Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a8b62ce7-3238-4647-ad97-9a9628b10f66.roa
File: a8b62ce7-3238-4647-ad97-9a9628b10f66.roa (raw, json)
Hash identifier: ZI09izvz1mvMu8RYfNkiJd6IqAmT+GWCTD52KFxkyCo=
Subject key identifier: 13:F5:FE:93:5E:93:18:E2:AD:42:AB:A3:CF:97:6B:FE:54:49:DD:49
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 22071957B594C9F6D7052BADF3A269F351ADBDCD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a8b62ce7-3238-4647-ad97-9a9628b10f66.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.228.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:07:19:57:b5:94:c9:f6:d7:05:2b:ad:f3:a2:69:f3:51:ad:bd:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=e3caec96d76dceb629dd5dd983f0772cad395b087262ef932295b03d9193c2d2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d9:5e:4d:58:8c:41:df:0d:15:71:09:20:69:
18:21:d3:cc:a1:f3:b1:ca:98:b5:b1:b8:95:7c:33:
cd:59:81:67:48:46:bf:51:29:d8:29:87:42:0c:5d:
66:05:e1:3b:cd:7c:46:bf:ea:00:95:e0:57:99:5c:
01:59:70:8a:e9:d6:e3:bc:51:ce:0c:b7:96:fe:c0:
ce:00:b5:52:42:57:4f:64:68:86:7d:80:cb:36:56:
6b:67:fb:28:b6:e2:e4:03:55:8e:ee:a6:bf:94:5c:
ee:ef:57:94:78:98:cc:1f:f8:bb:8f:5a:30:93:d5:
ad:c1:6b:01:ea:f0:3b:a6:18:fa:ef:fa:42:cf:42:
bc:34:a8:16:bd:c7:7c:e3:82:f7:b6:03:5e:5e:6e:
a7:7b:ed:6c:eb:ba:87:7a:8a:24:13:63:36:2b:4c:
ce:b0:d1:65:4f:db:89:4b:b4:76:75:01:b2:55:af:
be:f0:88:5b:59:f6:f5:5b:41:36:eb:45:fb:be:c3:
b0:42:ee:44:63:1c:e2:6e:35:6f:02:b9:4c:46:bf:
74:d4:8c:18:05:04:ec:bd:11:46:68:f1:0b:64:83:
d9:fd:ec:79:98:47:dd:99:57:59:53:77:4a:59:05:
24:0e:54:aa:60:49:6a:e3:c3:ec:1c:5c:74:c4:03:
a0:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:F5:FE:93:5E:93:18:E2:AD:42:AB:A3:CF:97:6B:FE:54:49:DD:49
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a8b62ce7-3238-4647-ad97-9a9628b10f66.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.228.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c8:43:87:c6:0d:95:c3:b0:d8:33:b9:5f:b6:69:b5:dc:0b:b3:
01:5d:96:8b:23:48:76:3b:0b:51:1f:c2:f4:83:69:4b:c3:06:
1b:c2:de:31:02:dc:f0:15:48:73:c2:1a:57:ee:21:a2:b6:fd:
41:13:3e:77:ff:d7:c7:f6:c8:7b:2b:2e:91:db:9e:61:e0:56:
e7:14:f1:b2:71:96:df:e6:c9:08:6c:bb:83:f7:66:3c:b4:28:
2d:ce:7b:6a:03:7c:00:65:91:e7:24:0f:b0:9e:e0:20:39:55:
9b:bd:0b:5a:33:4f:d8:76:38:03:9b:37:f0:2f:60:cb:a4:20:
17:40:b1:c6:99:01:96:68:4c:80:4b:5e:58:77:c5:06:ab:4e:
86:c2:dc:b1:a0:52:d9:7e:6e:4f:ba:ee:6d:bb:ae:d9:75:81:
e5:fb:7c:40:e3:da:b3:da:0f:25:88:8f:f1:8e:af:00:b3:6a:
8d:0b:a3:36:5b:4b:51:3e:fb:57:d4:c5:e9:8d:71:8d:63:7a:
c2:69:40:3f:6d:dc:d8:4e:dc:65:38:0d:c0:57:33:ba:d6:cb:
f2:4b:15:d9:79:9a:26:be:5e:6c:19:01:82:80:39:54:ff:ac:
f7:b0:d6:ca:43:84:70:93:49:c6:1b:ea:44:4a:de:24:0f:ec:
50:f2:28:9b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIgcZV7WUyfbXBSut86Jp81Gtvc0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzY2FlYzk2ZDc2ZGNlYjYyOWRkNWRkOTgzZjA3NzJjYWQzOTViMDg3MjYy
ZWY5MzIyOTViMDNkOTE5M2MyZDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALnZXk1YjEHfDRVxCSBpGCHTzKHzscqYtbG4lXwzzVmBZ0hGv1Ep2CmHQgxd
ZgXhO818Rr/qAJXgV5lcAVlwiunW47xRzgy3lv7AzgC1UkJXT2Rohn2AyzZWa2f7
KLbi5ANVju6mv5Rc7u9XlHiYzB/4u49aMJPVrcFrAerwO6YY+u/6Qs9CvDSoFr3H
fOOC97YDXl5up3vtbOu6h3qKJBNjNitMzrDRZU/biUu0dnUBslWvvvCIW1n29VtB
NutF+77DsELuRGMc4m41bwK5TEa/dNSMGAUE7L0RRmjxC2SD2f3seZhH3ZlXWVN3
SlkFJA5UqmBJauPD7BxcdMQDoKsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQT9f6T
XpMY4q1Cq6PPl2v+VEndSTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YThiNjJjZTctMzIzOC00NjQ3LWFkOTctOWE5NjI4YjEwZjY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPkMA0G
CSqGSIb3DQEBCwUAA4IBAQDIQ4fGDZXDsNgzuV+2abXcC7MBXZaLI0h2OwtRH8L0
g2lLwwYbwt4xAtzwFUhzwhpX7iGitv1BEz53/9fH9sh7Ky6R255h4FbnFPGycZbf
5skIbLuD92Y8tCgtzntqA3wAZZHnJA+wnuAgOVWbvQtaM0/YdjgDmzfwL2DLpCAX
QLHGmQGWaEyAS15Yd8UGq06GwtyxoFLZfm5Puu5tu67ZdYHl+3xA49qz2g8liI/x
jq8As2qNC6M2W0tRPvtX1MXpjXGNY3rCaUA/bdzYTtxlOA3AVzO61svySxXZeZom
vl5sGQGCgDlU/6z3sNbKQ4Rwk0nGG+pESt4kD+xQ8iib
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:40:27 2024 by rpki-client on console-ams.rpki-client.org