Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
File: a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa (raw, json)
Hash identifier: I74FP/ZzsvqIwpdlVEV4doXp6BleM+pUtCvp5/CTk4Q=
Subject key identifier: 87:AC:27:1E:0F:31:D2:59:F1:4F:BC:83:45:2D:D7:3D:30:B8:D1:2C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4819C8D2AFD943C3DD6BC689AE5E1906160CB6F6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.206.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:19:c8:d2:af:d9:43:c3:dd:6b:c6:89:ae:5e:19:06:16:0c:b6:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=49f3f4eb915f0d6741107a922fc5faedf4444e8608dcbdc979fb6b858a84c57d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c1:19:77:52:59:11:42:0b:bf:c4:c3:39:6e:
8e:9b:87:e8:b2:39:fd:e2:5b:4c:17:9f:ae:b7:0f:
48:79:78:65:83:bc:a8:9f:62:14:c0:95:86:1d:80:
76:16:c9:1b:e1:38:0d:8b:47:c9:b6:9c:3c:4d:a3:
fa:6a:32:5e:95:d0:f9:82:72:33:a0:76:39:f1:b9:
1a:dc:4b:1a:0f:05:ce:8e:bf:49:0c:ca:1b:9c:03:
1a:b6:f0:02:b1:28:f1:e2:dd:e4:9c:4c:b0:c7:02:
2a:52:ee:1a:b1:5f:5f:86:47:74:fa:70:56:7c:4e:
b7:58:b2:a4:c1:3a:d5:8c:c9:8c:d5:00:2f:72:a2:
6b:b8:f3:9b:33:82:15:85:f2:b0:0e:78:34:38:d5:
25:99:ea:fa:bf:eb:7f:ac:23:a4:b4:7e:5a:8c:86:
14:37:ce:9d:ed:84:a7:fb:6c:4c:5a:88:ad:77:56:
9b:39:70:dd:62:9e:d0:e7:ff:92:6e:e6:7f:69:07:
b5:fc:36:46:2e:01:76:5a:97:48:28:f6:94:1d:36:
37:50:8f:cf:73:82:38:bc:e0:31:2c:3e:94:27:d5:
bc:f4:f8:55:94:e4:81:13:79:92:39:ec:e6:fc:6b:
dc:8c:a5:23:09:9c:ad:93:40:44:63:e0:f3:8f:55:
11:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:AC:27:1E:0F:31:D2:59:F1:4F:BC:83:45:2D:D7:3D:30:B8:D1:2C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.206.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b4:a5:da:1f:19:c0:e2:a0:55:52:e3:85:75:2e:99:51:72:2a:
6c:5b:61:08:ed:ce:25:54:09:10:40:39:06:6e:b7:7f:d4:2f:
de:1d:e1:ad:39:0d:ad:94:5e:b3:70:e6:e7:37:42:6d:aa:9e:
e1:26:ad:1f:04:5b:96:05:53:f5:8e:9c:eb:4e:28:f2:5a:04:
05:72:51:e1:c4:d2:73:9a:99:c9:ee:9c:dd:a5:a2:ba:e9:2c:
4a:7f:1d:07:f7:26:de:d8:15:76:2e:d5:9f:92:f6:7d:e0:cb:
1b:99:60:98:f8:1f:cf:0c:ec:42:52:32:a8:b1:24:c7:f5:81:
48:54:1a:b2:ee:a9:26:a2:1d:90:2f:9d:6e:fc:93:fa:12:2d:
9d:e5:6b:44:2c:89:c2:62:13:6d:55:b8:d5:8f:25:06:4e:4a:
e9:3c:f5:0a:65:db:55:41:d3:e9:c0:a4:ef:d8:e8:e6:a2:cf:
39:4d:33:f3:92:85:fc:f1:08:f4:15:94:4e:19:2b:f3:b1:4d:
fe:cf:13:30:01:cc:7c:d9:53:46:ac:b8:b9:f1:41:bc:4c:83:
55:2a:94:13:ff:c7:15:57:ac:23:43:87:e9:78:7b:0a:c7:2c:
e2:fa:5f:1b:cd:fb:f2:1c:fe:59:ac:b2:a3:51:31:14:f3:09:
85:1c:12:eb
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSBnI0q/ZQ8Pda8aJrl4ZBhYMtvYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjIwMDAwMDBaFw0yNDA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ5ZjNmNGViOTE1ZjBkNjc0MTEwN2E5MjJmYzVmYWVkZjQ0NDRlODYwOGRj
YmRjOTc5ZmI2Yjg1OGE4NGM1N2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJrBGXdSWRFCC7/EwzlujpuH6LI5/eJbTBefrrcPSHl4ZYO8qJ9iFMCVhh2A
dhbJG+E4DYtHybacPE2j+moyXpXQ+YJyM6B2OfG5GtxLGg8Fzo6/SQzKG5wDGrbw
ArEo8eLd5JxMsMcCKlLuGrFfX4ZHdPpwVnxOt1iypME61YzJjNUAL3Kia7jzmzOC
FYXysA54NDjVJZnq+r/rf6wjpLR+WoyGFDfOne2Ep/tsTFqIrXdWmzlw3WKe0Of/
km7mf2kHtfw2Ri4BdlqXSCj2lB02N1CPz3OCOLzgMSw+lCfVvPT4VZTkgRN5kjns
5vxr3IylIwmcrZNARGPg849VEUUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSHrCce
DzHSWfFPvINFLdc9MLjRLDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTJkMTBlN2QtYTc4NC00NzZkLTlkZjUtZjdlZmViNTVjZjM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPOMA0G
CSqGSIb3DQEBCwUAA4IBAQC0pdofGcDioFVS44V1LplRcipsW2EI7c4lVAkQQDkG
brd/1C/eHeGtOQ2tlF6zcObnN0Jtqp7hJq0fBFuWBVP1jpzrTijyWgQFclHhxNJz
mpnJ7pzdpaK66SxKfx0H9ybe2BV2LtWfkvZ94MsbmWCY+B/PDOxCUjKosSTH9YFI
VBqy7qkmoh2QL51u/JP6Ei2d5WtELInCYhNtVbjVjyUGTkrpPPUKZdtVQdPpwKTv
2Ojmos85TTPzkoX88Qj0FZROGSvzsU3+zxMwAcx82VNGrLi58UG8TINVKpQT/8cV
V6wjQ4fpeHsKxyzi+l8bzfvyHP5ZrLKjUTEU8wmFHBLr
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org