Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9b135dbe-8c68-40c8-9510-c1daab9595af.roa
File: 9b135dbe-8c68-40c8-9510-c1daab9595af.roa (raw, json)
Hash identifier: twXpyuBEAP6hs04Z1akeqrXWCBBHTkXCnkoAYleGzbg=
Subject key identifier: 44:CA:8B:18:F6:9B:2C:8D:08:F1:6A:1B:91:EE:C5:F2:75:CC:5B:51
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 496A2FC184599C2BD856F7450CCE8C4500D6D0CC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9b135dbe-8c68-40c8-9510-c1daab9595af.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.110.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:6a:2f:c1:84:59:9c:2b:d8:56:f7:45:0c:ce:8c:45:00:d6:d0:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=5fdd958059b61cf7dba73a5be3d91f4872db4f7514b857955022c6809910236b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:6b:bb:fa:06:c7:69:b7:01:36:cf:78:78:d3:
45:ca:d9:f4:67:d7:53:5b:0e:49:60:05:a9:70:36:
57:7e:09:9d:f0:1e:8d:e9:59:d3:fc:f0:a2:9b:71:
6d:af:78:8a:12:27:3f:65:fc:ef:30:68:c2:af:9b:
67:ac:d7:86:36:a3:80:b4:96:18:3e:4f:41:25:50:
78:c8:9d:56:c8:5c:a1:bf:9c:8a:a2:2b:55:7f:24:
d7:08:aa:2d:85:51:12:19:ae:59:fd:8c:a4:e6:09:
36:7f:76:27:7f:58:0c:d9:85:e8:bf:c9:3a:f8:70:
94:29:7b:39:80:48:42:05:11:9c:f1:ba:3e:ef:d5:
af:93:cc:d8:2e:88:58:d6:00:df:b8:ea:2d:44:b4:
21:3d:7b:4e:f8:4c:e7:b9:dc:91:73:85:43:44:4a:
b0:79:08:0a:fc:cf:d5:1f:89:97:68:48:95:31:56:
56:58:92:80:1f:4a:e8:89:5a:16:e1:41:2d:f4:a4:
8d:8c:c4:17:c7:74:13:5b:06:43:00:1d:61:57:68:
ac:e1:d7:6e:97:d7:15:fb:e8:fd:98:f1:34:02:f9:
ee:db:61:ed:8e:13:cb:99:cb:5c:9a:f5:9e:71:11:
75:29:89:b3:87:ec:cd:4d:43:c3:70:34:39:12:97:
4e:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:CA:8B:18:F6:9B:2C:8D:08:F1:6A:1B:91:EE:C5:F2:75:CC:5B:51
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9b135dbe-8c68-40c8-9510-c1daab9595af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.110.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b9:04:dd:e2:65:6b:a4:e4:ee:5f:7f:b6:51:09:bc:1c:6b:ca:
79:5b:c0:9a:ea:31:41:10:21:76:13:aa:b9:11:c7:f0:8b:e6:
74:bb:e9:03:b9:fd:e9:3e:7c:c8:74:2d:2c:4c:a3:4e:74:5e:
86:45:0c:98:12:76:2e:1e:5e:7d:b7:37:d0:cd:79:43:f5:be:
b0:f0:79:26:99:df:79:c6:61:ef:9d:ac:ac:94:62:59:79:08:
02:4f:b5:48:ad:a7:19:7b:ca:b7:71:57:f8:ae:9b:e5:a3:6d:
da:27:05:7a:eb:4d:c8:fb:94:15:93:26:2d:93:a5:40:c8:d9:
2c:80:d1:0f:84:c2:ca:56:3c:b5:ea:b6:da:55:41:e4:8f:ee:
59:da:d1:9e:c8:ca:65:92:ae:5b:ac:a5:95:31:18:f2:56:cc:
ce:a9:de:d0:83:79:e8:c9:2b:b3:b9:7d:ab:88:58:b9:38:e4:
96:87:b1:a6:0e:a9:0d:8f:4a:2c:41:a4:fa:9a:c8:9b:62:7c:
9e:9e:f7:f6:cd:0b:f7:70:12:ca:ec:2f:60:52:1b:4b:5d:14:
de:d1:2f:37:02:d4:d7:db:40:ea:96:67:b2:46:c5:1b:bc:9c:
0b:9f:e7:66:8f:7f:74:cf:6c:9e:71:b1:5b:6f:a1:8b:8a:1b:
2b:f6:5e:43
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSWovwYRZnCvYVvdFDM6MRQDW0MwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDVmZGQ5NTgwNTliNjFjZjdkYmE3M2E1YmUzZDkxZjQ4NzJkYjRmNzUxNGI4
NTc5NTUwMjJjNjgwOTkxMDIzNmIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKhru/oGx2m3ATbPeHjTRcrZ9GfXU1sOSWAFqXA2V34JnfAejelZ0/zwoptx
ba94ihInP2X87zBowq+bZ6zXhjajgLSWGD5PQSVQeMidVshcob+ciqIrVX8k1wiq
LYVREhmuWf2MpOYJNn92J39YDNmF6L/JOvhwlCl7OYBIQgURnPG6Pu/Vr5PM2C6I
WNYA37jqLUS0IT17TvhM57nckXOFQ0RKsHkICvzP1R+Jl2hIlTFWVliSgB9K6Ila
FuFBLfSkjYzEF8d0E1sGQwAdYVdorOHXbpfXFfvo/ZjxNAL57tth7Y4Ty5nLXJr1
nnERdSmJs4fszU1Dw3A0ORKXTssCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBREyosY
9pssjQjxahuR7sXydcxbUTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWIxMzVkYmUtOGM2OC00MGM4LTk1MTAtYzFkYWFiOTU5NWFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNuMA0G
CSqGSIb3DQEBCwUAA4IBAQC5BN3iZWuk5O5ff7ZRCbwca8p5W8Ca6jFBECF2E6q5
Ecfwi+Z0u+kDuf3pPnzIdC0sTKNOdF6GRQyYEnYuHl59tzfQzXlD9b6w8Hkmmd95
xmHvnayslGJZeQgCT7VIracZe8q3cVf4rpvlo23aJwV6603I+5QVkyYtk6VAyNks
gNEPhMLKVjy16rbaVUHkj+5Z2tGeyMplkq5brKWVMRjyVszOqd7Qg3noySuzuX2r
iFi5OOSWh7GmDqkNj0osQaT6msibYnyenvf2zQv3cBLK7C9gUhtLXRTe0S83AtTX
20DqlmeyRsUbvJwLn+dmj390z2yecbFbb6GLihsr9l5D
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:40:27 2024 by rpki-client on console-ams.rpki-client.org