Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2ec30ed-974a-43a5-b46e-c1e08243cbdb.roa
File: a2ec30ed-974a-43a5-b46e-c1e08243cbdb.roa (raw, json)
Hash identifier: 8YT5q/X52XB7lidHjbeMAKlc4tLUwOZOttFKmAnwvz4=
Subject key identifier: 8C:39:E6:B8:8D:9A:D7:60:89:46:58:9D:BB:CA:DB:85:81:44:9B:7A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0B48A987EBB2D9E1087BCA046535CFED0D1E88C5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2ec30ed-974a-43a5-b46e-c1e08243cbdb.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.164.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 00:45:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:48:a9:87:eb:b2:d9:e1:08:7b:ca:04:65:35:cf:ed:0d:1e:88:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=b557d04e79a3148dc83bb08d8b0356a8cc97b19b83152291d6af3b06b64fa9c6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:81:35:e0:b6:52:32:b5:9c:ec:50:73:c7:5b:
09:18:6d:21:45:bf:98:74:75:95:d5:01:b8:9a:5b:
f1:c4:d2:17:46:3c:a2:92:82:58:86:89:da:47:d5:
f3:a2:3a:d5:5d:02:d2:e5:fc:b1:59:36:9a:f2:cc:
22:5d:1f:5f:d3:f4:62:d2:4e:66:a4:9b:36:62:28:
b7:00:08:86:2a:21:93:a5:70:ee:fe:bd:9f:4e:41:
e8:3e:33:0f:45:04:ea:7d:38:34:f8:48:cf:e2:1d:
c6:0f:fb:a7:58:3e:6d:4a:17:5b:f1:db:cc:f5:57:
60:38:05:8b:52:9b:97:c6:68:53:8f:4a:9a:c2:c4:
97:61:e4:cc:5c:3d:7e:0b:86:94:47:1c:03:4b:10:
88:14:ca:fd:4f:ac:de:39:b2:c6:44:41:81:be:f0:
68:8c:fa:d8:27:61:dd:b4:56:86:97:ed:66:2f:f5:
78:77:19:fd:97:5b:3b:bb:a1:9a:3c:7a:d7:6e:1e:
b8:53:0d:50:ab:6a:e7:56:70:e5:4a:78:20:11:de:
e7:21:5b:8a:27:04:5d:cc:a8:78:a8:62:b6:0f:3a:
6f:ec:42:76:e8:99:bf:74:06:b8:da:a9:eb:31:be:
7b:15:7d:fa:b0:bb:20:06:02:de:68:23:94:a8:a5:
13:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:39:E6:B8:8D:9A:D7:60:89:46:58:9D:BB:CA:DB:85:81:44:9B:7A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2ec30ed-974a-43a5-b46e-c1e08243cbdb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.164.0.0/15
Signature Algorithm: sha256WithRSAEncryption
cb:5d:33:f5:e7:4e:f2:fa:f6:94:4d:ca:c0:bb:12:32:e7:3a:
28:ef:14:13:d4:5a:1d:ee:d0:90:ad:c9:80:8f:0b:a1:90:a8:
dc:60:ac:3b:e4:fd:06:f3:ee:ce:36:a4:fa:2a:ac:4e:35:a9:
40:8d:e2:62:b8:6f:82:a9:25:16:cc:71:38:d2:5f:53:5e:37:
14:d4:ff:70:bb:dd:27:9c:bd:c9:17:f8:8b:64:8d:9d:2c:e2:
a1:5d:21:80:75:be:66:98:58:d3:b3:69:3f:47:c5:d8:03:a5:
ed:af:13:36:03:7a:1a:ba:9b:2b:ef:47:cc:43:94:fd:3e:b0:
bf:ca:cb:cf:96:88:79:a8:27:50:2a:88:d9:da:f5:7f:62:2e:
33:3d:e0:c6:d2:41:0c:3c:12:cd:74:ee:37:02:a7:f5:20:5d:
74:26:85:05:30:49:f4:af:0c:b0:f6:ea:3e:86:5d:26:c3:b6:
b6:a3:9d:ac:fb:1e:91:4c:14:ea:c8:97:17:12:ac:91:0c:d0:
f8:c9:bd:f1:33:86:a6:7a:71:a6:a4:aa:7d:2b:37:12:fe:73:
e5:ff:db:72:fa:e9:fb:fe:c7:26:95:a7:b1:1b:d9:36:33:89:
7b:f8:28:8b:69:d5:34:1a:76:d9:3d:f4:76:0b:f8:e0:9f:b7:
bc:3a:51:33
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUC0iph+uy2eEIe8oEZTXP7Q0eiMUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1NTdkMDRlNzlhMzE0OGRjODNiYjA4ZDhiMDM1NmE4Y2M5N2IxOWI4MzE1
MjI5MWQ2YWYzYjA2YjY0ZmE5YzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJOBNeC2UjK1nOxQc8dbCRhtIUW/mHR1ldUBuJpb8cTSF0Y8opKCWIaJ2kfV
86I61V0C0uX8sVk2mvLMIl0fX9P0YtJOZqSbNmIotwAIhiohk6Vw7v69n05B6D4z
D0UE6n04NPhIz+Idxg/7p1g+bUoXW/HbzPVXYDgFi1Kbl8ZoU49KmsLEl2HkzFw9
fguGlEccA0sQiBTK/U+s3jmyxkRBgb7waIz62Cdh3bRWhpftZi/1eHcZ/ZdbO7uh
mjx6124euFMNUKtq51Zw5Up4IBHe5yFbiicEXcyoeKhitg86b+xCduiZv3QGuNqp
6zG+exV9+rC7IAYC3mgjlKilE90CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSMOea4
jZrXYIlGWJ27ytuFgUSbejAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTJlYzMwZWQtOTc0YS00M2E1LWI0NmUtYzFlMDgyNDNjYmRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOkMA0G
CSqGSIb3DQEBCwUAA4IBAQDLXTP1507y+vaUTcrAuxIy5zoo7xQT1Fod7tCQrcmA
jwuhkKjcYKw75P0G8+7ONqT6KqxONalAjeJiuG+CqSUWzHE40l9TXjcU1P9wu90n
nL3JF/iLZI2dLOKhXSGAdb5mmFjTs2k/R8XYA6XtrxM2A3oaupsr70fMQ5T9PrC/
ysvPloh5qCdQKojZ2vV/Yi4zPeDG0kEMPBLNdO43Aqf1IF10JoUFMEn0rwyw9uo+
hl0mw7a2o52s+x6RTBTqyJcXEqyRDND4yb3xM4amenGmpKp9KzcS/nPl/9ty+un7
/scmlaexG9k2M4l7+CiLadU0GnbZPfR2C/jgn7e8OlEz
-----END CERTIFICATE-----
Generated at Sat Apr 20 02:38:44 2024 by rpki-client on console-ams.rpki-client.org