Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b0052f73-ff8c-4115-b687-7e589c069d7e.roa
File: b0052f73-ff8c-4115-b687-7e589c069d7e.roa (raw, json)
Hash identifier: 2Z02kxUyp/CtJO9iCLgEKPRwyOZHef4DhbQk2gn17NY=
Subject key identifier: 15:86:10:72:46:12:E8:2A:B4:5C:5B:FF:BC:A3:E7:98:B3:E2:CF:EC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 087C667B9B57EE7EFDF5924BBDA2973FB3D2E63C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b0052f73-ff8c-4115-b687-7e589c069d7e.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 151.176.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:7c:66:7b:9b:57:ee:7e:fd:f5:92:4b:bd:a2:97:3f:b3:d2:e6:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=c994f85e9d10347943e93a45519613812fe718e06c1776e91fe97deb0b84ce76, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f3:aa:86:a6:34:99:c3:4c:94:51:53:57:36:
7d:79:47:4c:93:cd:6d:ab:f1:48:ea:14:5c:52:f7:
b8:a3:74:a9:c5:fd:84:2d:4d:18:6a:59:19:e0:b0:
93:db:f7:9a:0f:83:b8:86:db:7e:0b:06:26:2d:31:
51:63:59:55:4f:49:de:8f:fa:d4:cf:c3:49:f8:82:
cb:1e:70:da:34:c5:f7:05:aa:57:a3:28:12:a2:e1:
19:e4:01:d7:30:76:25:44:95:21:81:2a:91:4b:05:
33:aa:e1:fa:c4:65:23:67:49:aa:31:50:1b:1e:60:
bd:68:b8:f9:2e:c4:96:54:3f:62:ca:7b:cb:6f:10:
77:06:5a:f9:a2:d5:7c:b3:be:49:9c:15:88:ad:51:
5e:79:9b:5e:e5:44:e3:e6:94:2c:80:4e:1f:5c:01:
b9:92:d3:21:48:dd:86:c5:d5:02:ca:dd:18:d8:66:
1e:89:da:07:b6:f9:9d:52:f2:18:a4:36:9e:a4:7c:
2e:10:d4:d0:e8:16:d3:d7:56:b5:23:91:8b:a2:79:
01:03:20:a2:96:4e:07:24:27:ae:44:79:e5:55:12:
4b:c7:05:82:c7:b9:ec:77:6b:27:d2:3f:38:a6:9c:
ab:8e:06:de:d8:91:e1:77:2e:16:89:d0:d1:b8:5c:
07:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:86:10:72:46:12:E8:2A:B4:5C:5B:FF:BC:A3:E7:98:B3:E2:CF:EC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b0052f73-ff8c-4115-b687-7e589c069d7e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.176.0.0/16
Signature Algorithm: sha256WithRSAEncryption
26:2e:16:aa:34:9a:ea:f0:54:16:61:4f:a4:de:c4:a8:cd:94:
ce:c3:bf:0b:f3:02:fe:29:ff:97:b7:e3:8b:96:be:fb:d0:27:
cd:60:bc:e7:3d:f7:cf:38:c6:de:10:aa:dc:a8:97:f2:94:07:
a0:70:ed:e9:01:e6:ca:1a:b5:9b:e8:a9:93:80:7a:b0:62:6c:
0c:12:f8:c9:dc:a1:a8:12:b7:ec:c7:b5:42:f3:fb:82:95:93:
90:ec:14:5a:c9:ff:9d:2d:01:0d:53:97:7a:81:e8:0a:5a:0e:
4c:cc:b8:55:bf:23:71:91:37:33:22:ce:f6:32:42:75:9a:d7:
49:e8:48:dc:7d:98:63:e3:da:ae:c8:17:8f:89:92:2b:39:a8:
08:b9:4e:63:a3:a6:e6:54:4b:87:0e:4e:52:b3:47:d8:ce:4a:
ac:3d:95:cd:4b:da:1d:e1:07:c0:36:96:09:f5:40:ab:5e:b1:
e4:73:e9:68:07:8d:ee:fb:1c:9d:93:f2:d9:6f:2d:a1:cf:9a:
d0:ee:32:8f:19:5d:25:f7:ad:e7:3e:a7:64:6b:fe:d5:da:b4:
d3:c9:73:d3:28:01:80:6a:3e:39:cc:26:c1:dc:78:9c:35:7f:
0c:b8:7b:57:b0:6b:e9:0c:27:0f:d7:4e:46:27:0b:6b:b7:04:
15:f8:c5:19
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCHxme5tX7n799ZJLvaKXP7PS5jwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGM5OTRmODVlOWQxMDM0Nzk0M2U5M2E0NTUxOTYxMzgxMmZlNzE4ZTA2YzE3
NzZlOTFmZTk3ZGViMGI4NGNlNzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK/zqoamNJnDTJRRU1c2fXlHTJPNbavxSOoUXFL3uKN0qcX9hC1NGGpZGeCw
k9v3mg+DuIbbfgsGJi0xUWNZVU9J3o/61M/DSfiCyx5w2jTF9wWqV6MoEqLhGeQB
1zB2JUSVIYEqkUsFM6rh+sRlI2dJqjFQGx5gvWi4+S7EllQ/Ysp7y28QdwZa+aLV
fLO+SZwViK1RXnmbXuVE4+aULIBOH1wBuZLTIUjdhsXVAsrdGNhmHonaB7b5nVLy
GKQ2nqR8LhDU0OgW09dWtSORi6J5AQMgopZOByQnrkR55VUSS8cFgse57HdrJ9I/
OKacq44G3tiR4XcuFonQ0bhcBwkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQVhhBy
RhLoKrRcW/+8o+eYs+LP7DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjAwNTJmNzMtZmY4Yy00MTE1LWI2ODctN2U1ODljMDY5ZDdlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJewMA0G
CSqGSIb3DQEBCwUAA4IBAQAmLhaqNJrq8FQWYU+k3sSozZTOw78L8wL+Kf+Xt+OL
lr770CfNYLznPffPOMbeEKrcqJfylAegcO3pAebKGrWb6KmTgHqwYmwMEvjJ3KGo
Erfsx7VC8/uClZOQ7BRayf+dLQENU5d6gegKWg5MzLhVvyNxkTczIs72MkJ1mtdJ
6EjcfZhj49quyBePiZIrOagIuU5jo6bmVEuHDk5Ss0fYzkqsPZXNS9od4QfANpYJ
9UCrXrHkc+loB43u+xydk/LZby2hz5rQ7jKPGV0l963nPqdka/7V2rTTyXPTKAGA
aj45zCbB3HicNX8MuHtXsGvpDCcP105GJwtrtwQV+MUZ
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:35:26 2024 by rpki-client on console-ams.rpki-client.org