Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa
File: af8582f5-d209-4e12-aacf-31186289c430.roa (raw, json)
Hash identifier: MT0hTnHmO099RL6xyqMide0mT28w5087qZef9442G2U=
Subject key identifier: C5:6B:49:88:4C:92:9F:62:22:6E:58:94:38:A2:E5:56:32:0C:F7:7F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5C50092D853A05A0FE34B6A4C23BB12EC26E6CDA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.216.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:50:09:2d:85:3a:05:a0:fe:34:b6:a4:c2:3b:b1:2e:c2:6e:6c:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=11c40450f464e171b8a7014d53c3a6ffd1be451ab2e963c871cd321d13ca2b51, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ff:0e:9a:c4:a2:c4:a6:7f:4a:46:4d:1c:14:
41:63:39:02:44:4d:37:72:6a:4d:3b:8a:dc:84:bb:
5c:30:9d:2c:6c:f5:2c:af:e6:6c:b4:32:17:94:49:
1d:80:db:f7:d5:c6:40:a6:fd:10:0b:37:e6:8f:cc:
34:a7:ce:f8:ca:8c:07:b7:12:2b:ca:93:30:b1:28:
22:7e:0d:14:6d:c9:a9:d9:c0:3c:ec:62:c6:49:da:
fc:62:d0:9f:2a:10:19:b6:8c:1b:db:cc:72:89:49:
51:bb:fa:dc:26:1d:74:df:8d:51:38:44:1a:f5:23:
3e:19:11:89:7e:d3:1c:62:82:b3:4b:81:6c:fb:4a:
37:5f:b9:0f:93:07:a9:48:af:2c:1f:c0:f8:48:3c:
c7:1b:d4:96:03:c9:7f:14:44:03:2b:03:1f:93:7b:
29:f9:39:cd:ef:d9:76:bb:f7:eb:58:01:26:4d:92:
a1:6e:ca:76:92:85:d9:a7:99:2d:3f:bc:4a:1f:50:
ef:5f:1c:95:40:45:06:0e:f2:60:74:4d:41:88:04:
04:21:b6:f7:14:64:ae:a1:b9:98:8b:4a:e1:b1:02:
40:03:7e:df:01:ef:e1:ac:51:5c:f0:6b:84:86:0d:
16:5e:ce:7e:a0:43:23:77:ba:58:8b:a0:91:3d:dc:
69:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:6B:49:88:4C:92:9F:62:22:6E:58:94:38:A2:E5:56:32:0C:F7:7F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.216.0.0/15
Signature Algorithm: sha256WithRSAEncryption
48:f6:9d:89:d5:42:de:2a:fd:fd:63:88:ac:8e:b9:13:a1:22:
aa:09:6b:87:8a:04:d7:0f:ac:57:da:db:a6:50:80:31:07:ab:
11:be:d9:88:7a:fe:9b:dd:52:16:35:85:98:2a:75:2f:62:13:
cb:2c:90:59:d6:06:f4:6c:e7:9d:b0:e3:8d:11:81:5f:18:dd:
ac:4e:6a:d8:26:3d:5b:62:fa:5a:d4:b1:80:96:98:a8:6a:ce:
a1:5d:27:4f:98:32:50:98:b8:fc:5e:df:00:be:0b:4f:30:3d:
7d:66:0d:0a:fd:50:a3:d8:24:78:52:c8:77:dd:56:7e:4c:48:
55:f8:a4:bf:78:7d:b3:42:60:2d:c7:3a:af:47:c8:64:d6:8d:
3c:fc:c5:b8:bd:bc:57:f1:01:cc:d2:6a:c9:f9:c6:4e:53:57:
a6:a7:44:59:83:1b:50:33:13:39:56:ee:b6:18:fe:b6:01:d9:
2b:20:20:a0:e3:8e:5c:2c:2b:73:f4:fc:9f:c4:c0:59:25:ef:
f8:e7:69:27:1d:3d:5c:bc:c5:84:43:af:23:65:cb:f3:40:1f:
a9:61:6f:88:0d:74:43:97:9e:74:d1:25:ab:a2:bf:9a:c2:e9:
88:76:07:fe:84:6a:65:71:90:b8:bd:2e:a7:fd:a2:c2:14:24:
0e:91:ca:2b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXFAJLYU6BaD+NLakwjuxLsJubNowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDExYzQwNDUwZjQ2NGUxNzFiOGE3MDE0ZDUzYzNhNmZmZDFiZTQ1MWFiMmU5
NjNjODcxY2QzMjFkMTNjYTJiNTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJX/DprEosSmf0pGTRwUQWM5AkRNN3JqTTuK3IS7XDCdLGz1LK/mbLQyF5RJ
HYDb99XGQKb9EAs35o/MNKfO+MqMB7cSK8qTMLEoIn4NFG3JqdnAPOxixkna/GLQ
nyoQGbaMG9vMcolJUbv63CYddN+NUThEGvUjPhkRiX7THGKCs0uBbPtKN1+5D5MH
qUivLB/A+Eg8xxvUlgPJfxREAysDH5N7Kfk5ze/Zdrv361gBJk2SoW7KdpKF2aeZ
LT+8Sh9Q718clUBFBg7yYHRNQYgEBCG29xRkrqG5mItK4bECQAN+3wHv4axRXPBr
hIYNFl7OfqBDI3e6WIugkT3caZsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTFa0mI
TJKfYiJuWJQ4ouVWMgz3fzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWY4NTgyZjUtZDIwOS00ZTEyLWFhY2YtMzExODYyODljNDMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPYMA0G
CSqGSIb3DQEBCwUAA4IBAQBI9p2J1ULeKv39Y4isjrkToSKqCWuHigTXD6xX2tum
UIAxB6sRvtmIev6b3VIWNYWYKnUvYhPLLJBZ1gb0bOedsOONEYFfGN2sTmrYJj1b
Yvpa1LGAlpioas6hXSdPmDJQmLj8Xt8AvgtPMD19Zg0K/VCj2CR4Ush33VZ+TEhV
+KS/eH2zQmAtxzqvR8hk1o08/MW4vbxX8QHM0mrJ+cZOU1emp0RZgxtQMxM5Vu62
GP62AdkrICCg445cLCtz9PyfxMBZJe/452knHT1cvMWEQ68jZcvzQB+pYW+IDXRD
l5500SWror+awumIdgf+hGplcZC4vS6n/aLCFCQOkcor
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:30 2024 by rpki-client on console-fra.rpki-client.org