Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa
File: 9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa (raw, json)
Hash identifier: VlqFEFtrfReGepx6B9Txtt/xDuYkkmyll688Ol/O2Oc=
Subject key identifier: 3E:99:1F:81:35:D7:32:4A:FB:ED:E3:DE:E9:81:E0:E4:52:C7:D0:E0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 344FF0017B3BA9FEB556D0E103A6CA151337E71B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.139.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:4f:f0:01:7b:3b:a9:fe:b5:56:d0:e1:03:a6:ca:15:13:37:e7:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=344f43688a39e6db6a1e280fd0e7028aced7f2ec1d4139d52652a8ed1eef4fbd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d4:70:5c:c3:10:b6:b3:91:9a:7a:14:7f:a4:
fe:c6:02:a4:44:22:83:05:15:6e:c7:9e:60:22:a0:
e4:6e:ba:c5:a3:57:5b:46:bb:cc:8e:1e:5b:0a:2d:
2c:e3:46:74:e8:3e:12:39:7b:7d:0a:a6:6f:e5:b7:
e7:0c:fa:2a:de:89:85:ab:86:88:ce:17:3e:5a:d7:
fd:67:ad:f3:4c:7b:c3:cb:89:b0:46:50:74:c3:64:
e2:2c:8d:53:1a:14:0f:9c:64:9a:7a:3a:4d:a3:e7:
1d:5f:cb:cc:32:21:1b:0a:ed:59:08:d3:f6:c6:fc:
e5:91:2f:1d:cc:59:f2:0e:b1:27:9b:0b:51:16:c8:
c3:b6:e6:98:16:f9:46:bb:d3:f1:3f:48:2b:d3:c5:
66:ca:39:83:70:17:25:8f:e3:8d:3b:30:ef:c9:3f:
03:cd:2f:ef:c1:6d:13:f4:f1:03:78:0b:af:c3:1a:
2c:10:b5:41:49:e0:ac:a4:0c:cf:a0:55:01:af:5c:
82:a4:5f:fa:b1:48:40:9a:65:cf:93:8f:5c:81:1f:
69:9c:92:35:7b:96:fd:c9:15:c0:46:63:39:26:58:
14:d5:5b:47:35:2f:7a:df:2b:a5:7f:21:52:e3:df:
08:c0:5c:54:e3:08:3d:7f:e1:aa:2a:16:6a:dd:e9:
76:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:99:1F:81:35:D7:32:4A:FB:ED:E3:DE:E9:81:E0:E4:52:C7:D0:E0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.139.0.0/16
Signature Algorithm: sha256WithRSAEncryption
45:42:f9:15:7e:c3:b2:e0:fd:5c:40:16:b5:13:f2:05:7a:8e:
1f:ec:1e:ce:cf:80:c7:a9:26:2c:ed:53:68:4b:cd:c4:76:25:
ea:58:02:3a:5e:26:a0:b7:25:87:72:f7:2f:a2:9d:7c:a6:83:
c6:ae:20:0a:3b:78:e7:89:07:d3:e6:db:9e:2e:96:46:c7:74:
1d:13:2f:72:07:c0:56:a7:12:c1:6a:f1:0e:29:72:22:7c:0d:
a7:51:88:2f:c8:8e:ab:ea:ad:ee:ff:e2:80:23:1e:82:07:61:
0f:b2:08:40:4f:04:8f:df:49:76:3b:bc:f6:ec:bc:6a:a3:14:
95:11:76:23:06:30:db:40:f0:2f:69:ae:fe:1f:3c:91:16:60:
b4:bc:a6:9f:78:e1:9d:94:86:6d:a1:04:9a:55:d8:3d:cf:ce:
78:be:1e:1c:ec:f5:03:53:99:3a:ff:c3:01:2b:28:c0:98:04:
34:f9:f7:f8:e2:48:ce:68:fb:65:99:39:f8:00:96:77:13:2f:
d0:c8:2d:5d:d3:a9:8b:8f:f5:a5:57:56:7c:04:88:46:8b:6e:
5c:ff:1f:06:b3:b2:df:1e:6f:99:17:43:49:96:89:61:94:b7:
a2:f0:10:31:37:6f:f7:42:95:b1:fb:c4:d7:c4:24:e6:01:69:
e3:db:a7:91
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNE/wAXs7qf61VtDhA6bKFRM35xswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDM0NGY0MzY4OGEzOWU2ZGI2YTFlMjgwZmQwZTcwMjhhY2VkN2YyZWMxZDQx
MzlkNTI2NTJhOGVkMWVlZjRmYmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMXUcFzDELazkZp6FH+k/sYCpEQigwUVbseeYCKg5G66xaNXW0a7zI4eWwot
LONGdOg+Ejl7fQqmb+W35wz6Kt6JhauGiM4XPlrX/Wet80x7w8uJsEZQdMNk4iyN
UxoUD5xkmno6TaPnHV/LzDIhGwrtWQjT9sb85ZEvHcxZ8g6xJ5sLURbIw7bmmBb5
RrvT8T9IK9PFZso5g3AXJY/jjTsw78k/A80v78FtE/TxA3gLr8MaLBC1QUngrKQM
z6BVAa9cgqRf+rFIQJplz5OPXIEfaZySNXuW/ckVwEZjOSZYFNVbRzUvet8rpX8h
UuPfCMBcVOMIPX/hqioWat3pdq8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ+mR+B
NdcySvvt497pgeDkUsfQ4DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWEzZWFlNWMtMDI3ZS00YzM4LWFiOGUtMzMwYjNlNWJhZDk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOLMA0G
CSqGSIb3DQEBCwUAA4IBAQBFQvkVfsOy4P1cQBa1E/IFeo4f7B7Oz4DHqSYs7VNo
S83EdiXqWAI6XiagtyWHcvcvop18poPGriAKO3jniQfT5tueLpZGx3QdEy9yB8BW
pxLBavEOKXIifA2nUYgvyI6r6q3u/+KAIx6CB2EPsghATwSP30l2O7z27LxqoxSV
EXYjBjDbQPAvaa7+HzyRFmC0vKafeOGdlIZtoQSaVdg9z854vh4c7PUDU5k6/8MB
KyjAmAQ0+ff44kjOaPtlmTn4AJZ3Ey/QyC1d06mLj/WlV1Z8BIhGi25c/x8Gs7Lf
Hm+ZF0NJlolhlLei8BAxN2/3QpWx+8TXxCTmAWnj26eR
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:29 2024 by rpki-client on console-fra.rpki-client.org