Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c339f126-7fea-49c7-a129-4df9886e5309.roa
File: c339f126-7fea-49c7-a129-4df9886e5309.roa (raw, json)
Hash identifier: bdsomzUrXg4pq+um5+QpBsrQ2wBrImkkYTyzP1Qec+4=
Subject key identifier: 58:31:48:CD:72:C7:E6:39:B5:27:6C:FF:CD:78:33:21:7B:A6:7C:58
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2E35687A8F9633771A47F96ECA5D95FD6FCE3838
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c339f126-7fea-49c7-a129-4df9886e5309.roa
Signing time: Sat 13 Apr 2024 00:00:00 +0000
ROA not before: Sat 13 Apr 2024 00:00:00 +0000
ROA not after: Sat 18 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.112.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:35:68:7a:8f:96:33:77:1a:47:f9:6e:ca:5d:95:fd:6f:ce:38:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 13 00:00:00 2024 GMT
Not After : May 18 23:59:59 2024 GMT
Subject: serialNumber=82d79ffdbb2fe3cf2669705c0b0b77dd0e057b4802ce7dfb6a7ad5926b208267, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:77:51:df:1a:f1:4b:28:f6:a5:a1:09:c4:7e:
54:90:90:0b:d4:89:3a:9f:83:ed:08:6a:ba:88:d5:
ad:ac:5e:fc:95:1c:4a:6f:ce:7f:e2:d2:25:a6:cd:
45:8a:9c:4b:2f:0f:6f:a7:4b:73:1a:d4:52:d8:4b:
c7:21:c9:6c:7d:71:4d:c0:cf:1b:6a:82:bf:d3:75:
e9:40:93:36:11:80:c6:6a:d1:10:9d:8b:ee:b4:6e:
7e:99:24:31:2b:2c:c2:f5:c2:08:0d:ed:27:86:f0:
bb:ab:59:9c:4a:d8:b6:f7:e5:9e:cd:9b:36:d0:7a:
7c:d4:2c:46:e2:1b:89:ea:3d:9a:9f:d1:d5:e5:31:
19:1c:5e:80:20:27:22:a6:e9:eb:70:2e:2c:fd:cb:
f2:77:5f:ac:4e:3d:a6:00:d7:42:86:92:6d:d6:21:
21:8d:91:ba:c5:11:67:16:b1:c6:e8:25:9d:55:f0:
8a:60:6b:3f:7b:94:22:16:ab:5c:0a:19:69:ef:8e:
d5:91:36:e8:8d:a8:f5:13:0c:c1:05:a3:8c:83:f4:
47:60:a6:64:83:c1:b4:fa:03:94:eb:7c:5f:ca:eb:
6b:0f:63:cf:42:03:e7:f8:18:4e:ef:c9:41:fc:d5:
a3:d4:17:dd:ae:cd:fc:2f:ff:fe:98:fc:81:1d:f1:
56:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:31:48:CD:72:C7:E6:39:B5:27:6C:FF:CD:78:33:21:7B:A6:7C:58
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c339f126-7fea-49c7-a129-4df9886e5309.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.112.0/21
Signature Algorithm: sha256WithRSAEncryption
86:8b:de:40:8c:64:7b:bf:87:17:21:38:5b:c7:bc:46:42:eb:
ba:6a:9d:21:26:5c:34:4e:57:c6:c0:d9:19:43:3b:da:7a:cd:
ef:80:f8:6b:24:e0:9d:f6:d7:37:fb:90:39:c4:13:90:e4:20:
1a:cb:f3:9f:02:77:4b:b3:98:ee:f2:83:08:16:c0:4b:1a:dc:
8d:e6:48:60:de:31:26:03:4b:fa:62:6c:4b:32:fb:7d:ad:90:
6a:74:32:2b:b8:ff:56:c0:fe:6c:bf:51:1c:9b:19:45:75:d0:
73:a1:2d:d4:f4:42:03:ec:48:81:0d:4e:8b:e1:8d:de:87:a8:
14:04:d8:f3:ac:46:19:a2:2c:cd:ea:6a:68:36:cb:40:d7:eb:
68:96:79:9c:7d:35:d5:ad:92:11:f2:7c:e8:ed:5c:a0:b4:2b:
ba:e0:e5:b2:87:39:35:f7:d9:a9:5e:e0:00:22:1a:77:ff:2b:
b8:e4:19:14:29:62:99:46:23:2a:8a:74:74:fa:6b:23:0c:6f:
87:80:0b:d9:cb:1a:95:96:90:6b:26:b0:c6:f8:de:aa:0d:4f:
76:eb:64:ee:0d:2e:01:20:bc:34:0e:b5:a7:ad:0a:ef:f1:63:
1f:91:76:a3:9e:b3:75:1d:2b:41:4f:59:63:23:0d:15:40:77:
96:5e:3c:b7
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIULjVoeo+WM3caR/luyl2V/W/OODgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MTMwMDAwMDBaFw0yNDA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDgyZDc5ZmZkYmIyZmUzY2YyNjY5NzA1YzBiMGI3N2RkMGUwNTdiNDgwMmNl
N2RmYjZhN2FkNTkyNmIyMDgyNjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOB3Ud8a8Uso9qWhCcR+VJCQC9SJOp+D7QhquojVraxe/JUcSm/Of+LSJabN
RYqcSy8Pb6dLcxrUUthLxyHJbH1xTcDPG2qCv9N16UCTNhGAxmrREJ2L7rRufpkk
MSsswvXCCA3tJ4bwu6tZnErYtvflns2bNtB6fNQsRuIbieo9mp/R1eUxGRxegCAn
Iqbp63AuLP3L8ndfrE49pgDXQoaSbdYhIY2RusURZxaxxuglnVXwimBrP3uUIhar
XAoZae+O1ZE26I2o9RMMwQWjjIP0R2CmZIPBtPoDlOt8X8rraw9jz0ID5/gYTu/J
QfzVo9QX3a7N/C///pj8gR3xVlsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRYMUjN
csfmObUnbP/NeDMhe6Z8WDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzMzOWYxMjYtN2ZlYS00OWM3LWExMjktNGRmOTg4NmU1MzA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAcDAN
BgkqhkiG9w0BAQsFAAOCAQEAhoveQIxke7+HFyE4W8e8RkLrumqdISZcNE5XxsDZ
GUM72nrN74D4ayTgnfbXN/uQOcQTkOQgGsvznwJ3S7OY7vKDCBbASxrcjeZIYN4x
JgNL+mJsSzL7fa2QanQyK7j/VsD+bL9RHJsZRXXQc6Et1PRCA+xIgQ1Oi+GN3oeo
FATY86xGGaIszepqaDbLQNfraJZ5nH011a2SEfJ86O1coLQruuDlsoc5NffZqV7g
ACIad/8ruOQZFClimUYjKop0dPprIwxvh4AL2csalZaQayawxvjeqg1Pdutk7g0u
ASC8NA61p60K7/FjH5F2o56zdR0rQU9ZYyMNFUB3ll48tw==
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:30 2024 by rpki-client on console-fra.rpki-client.org