Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97a9749c-f933-42d6-a093-7bf3a4de27a5.roa
File: 97a9749c-f933-42d6-a093-7bf3a4de27a5.roa (raw, json)
Hash identifier: Ecj9UU+6k4wNfzuGf3wkAYGEdLoZ6aDE7CN3TTvBxq8=
Subject key identifier: B9:DC:86:0D:A8:20:11:F5:07:D1:C4:89:F3:50:FB:22:3F:FD:FF:14
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7C4D8171DC4079DAFCB79FF34DEBB2EB84866142
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97a9749c-f933-42d6-a093-7bf3a4de27a5.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.69.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Apr 2024 19:21:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:4d:81:71:dc:40:79:da:fc:b7:9f:f3:4d:eb:b2:eb:84:86:61:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=38a85b9e82619f26e8b0fae203e83316d2c2b646e40485f3280e2d01f6bad849, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:d7:1c:f4:ec:17:e9:76:a0:91:3a:77:0e:c5:
d4:b0:bc:62:87:9f:e7:86:8b:4f:5e:39:b1:41:9a:
1b:7d:8f:c7:29:59:22:38:f5:fb:42:00:d5:36:68:
c0:e6:74:bb:47:11:2b:73:e0:cb:23:c7:40:e7:8f:
b1:97:47:f6:5d:de:92:fb:e4:96:b5:28:a7:3a:2d:
9d:d1:ec:f9:7b:f3:bf:1a:d7:6a:0e:cf:c1:37:11:
04:f5:0e:64:d9:36:cb:58:ae:f7:20:0b:fb:f5:2f:
d5:b4:d9:a5:e4:03:77:ce:d6:66:67:a4:a9:fc:a5:
de:2c:a3:ad:19:de:9c:ea:a1:2b:a0:1a:17:fd:01:
ad:e1:ed:5c:4e:5c:d1:b1:a9:3a:36:bc:f2:d3:68:
63:7b:a4:87:f5:57:fe:68:e2:dd:27:08:bb:fe:7c:
80:94:75:a3:82:61:24:4a:c1:cc:d5:35:ab:33:41:
8f:2a:cf:ad:6c:f5:2d:0f:75:1f:3f:31:96:33:e8:
d8:ec:28:fd:c8:68:e1:dc:66:fd:33:25:dd:3a:5e:
8d:1f:32:44:45:83:f6:19:88:bb:72:1e:06:1d:ed:
06:d0:70:a7:0d:0a:9d:9a:b3:24:19:c7:d4:e6:08:
77:1c:f2:f9:98:03:37:6b:1b:89:27:5b:ee:4e:3b:
a0:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:DC:86:0D:A8:20:11:F5:07:D1:C4:89:F3:50:FB:22:3F:FD:FF:14
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97a9749c-f933-42d6-a093-7bf3a4de27a5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.69.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7e:e7:c2:ea:76:8c:43:2d:4d:4a:c5:37:eb:01:af:67:d0:82:
6c:dd:b5:31:d6:b3:f7:d5:b3:b1:01:6f:21:37:ef:27:6b:16:
50:e8:f4:7b:b9:56:79:9b:35:41:36:89:c7:21:05:16:3d:15:
0b:fd:bb:0a:ba:5e:46:21:1b:a9:c1:b4:c8:5c:a2:90:dc:5e:
e9:1c:90:61:7f:61:a3:5c:cb:f7:58:18:8d:4c:02:67:b4:54:
0b:45:3b:4f:fd:9b:43:73:8b:4e:9e:e3:73:03:a2:01:0a:3a:
5c:1b:73:e3:b4:d7:5e:83:f3:b5:f9:31:ab:b2:b7:d0:a5:c5:
9b:96:2b:f6:bb:33:9a:25:ac:29:d8:a7:3b:d1:60:ae:da:f3:
89:6a:a0:f3:18:92:14:52:5d:a1:3d:02:1f:fc:b5:30:c9:dc:
eb:a0:5b:6e:8e:c2:c2:fb:4e:27:f1:f9:c6:3c:d9:26:63:9e:
40:78:d9:ab:99:21:12:61:64:66:10:3d:e3:f2:cf:01:00:63:
52:29:33:40:a0:15:f4:54:4f:96:aa:83:a8:ce:96:e6:e0:fc:
ee:09:f0:a6:ee:bc:9b:fa:0a:36:b8:c0:e3:21:38:7e:97:c5:
68:ca:b1:cf:a4:74:f1:63:4f:b8:5f:55:44:3a:b1:ce:50:d9:
16:ee:22:bf
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfE2BcdxAedr8t5/zTeuy64SGYUIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4YTg1YjllODI2MTlmMjZlOGIwZmFlMjAzZTgzMzE2ZDJjMmI2NDZlNDA0
ODVmMzI4MGUyZDAxZjZiYWQ4NDkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPDXHPTsF+l2oJE6dw7F1LC8Yoef54aLT145sUGaG32PxylZIjj1+0IA1TZo
wOZ0u0cRK3PgyyPHQOePsZdH9l3ekvvklrUopzotndHs+XvzvxrXag7PwTcRBPUO
ZNk2y1iu9yAL+/Uv1bTZpeQDd87WZmekqfyl3iyjrRnenOqhK6AaF/0BreHtXE5c
0bGpOja88tNoY3ukh/VX/mji3ScIu/58gJR1o4JhJErBzNU1qzNBjyrPrWz1LQ91
Hz8xljPo2Owo/cho4dxm/TMl3TpejR8yREWD9hmIu3IeBh3tBtBwpw0KnZqzJBnH
1OYIdxzy+ZgDN2sbiSdb7k47oD0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS53IYN
qCAR9QfRxInzUPsiP/3/FDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTdhOTc0OWMtZjkzMy00MmQ2LWEwOTMtN2JmM2E0ZGUyN2E1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNFMA0G
CSqGSIb3DQEBCwUAA4IBAQB+58LqdoxDLU1KxTfrAa9n0IJs3bUx1rP31bOxAW8h
N+8naxZQ6PR7uVZ5mzVBNonHIQUWPRUL/bsKul5GIRupwbTIXKKQ3F7pHJBhf2Gj
XMv3WBiNTAJntFQLRTtP/ZtDc4tOnuNzA6IBCjpcG3PjtNdeg/O1+TGrsrfQpcWb
liv2uzOaJawp2Kc70WCu2vOJaqDzGJIUUl2hPQIf/LUwydzroFtujsLC+04n8fnG
PNkmY55AeNmrmSESYWRmED3j8s8BAGNSKTNAoBX0VE+WqoOozpbm4PzuCfCm7ryb
+go2uMDjITh+l8VoyrHPpHTxY0+4X1VEOrHOUNkW7iK/
-----END CERTIFICATE-----
Generated at Tue Apr 16 01:10:10 2024 by rpki-client on console-fra.rpki-client.org