Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c05da6d0-4bbb-4fb4-b558-5efec1f55506.roa
File: c05da6d0-4bbb-4fb4-b558-5efec1f55506.roa (raw, json)
Hash identifier: 9Oph31hN+L1vlTKGJaIp3/SVRzRtg0MrBWm//2ce2x4=
Subject key identifier: 91:95:0C:49:89:9B:3A:1E:21:61:FC:E5:94:CA:CD:26:B0:E0:B1:5A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 60373C1B03DBDADC8375D36970EEAA2B6DBF0E71
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c05da6d0-4bbb-4fb4-b558-5efec1f55506.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Apr 2024 20:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:37:3c:1b:03:db:da:dc:83:75:d3:69:70:ee:aa:2b:6d:bf:0e:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=e803aa8f23add25d6b527764b2f9554c6bef689fb6500918d2cbc90f2e9f5172, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ef:0b:b0:15:63:27:e6:e5:ae:c6:76:38:b8:
aa:d8:9d:bf:5f:00:16:2a:22:7d:6d:87:ba:a5:b7:
0a:99:d7:43:13:07:15:c9:b6:03:81:d9:38:c1:4b:
e7:b7:32:52:25:66:83:cd:b3:0d:0b:22:83:ba:ef:
b9:23:86:15:6f:e0:76:c8:6c:04:2c:11:d5:c5:d0:
da:77:92:2e:62:f4:fa:3f:0d:d0:4f:0a:47:c9:fa:
7f:70:14:ae:20:8b:22:e6:12:89:bb:43:3e:65:23:
b6:50:59:76:01:00:02:84:9d:12:ce:18:d5:b8:53:
56:7a:76:6e:33:08:4c:15:41:f6:7b:dd:6b:78:ee:
ae:b5:16:01:b0:22:81:3c:f5:e6:87:e2:5c:40:77:
dd:af:0d:8f:b6:24:d4:83:2a:39:9a:2c:32:e7:ac:
be:3c:f5:0c:0e:32:e5:34:bf:30:af:d2:54:4e:1f:
43:31:09:96:64:e3:09:d2:e3:41:19:a6:54:88:e0:
7c:94:9c:fe:f4:51:0f:94:17:d2:88:9b:69:5b:f8:
6c:61:ea:d6:fa:44:82:72:6e:94:d6:6a:c7:0c:16:
69:34:e6:3c:4a:07:d5:cc:53:86:1b:3e:06:47:25:
96:41:37:c5:2f:61:d8:24:63:a2:98:a3:67:61:69:
00:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:95:0C:49:89:9B:3A:1E:21:61:FC:E5:94:CA:CD:26:B0:E0:B1:5A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c05da6d0-4bbb-4fb4-b558-5efec1f55506.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a7:41:45:d0:0d:79:8c:43:66:a2:2e:d7:f5:68:18:99:1e:54:
de:29:66:99:53:77:ab:76:e2:f1:61:6c:e8:fa:26:96:6c:4b:
88:f4:02:9b:62:bc:d3:cf:aa:63:cb:52:35:63:51:42:22:b1:
c3:bf:55:b3:a2:c8:f5:c8:9b:ef:ab:8b:19:e9:cd:77:07:e6:
d2:c8:ae:58:90:52:f9:84:bc:87:66:df:84:5a:48:a2:04:e6:
27:51:2a:bc:27:6b:75:e3:c9:fb:a3:c6:21:87:e1:a1:39:bf:
bc:22:b8:6f:eb:9d:02:07:d0:dd:0f:66:60:ca:e9:a7:d3:0a:
93:d8:d0:dc:48:4d:12:40:9a:88:84:07:ef:18:fa:85:b7:b8:
59:bb:a0:ba:08:b9:21:83:ab:ae:a8:fd:a6:e1:5e:9f:15:fe:
c1:7f:a6:9b:81:92:6b:ca:0b:76:52:b3:bf:e8:a9:b0:ba:ea:
e9:26:9d:e2:40:04:3f:2c:9b:19:0f:41:c1:b2:79:2b:4b:d2:
59:c8:fb:3d:c9:68:02:40:bd:88:c6:47:0f:25:36:14:b4:a9:
f6:38:23:23:61:a1:3d:b3:56:24:b6:0f:ba:1b:6b:62:24:52:
a3:8b:f4:01:62:f9:a3:5e:49:af:eb:22:8c:0e:25:d3:33:62:
d5:94:62:90
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYDc8GwPb2tyDddNpcO6qK22/DnEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGU4MDNhYThmMjNhZGQyNWQ2YjUyNzc2NGIyZjk1NTRjNmJlZjY4OWZiNjUw
MDkxOGQyY2JjOTBmMmU5ZjUxNzIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN3vC7AVYyfm5a7Gdji4qtidv18AFioifW2HuqW3CpnXQxMHFcm2A4HZOMFL
57cyUiVmg82zDQsig7rvuSOGFW/gdshsBCwR1cXQ2neSLmL0+j8N0E8KR8n6f3AU
riCLIuYSibtDPmUjtlBZdgEAAoSdEs4Y1bhTVnp2bjMITBVB9nvda3jurrUWAbAi
gTz15ofiXEB33a8Nj7Yk1IMqOZosMuesvjz1DA4y5TS/MK/SVE4fQzEJlmTjCdLj
QRmmVIjgfJSc/vRRD5QX0oibaVv4bGHq1vpEgnJulNZqxwwWaTTmPEoH1cxThhs+
BkcllkE3xS9h2CRjopijZ2FpAEsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSRlQxJ
iZs6HiFh/OWUys0msOCxWjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzA1ZGE2ZDAtNGJiYi00ZmI0LWI1NTgtNWVmZWMxZjU1NTA2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMQMA0G
CSqGSIb3DQEBCwUAA4IBAQCnQUXQDXmMQ2aiLtf1aBiZHlTeKWaZU3erduLxYWzo
+iaWbEuI9AKbYrzTz6pjy1I1Y1FCIrHDv1Wzosj1yJvvq4sZ6c13B+bSyK5YkFL5
hLyHZt+EWkiiBOYnUSq8J2t148n7o8Yhh+GhOb+8Irhv650CB9DdD2Zgyumn0wqT
2NDcSE0SQJqIhAfvGPqFt7hZu6C6CLkhg6uuqP2m4V6fFf7Bf6abgZJrygt2UrO/
6KmwuurpJp3iQAQ/LJsZD0HBsnkrS9JZyPs9yWgCQL2IxkcPJTYUtKn2OCMjYaE9
s1Yktg+6G2tiJFKji/QBYvmjXkmv6yKMDiXTM2LVlGKQ
-----END CERTIFICATE-----
Generated at Thu Apr 18 00:59:32 2024 by rpki-client on console-ams.rpki-client.org