Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c090963d-9d8d-49a3-960b-b36e1309eb76.roa
File: c090963d-9d8d-49a3-960b-b36e1309eb76.roa (raw, json)
Hash identifier: QnhXGtFfR1tp9IT2/wE7p+aqGHqVyvsIq/HaFbLQH28=
Subject key identifier: 3D:8B:34:E3:B5:8D:C3:AA:88:08:A1:AB:22:63:B2:03:4C:1F:47:E2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 754120A9332EAE8ADBB3FD68AFE6D5F56A2BA1FD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c090963d-9d8d-49a3-960b-b36e1309eb76.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.32.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Apr 2024 17:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:41:20:a9:33:2e:ae:8a:db:b3:fd:68:af:e6:d5:f5:6a:2b:a1:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=6506bf9b2021907eea099d5c635b6d269dfef6642e2f192b2bfb565156eedc29, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:66:d1:87:f0:a7:51:03:9e:e2:60:48:2e:3a:
55:da:8e:38:fe:a8:8f:da:d2:04:7f:51:7b:1e:5e:
10:6c:a6:8a:64:ec:6f:49:8d:63:17:9e:fc:ef:4e:
f3:e1:30:21:92:c6:f2:9f:ff:78:5e:76:a5:e1:38:
18:01:72:2f:d9:c9:c0:cf:42:e1:09:92:3d:5e:f8:
4e:56:d9:ac:a3:a2:20:9c:e9:dd:7d:f1:ba:3f:b0:
db:18:d5:81:35:58:67:28:81:ea:0d:5f:2e:86:9d:
e2:f1:d7:96:5d:24:19:f6:74:02:95:44:ba:73:28:
a9:d8:08:37:7e:71:24:fe:8a:07:10:14:9e:4e:d0:
f8:98:cc:7f:3d:4d:dd:80:1e:16:8a:1e:72:dc:0f:
31:a9:84:96:6e:81:93:3e:0f:a5:20:8c:67:d4:76:
a9:df:fe:3f:95:15:cc:9b:fb:0c:63:34:34:2d:94:
f5:40:6b:22:35:1c:e4:0b:08:3c:8f:41:20:12:5c:
17:ac:cb:4a:c4:27:b7:30:f0:d6:0f:ab:00:61:ce:
1e:4d:1e:f6:24:07:ce:c2:b5:07:36:de:48:76:00:
05:78:35:92:c5:1f:db:c7:9a:5e:7d:10:94:a6:a5:
99:3b:ff:4f:0a:2e:33:b3:07:14:e5:1c:18:2a:6b:
37:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:8B:34:E3:B5:8D:C3:AA:88:08:A1:AB:22:63:B2:03:4C:1F:47:E2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c090963d-9d8d-49a3-960b-b36e1309eb76.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.32.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2e:42:24:b6:5f:b1:65:a6:4c:c0:5e:93:1b:b3:ad:ec:09:8f:
2b:6c:74:9f:64:ad:b4:49:61:42:28:cd:cc:aa:57:03:41:91:
ff:c0:f8:65:98:7d:a2:3b:94:fb:d8:a7:93:f7:58:43:45:be:
22:f1:67:ba:fd:f4:c3:6e:3d:ca:4a:2c:07:7c:9f:d2:69:4f:
b1:bc:52:52:71:43:04:3a:26:7f:16:b5:a3:54:28:80:7f:3a:
34:e5:44:f9:7e:89:60:ac:d7:3f:26:c9:c8:6f:62:da:c5:c6:
d5:a7:5e:aa:88:3b:0f:5e:5b:6d:f5:ee:95:6c:08:74:7d:df:
7f:d7:a8:52:97:07:2e:98:cb:dc:d5:75:f9:d1:cb:93:b9:4e:
41:bd:cc:82:39:70:fa:a1:ed:f4:11:1f:67:94:fa:20:8b:3b:
be:49:fb:c4:5c:4a:10:5c:89:7f:99:ca:09:57:67:da:b3:22:
43:26:47:f7:10:23:9b:f4:6b:34:89:e0:7b:8a:cd:9b:90:68:
6f:ce:6b:e1:c4:f2:dc:6d:48:72:9a:2f:a0:85:5f:43:a2:6d:
18:e1:82:4c:72:14:d0:56:1c:56:0a:57:e2:44:b1:b8:e4:74:
5d:d2:34:7a:1b:28:06:44:97:b6:70:64:d0:e8:bc:f1:78:2c:
83:06:5a:46
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdUEgqTMurorbs/1or+bV9Worof0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1MDZiZjliMjAyMTkwN2VlYTA5OWQ1YzYzNWI2ZDI2OWRmZWY2NjQyZTJm
MTkyYjJiZmI1NjUxNTZlZWRjMjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJFm0Yfwp1EDnuJgSC46VdqOOP6oj9rSBH9Rex5eEGymimTsb0mNYxee/O9O
8+EwIZLG8p//eF52peE4GAFyL9nJwM9C4QmSPV74TlbZrKOiIJzp3X3xuj+w2xjV
gTVYZyiB6g1fLoad4vHXll0kGfZ0ApVEunMoqdgIN35xJP6KBxAUnk7Q+JjMfz1N
3YAeFooectwPMamElm6Bkz4PpSCMZ9R2qd/+P5UVzJv7DGM0NC2U9UBrIjUc5AsI
PI9BIBJcF6zLSsQntzDw1g+rAGHOHk0e9iQHzsK1BzbeSHYABXg1ksUf28eaXn0Q
lKalmTv/TwouM7MHFOUcGCprN9UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ9izTj
tY3DqogIoasiY7IDTB9H4jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzA5MDk2M2QtOWQ4ZC00OWEzLTk2MGItYjM2ZTEzMDllYjc2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMgMA0G
CSqGSIb3DQEBCwUAA4IBAQAuQiS2X7FlpkzAXpMbs63sCY8rbHSfZK20SWFCKM3M
qlcDQZH/wPhlmH2iO5T72KeT91hDRb4i8We6/fTDbj3KSiwHfJ/SaU+xvFJScUME
OiZ/FrWjVCiAfzo05UT5folgrNc/JsnIb2LaxcbVp16qiDsPXltt9e6VbAh0fd9/
16hSlwcumMvc1XX50cuTuU5BvcyCOXD6oe30ER9nlPogizu+SfvEXEoQXIl/mcoJ
V2fasyJDJkf3ECOb9Gs0ieB7is2bkGhvzmvhxPLcbUhymi+ghV9Dom0Y4YJMchTQ
VhxWClfiRLG45HRd0jR6GygGRJe2cGTQ6LzxeCyDBlpG
-----END CERTIFICATE-----
Generated at Wed Apr 17 01:27:24 2024 by rpki-client on console-ams.rpki-client.org