Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a461a201-5dfd-4f29-b790-759ae6e51a1f.roa
File: a461a201-5dfd-4f29-b790-759ae6e51a1f.roa (raw, json)
Hash identifier: GZ/ntmVbixAd9NFccxb1QxE5sCPyuqRZZchd3jlyFeI=
Subject key identifier: 36:79:5B:86:76:FB:7F:EB:15:36:B0:7D:E0:98:A5:CF:3F:A8:94:EA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7B73DF77ABB96F80F51D1D9BE59E4C93B0ACC1E8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a461a201-5dfd-4f29-b790-759ae6e51a1f.roa
Signing time: Sat 13 Apr 2024 00:00:00 +0000
ROA not before: Sat 13 Apr 2024 00:00:00 +0000
ROA not after: Sat 18 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.104.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:73:df:77:ab:b9:6f:80:f5:1d:1d:9b:e5:9e:4c:93:b0:ac:c1:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 13 00:00:00 2024 GMT
Not After : May 18 23:59:59 2024 GMT
Subject: serialNumber=793a42f1689831e86c6d0e44c62c6ee8f2a969921920d0b20109818382d1aade, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:2d:58:1f:d0:e5:a0:d7:8e:e1:12:78:4f:0c:
b1:4f:58:1f:8d:01:90:95:e1:f0:ae:42:64:e9:2c:
77:59:9c:75:69:f8:ce:3d:0c:8b:06:a3:bb:ad:bc:
43:20:f1:c5:44:a2:31:26:25:49:a1:28:a9:a6:54:
f7:48:dc:0c:41:c4:f7:38:15:b4:da:69:12:e7:be:
1c:75:28:ba:d9:3f:dc:a4:e7:a0:f8:8d:73:7d:87:
54:c9:51:59:4f:8e:0f:89:18:a3:e5:f2:2f:61:79:
79:84:19:7e:cd:c0:9d:5e:85:9e:13:4b:f8:d1:63:
fd:90:23:6f:db:07:cd:3e:19:46:94:1c:26:36:31:
97:51:b9:96:19:b7:d4:ac:4a:ab:37:10:18:db:0d:
0e:b5:31:5c:cc:ad:4f:21:3e:e7:ef:d0:12:3f:06:
c1:07:d1:8d:c9:a7:47:3f:35:60:79:66:62:03:c0:
fd:d5:ee:d2:19:11:03:c8:23:ff:72:51:78:ef:63:
1b:bb:32:87:a2:30:54:fc:b0:c4:a5:c4:a8:36:7c:
2c:b6:db:e4:ca:e2:01:69:eb:9b:0e:bb:3f:e6:0a:
e1:63:5a:b8:c5:f7:7e:7d:95:09:91:a2:67:56:c6:
8f:9c:3b:c8:95:84:d0:8c:8e:77:ea:85:77:e2:a0:
66:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:79:5B:86:76:FB:7F:EB:15:36:B0:7D:E0:98:A5:CF:3F:A8:94:EA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a461a201-5dfd-4f29-b790-759ae6e51a1f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.104.0/21
Signature Algorithm: sha256WithRSAEncryption
d5:3f:a0:fb:13:25:ab:ee:99:ac:41:01:55:4d:b2:be:81:d4:
37:e4:79:6a:30:bd:fe:f0:8c:f2:d0:21:92:ac:09:70:15:d0:
ba:ad:75:35:ba:35:f0:65:f9:c0:c8:ce:c4:db:ca:90:13:00:
26:2a:d9:81:a6:71:31:60:67:c0:77:91:ce:d3:4d:e5:e1:22:
df:e1:51:be:0b:a5:6c:ce:c8:c1:01:c5:28:c1:da:54:b2:be:
c5:af:06:8d:62:29:ec:0f:67:9c:48:39:fa:db:a2:97:8f:71:
c1:52:87:e8:c3:ba:64:2e:67:73:9f:d0:fc:d4:f0:85:38:55:
96:b1:71:0c:78:bb:41:61:db:e0:c2:6d:4d:14:b4:a0:72:d6:
bc:ac:c4:f4:e7:27:c3:ad:b3:a7:07:2e:02:00:07:7f:3c:cc:
81:8e:6c:cd:0f:18:20:31:9d:cf:1f:38:c2:a4:36:19:a2:7c:
08:7f:89:fd:bc:d7:c6:19:34:54:34:bb:28:44:49:87:0e:0a:
c9:d8:9f:d2:8a:75:6d:c7:bc:1f:36:7b:42:3b:9d:4a:ca:75:
26:4e:d7:28:ce:58:d0:35:c2:39:45:3c:d5:b6:77:61:6f:2f:
c2:10:58:93:61:3c:80:78:24:2e:1c:a8:09:6b:24:9b:f9:2a:
cd:fa:10:74
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUe3Pfd6u5b4D1HR2b5Z5Mk7CswegwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MTMwMDAwMDBaFw0yNDA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDc5M2E0MmYxNjg5ODMxZTg2YzZkMGU0NGM2MmM2ZWU4ZjJhOTY5OTIxOTIw
ZDBiMjAxMDk4MTgzODJkMWFhZGUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKstWB/Q5aDXjuESeE8MsU9YH40BkJXh8K5CZOksd1mcdWn4zj0Miwaju628
QyDxxUSiMSYlSaEoqaZU90jcDEHE9zgVtNppEue+HHUoutk/3KTnoPiNc32HVMlR
WU+OD4kYo+XyL2F5eYQZfs3AnV6FnhNL+NFj/ZAjb9sHzT4ZRpQcJjYxl1G5lhm3
1KxKqzcQGNsNDrUxXMytTyE+5+/QEj8GwQfRjcmnRz81YHlmYgPA/dXu0hkRA8gj
/3JReO9jG7syh6IwVPywxKXEqDZ8LLbb5MriAWnrmw67P+YK4WNauMX3fn2VCZGi
Z1bGj5w7yJWE0IyOd+qFd+KgZusCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ2eVuG
dvt/6xU2sH3gmKXPP6iU6jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTQ2MWEyMDEtNWRmZC00ZjI5LWI3OTAtNzU5YWU2ZTUxYTFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAaDAN
BgkqhkiG9w0BAQsFAAOCAQEA1T+g+xMlq+6ZrEEBVU2yvoHUN+R5ajC9/vCM8tAh
kqwJcBXQuq11Nbo18GX5wMjOxNvKkBMAJirZgaZxMWBnwHeRztNN5eEi3+FRvgul
bM7IwQHFKMHaVLK+xa8GjWIp7A9nnEg5+tuil49xwVKH6MO6ZC5nc5/Q/NTwhThV
lrFxDHi7QWHb4MJtTRS0oHLWvKzE9Ocnw62zpwcuAgAHfzzMgY5szQ8YIDGdzx84
wqQ2GaJ8CH+J/bzXxhk0VDS7KERJhw4Kydif0op1bce8HzZ7QjudSsp1Jk7XKM5Y
0DXCOUU81bZ3YW8vwhBYk2E8gHgkLhyoCWskm/kqzfoQdA==
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:35:26 2024 by rpki-client on console-ams.rpki-client.org