Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
File: b1f2e92a-59bb-45af-9b7f-630a07248560.roa (raw, json)
Hash identifier: v/yJiov4cI6Rc5um3sqHauPfTiSPGU3MfKQmgKaptYI=
Subject key identifier: 63:31:DD:B5:68:73:BC:28:08:42:B0:FD:98:60:91:E3:4A:0B:D8:44
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3E4C6A3CED102E46801117855B57BFB12C3C6193
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
Signing time: Tue 26 Mar 2024 00:00:00 +0000
ROA not before: Tue 26 Mar 2024 00:00:00 +0000
ROA not after: Tue 30 Apr 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.240.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:4c:6a:3c:ed:10:2e:46:80:11:17:85:5b:57:bf:b1:2c:3c:61:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 26 00:00:00 2024 GMT
Not After : Apr 30 23:59:59 2024 GMT
Subject: serialNumber=33df66b4cfb7a1b3458bfcac348a8e19f8808b8e7261fd5adad0d4d3509e194c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:bb:10:dc:f9:6a:e2:0b:b8:b8:5a:dd:d1:80:
b8:cb:47:d0:56:c1:70:0f:f6:da:70:a9:78:36:ae:
36:90:df:c3:e9:7f:46:d6:be:a8:aa:ce:4f:8a:90:
b1:2e:94:d1:03:40:05:62:89:a6:5a:87:18:0d:95:
11:43:89:00:a2:4e:44:74:be:7d:cf:05:b6:ea:a2:
2b:c1:c5:e5:69:f2:6c:9a:07:4e:bf:84:6f:ab:97:
b2:04:44:b0:a1:08:88:ba:f1:c9:49:34:c4:8f:5a:
67:be:62:11:e3:1f:93:be:a1:5c:49:66:8c:12:63:
e7:64:33:db:a2:e8:2b:3e:c2:83:f9:07:76:33:22:
1a:00:7c:84:df:82:a5:5e:76:cb:5c:40:1e:0f:de:
b8:ab:7c:26:ba:8f:7e:85:f5:9e:94:47:55:99:2e:
a9:0e:f8:cf:c2:be:4c:fd:1f:ff:c8:d7:68:5a:be:
1f:01:28:9e:a8:ca:3c:78:86:0a:63:9f:03:3b:ce:
62:b5:7e:d2:b6:b1:58:38:ae:e4:02:03:e7:3d:ea:
ee:6e:49:cb:d6:4c:54:3d:5c:7c:e9:fc:6d:d6:e4:
f0:d7:3c:8c:c3:47:02:31:3c:11:e2:4f:8a:89:f7:
9b:e3:38:f9:cf:81:bb:35:88:be:1b:b6:7a:16:19:
40:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:31:DD:B5:68:73:BC:28:08:42:B0:FD:98:60:91:E3:4A:0B:D8:44
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.240.0.0/16
Signature Algorithm: sha256WithRSAEncryption
02:ea:d7:db:5d:cb:00:16:cc:cc:d8:e7:a5:22:ee:bc:3f:32:
ee:11:5f:52:24:1e:f8:78:9d:c7:82:08:43:c2:0d:1f:53:39:
b0:2f:7a:fd:f7:31:59:a2:35:f9:3a:3b:73:04:8d:72:2e:66:
01:e0:84:ae:ad:fd:6f:c5:03:96:11:6e:93:68:a5:4b:80:13:
0a:46:6a:67:c1:bc:a1:57:77:6f:55:f0:9a:ee:1d:69:93:d3:
d5:30:d4:d1:da:7c:67:f1:6b:00:48:f2:ca:bf:d8:3e:03:41:
5c:84:4c:13:35:c2:e0:97:d9:54:e4:65:fa:25:c1:9c:f7:88:
56:92:39:bc:4b:04:a8:f0:09:e6:96:6a:32:16:cd:15:6a:a3:
68:56:d5:19:fa:5f:5b:5a:9a:9a:13:ba:54:9d:91:6c:af:95:
c3:ad:1c:83:80:70:0d:c5:54:56:56:64:77:04:e9:b8:aa:c3:
0a:3e:78:86:db:bd:7b:01:90:6e:03:5f:47:c0:1d:76:78:36:
b6:de:58:54:c3:55:5e:a7:f9:34:2b:1d:24:f0:9a:c6:1d:1c:
9a:8d:dd:fa:36:4f:89:e5:0c:da:9f:2f:6a:e0:98:b0:ea:89:
83:86:5b:0d:d6:ac:49:e2:cb:7f:73:a2:03:65:5f:09:02:fe:
3c:76:b0:f7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPkxqPO0QLkaAEReFW1e/sSw8YZMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMjYwMDAwMDBaFw0yNDA0MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzZGY2NmI0Y2ZiN2ExYjM0NThiZmNhYzM0OGE4ZTE5Zjg4MDhiOGU3MjYx
ZmQ1YWRhZDBkNGQzNTA5ZTE5NGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKS7ENz5auILuLha3dGAuMtH0FbBcA/22nCpeDauNpDfw+l/Rta+qKrOT4qQ
sS6U0QNABWKJplqHGA2VEUOJAKJORHS+fc8FtuqiK8HF5WnybJoHTr+Eb6uXsgRE
sKEIiLrxyUk0xI9aZ75iEeMfk76hXElmjBJj52Qz26LoKz7Cg/kHdjMiGgB8hN+C
pV52y1xAHg/euKt8JrqPfoX1npRHVZkuqQ74z8K+TP0f/8jXaFq+HwEonqjKPHiG
CmOfAzvOYrV+0raxWDiu5AID5z3q7m5Jy9ZMVD1cfOn8bdbk8Nc8jMNHAjE8EeJP
ion3m+M4+c+BuzWIvhu2ehYZQMcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRjMd21
aHO8KAhCsP2YYJHjSgvYRDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjFmMmU5MmEtNTliYi00NWFmLTliN2YtNjMwYTA3MjQ4NTYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADPwMA0G
CSqGSIb3DQEBCwUAA4IBAQAC6tfbXcsAFszM2OelIu68PzLuEV9SJB74eJ3HgghD
wg0fUzmwL3r99zFZojX5OjtzBI1yLmYB4ISurf1vxQOWEW6TaKVLgBMKRmpnwbyh
V3dvVfCa7h1pk9PVMNTR2nxn8WsASPLKv9g+A0FchEwTNcLgl9lU5GX6JcGc94hW
kjm8SwSo8AnmlmoyFs0VaqNoVtUZ+l9bWpqaE7pUnZFsr5XDrRyDgHANxVRWVmR3
BOm4qsMKPniG2717AZBuA19HwB12eDa23lhUw1Vep/k0Kx0k8JrGHRyajd36Nk+J
5Qzany9q4Jiw6omDhlsN1qxJ4st/c6IDZV8JAv48drD3
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:52:16 2024 by rpki-client on console-ams.rpki-client.org