Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c52c69c6-3ca8-47ff-a103-a122542306b4.roa
File: c52c69c6-3ca8-47ff-a103-a122542306b4.roa (raw, json)
Hash identifier: WoQln//Nb2+UCxnmt1WQZGYmLqzq/Iv8+V049il2S+A=
Subject key identifier: 9E:72:AA:5F:D1:95:2F:66:67:37:E0:E0:E4:70:75:7C:32:4D:46:50
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1177BB1F8D19D20DFCF92EAE1E40E140A196E25A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c52c69c6-3ca8-47ff-a103-a122542306b4.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.20.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:77:bb:1f:8d:19:d2:0d:fc:f9:2e:ae:1e:40:e1:40:a1:96:e2:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=29b19e7d47c7b41eeab96b856b1d2a2bb5177f6f96a4784c3a37a7d7d041531e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e4:45:12:6b:43:99:45:21:84:b0:e7:af:eb:
ed:10:16:54:14:bb:8e:65:d3:4b:a7:26:f5:81:4d:
97:70:1e:8d:63:62:97:9a:62:6d:b7:8b:af:35:fc:
d0:02:87:a7:dd:7c:09:20:dd:99:16:80:4d:d2:89:
be:59:57:b8:a6:00:22:25:2c:66:d4:e1:4c:9b:4e:
f7:bf:fb:86:7e:c1:42:42:cb:be:6f:78:48:a7:ab:
cf:f7:61:c9:8f:7c:4e:28:8b:59:52:6d:20:cd:0a:
bd:27:c0:1f:b1:6c:9f:0d:72:6d:a9:7f:72:b9:26:
c9:eb:4c:47:ca:8e:37:03:22:49:f1:95:ce:ea:ea:
b7:d9:dc:b9:af:3f:46:00:98:2e:59:1d:cc:a9:26:
cd:3e:7f:c4:0e:39:4b:72:92:dc:c3:92:d9:a7:b3:
f7:29:e6:53:a3:1e:0f:57:57:b5:d5:49:86:7a:48:
e8:3f:ca:47:5b:12:56:5a:2b:a6:b6:0e:33:23:1e:
1e:6c:63:c9:18:6d:13:ee:0e:dd:0f:a8:db:73:07:
bc:00:f3:ce:8b:b8:cf:a4:87:c7:92:36:fc:3e:08:
8d:27:14:ba:e9:0b:70:1c:38:d9:72:02:0a:26:5a:
e3:04:0a:d3:01:1c:0f:67:98:ef:ab:51:56:5a:4b:
13:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:72:AA:5F:D1:95:2F:66:67:37:E0:E0:E4:70:75:7C:32:4D:46:50
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c52c69c6-3ca8-47ff-a103-a122542306b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.20.0.0/14
Signature Algorithm: sha256WithRSAEncryption
52:c7:2a:1d:0a:1e:3c:f1:46:42:9f:12:a8:bd:82:b9:d3:10:
49:d0:d0:0c:50:fa:91:0d:48:37:81:7d:75:89:db:81:2c:e3:
9c:35:fa:ff:77:69:a9:d3:4c:5a:ac:5b:17:0e:7b:e7:6a:66:
bc:35:a6:9c:3c:cd:ef:49:b2:04:fd:51:4d:d5:60:6f:51:8a:
58:ff:91:fd:59:66:4d:25:8c:d7:72:03:30:0c:ae:45:7e:fc:
52:07:6f:13:0e:31:ec:64:14:9a:72:6a:53:62:2d:6e:ad:05:
65:67:01:04:07:ad:1b:09:66:70:f1:ba:24:91:c8:82:ef:d9:
ff:2e:7d:b5:2e:af:0b:28:7b:fb:9c:f2:49:7e:be:97:97:1f:
ad:2b:08:b3:db:33:a4:06:2b:bf:c2:67:f0:b3:ba:1a:73:7c:
74:e8:d9:4a:e9:16:d7:34:8d:ff:c5:0d:2a:32:df:a1:20:9a:
ae:40:3e:7a:40:44:90:a3:5a:e4:3f:8f:2b:46:07:9f:b7:c2:
7c:03:48:d4:30:e4:83:51:5a:72:a5:8a:9f:84:d4:93:59:a0:
1b:23:1e:87:9d:4f:4a:05:bd:30:f3:40:27:72:f0:5d:d6:52:
bd:e2:d7:80:c0:d4:0e:b3:bd:39:84:16:49:bc:5f:28:e0:3d:
54:2d:10:1e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEXe7H40Z0g38+S6uHkDhQKGW4lowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDI5YjE5ZTdkNDdjN2I0MWVlYWI5NmI4NTZiMWQyYTJiYjUxNzdmNmY5NmE0
Nzg0YzNhMzdhN2Q3ZDA0MTUzMWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJbkRRJrQ5lFIYSw56/r7RAWVBS7jmXTS6cm9YFNl3AejWNil5pibbeLrzX8
0AKHp918CSDdmRaATdKJvllXuKYAIiUsZtThTJtO97/7hn7BQkLLvm94SKerz/dh
yY98TiiLWVJtIM0KvSfAH7Fsnw1ybal/crkmyetMR8qONwMiSfGVzurqt9ncua8/
RgCYLlkdzKkmzT5/xA45S3KS3MOS2aez9ynmU6MeD1dXtdVJhnpI6D/KR1sSVlor
prYOMyMeHmxjyRhtE+4O3Q+o23MHvADzzou4z6SHx5I2/D4IjScUuukLcBw42XIC
CiZa4wQK0wEcD2eY76tRVlpLE6kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSecqpf
0ZUvZmc34ODkcHV8Mk1GUDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzUyYzY5YzYtM2NhOC00N2ZmLWExMDMtYTEyMjU0MjMwNmI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMUMA0G
CSqGSIb3DQEBCwUAA4IBAQBSxyodCh488UZCnxKovYK50xBJ0NAMUPqRDUg3gX11
iduBLOOcNfr/d2mp00xarFsXDnvnama8NaacPM3vSbIE/VFN1WBvUYpY/5H9WWZN
JYzXcgMwDK5FfvxSB28TDjHsZBSacmpTYi1urQVlZwEEB60bCWZw8bokkciC79n/
Ln21Lq8LKHv7nPJJfr6Xlx+tKwiz2zOkBiu/wmfws7oac3x06NlK6RbXNI3/xQ0q
Mt+hIJquQD56QESQo1rkP48rRgeft8J8A0jUMOSDUVpypYqfhNSTWaAbIx6HnU9K
Bb0w80AncvBd1lK94teAwNQOs705hBZJvF8o4D1ULRAe
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org