f:e2:28:3d:a1:38:67:17:94:
9a:e5:10:7d:fe:6e:7a:55:f8:ba:60:f9:a2:29:ea:f1:45:1a:
af:f1:fd:2f:3f:7a:57:cc:bf:b2:0c:bf:2f:f0:13:5d:a6:65:
ad:a8:36:93:e8:47:b2:5a:92:72:10:f6:3a:34:65:a8:78:45:
61:6a:3e:05:90:b5:af:70:56:ae:8d:a5:6d:e0:75:fd:c1:eb:
dd:60:3e:f6:7c:14:8f:34:28:9c:9a:bf:1e:44:68:3d:f1:69:
00:f0:d5:cf:1e:ba:ee:d6:d7:85:e2:e4:15:93:f8:f4:dd:57:
e8:b6:6c:29:ca:8e:ef:c1:bb:45:1b:21:f7:47:bd:a8:64:63:
c2:a0:16:6a:77:6f:b4:4b:d4:d8:66:9a:e8:8a:67:5e:c8:75:
13:e6:de:cd:9e:d8:e2:7a:c6:47:98:07:cf:ee:ef:17:3c:12:
19:7b:7e:74:31:15:56:74:0c:b2:2c:ff:41:cc:15:3c:f3:fc:
85:3e:16:8e:b7:ef:38:63:bf:e3:ae:17:ba:76:17:d1:89:a8:
6a:85:3a:37
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHJ/X7ZSlMjKeid+Ddk8f35ZMKFMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGI2MGU4NmRkZjdiNjdkNzgxMWQwNDc1ODBmYzhkNGQ2YTJjYzBjMmFhMTAy
NGM2MjlhNWYxM2VhMWFkNmIwYTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKmahZFwn18ILVINMckysVTknSt6Dy1PwciTWHi5WzY4nhsDqkpHGrmioIRU
Dq2eZBCADDnRDW8p853Br1zL7JM9jsy2Oz5mabfhCmCqmY1cn6yGpzid4o1BbTfp
poGepLgIdnAF9Qq44fgTmCDnPTcgJpD1mFfHrckap8KEuG1Yg3ZD2MI9u4ycGU1p
FUxu99j57EfXLTH+lAH5pOpQoEUcd9lvMsdxGMImeBPBghKBJ+cPKiSsHULbqmJ8
JPeELvtUHLEQLHW0tPSczdVP9mYQQhJDBLnHUc09e/eAtccIzge+YCexJuBDfJsP
irOK89wSQhFAL1XcMGBA35LBXI0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSu/z+5
y6tKb4mpvVYzkIwHJoDKijAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTJhYTMxNjMtODAzYy00ODY1LWFjZWEtNjgxMTg0MzU2YzRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPiMA0G
CSqGSIb3DQEBCwUAA4IBAQAczNIcF/3X65O79GxEsPlCjkHfCJipn+wIkcVUgHWm
kttnEltKhmDB9IPSxbYP4ig9oThnF5Sa5RB9/m56Vfi6YPmiKerxRRqv8f0vP3pX
zL+yDL8v8BNdpmWtqDaT6EeyWpJyEPY6NGWoeEVhaj4FkLWvcFaujaVt4HX9wevd
YD72fBSPNCicmr8eRGg98WkA8NXPHrru1teF4uQVk/j03Vfotmwpyo7vwbtFGyH3
R72oZGPCoBZqd2+0S9TYZproimdeyHUT5t7NntjiesZHmAfP7u8XPBIZe350MRVW
dAyyLP9BzBU88/yFPhaOt+84Y7/jrhe6dhfRiahqhTo3
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org