Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cb77317b-e565-4116-8e1c-6b5a63be2487.roa
File: cb77317b-e565-4116-8e1c-6b5a63be2487.roa (raw, json)
Hash identifier: b8QfgcGCXrKbwG5Eyss28wh7sNLXysNM7CXOxIiUzXs=
Subject key identifier: 3A:85:00:56:FB:22:25:A9:41:1B:14:26:06:E4:01:9B:89:F6:79:A0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4B73F25A61366D3D626BB7DFD4CA15E1AA9074C0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cb77317b-e565-4116-8e1c-6b5a63be2487.roa
Signing time: Tue 05 Mar 2024 00:00:00 +0000
ROA not before: Tue 05 Mar 2024 00:00:00 +0000
ROA not after: Tue 09 Apr 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.166.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 Mar 2024 18:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:73:f2:5a:61:36:6d:3d:62:6b:b7:df:d4:ca:15:e1:aa:90:74:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 00:00:00 2024 GMT
Not After : Apr 9 23:59:59 2024 GMT
Subject: serialNumber=edbb68c2e52655a86809b2415bd1c9321ca19ccbc61b2b40c62f53c62685a4c7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:68:bf:65:46:be:67:c9:97:b4:2f:1c:b0:fd:
08:7b:b0:b0:c1:b7:24:23:80:e1:bc:08:73:79:4a:
22:8f:50:bc:c0:41:4c:31:e8:fb:0b:1c:f0:7c:c1:
93:27:89:00:15:ca:f4:02:d4:39:5b:c7:e9:2a:a6:
1b:1b:db:38:e8:a8:bb:fc:af:30:42:cf:89:61:4c:
36:fd:e5:23:05:10:51:4f:6f:2e:45:31:f7:f3:68:
8e:05:e9:1e:0a:52:80:d2:c0:9f:23:38:e6:2b:f9:
84:d0:ee:09:d8:39:5c:1b:41:3a:c7:d1:c9:f1:de:
79:60:3e:7e:4b:ce:4c:68:98:15:ac:06:0f:18:2a:
bb:f0:81:2c:46:b0:57:d4:0b:80:65:ae:42:27:cd:
32:2f:a2:b6:e0:66:8a:b3:59:73:e0:1f:80:d5:65:
aa:78:bb:d4:de:ca:6e:0f:d0:63:69:41:9e:e4:71:
5a:eb:29:16:4e:70:6f:07:a4:6b:3a:5b:2a:19:9e:
1e:16:16:0a:f6:ad:79:c7:69:da:a2:29:44:5d:1e:
c5:98:d0:4d:0f:73:1f:3c:cc:4e:66:1f:68:4f:ad:
3f:43:11:1b:5e:0a:cb:4d:ec:35:ae:b0:92:8d:dc:
f7:e0:7f:13:e0:cd:d1:65:34:0b:fd:34:da:de:cd:
60:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:85:00:56:FB:22:25:A9:41:1B:14:26:06:E4:01:9B:89:F6:79:A0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cb77317b-e565-4116-8e1c-6b5a63be2487.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.166.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a5:cc:1e:11:fd:ff:16:8f:7c:d0:cc:cc:b1:bc:39:aa:ff:44:
fb:9a:42:a8:89:62:45:95:44:4a:3b:aa:3b:8c:09:1a:d2:ec:
8e:0a:0b:9f:e0:e3:03:14:de:e9:dc:3f:e5:6e:84:aa:5c:99:
bf:3b:22:b3:66:00:2a:41:a0:8a:6b:d1:05:56:a5:6c:e1:bc:
38:73:c5:06:c6:a8:22:73:c3:3a:a6:bd:db:0c:bd:e4:be:a3:
25:7b:7a:32:7d:12:de:69:de:f9:bf:a5:92:d8:61:b5:89:e3:
cd:22:f1:e7:c4:22:c4:e4:b3:bd:ea:4d:32:a3:88:ac:5a:dd:
1d:c1:92:46:a6:dc:1c:f5:98:0c:5c:3c:65:b2:78:fe:b9:c2:
7c:08:e8:52:10:d7:25:dc:a2:aa:20:e7:d0:c1:0d:4f:1b:1a:
58:c2:8a:53:d2:da:ea:0e:e1:4f:48:21:50:61:27:fd:80:01:
e1:dc:06:f9:f1:f8:3c:c1:79:37:be:b4:b2:62:ee:bc:ba:32:
4a:fc:7b:90:54:96:de:54:e1:72:ff:11:aa:6a:23:12:c8:b1:
8e:84:83:d1:98:ce:85:0c:21:32:76:db:77:a9:32:d0:c1:31:
5d:b1:ee:ce:61:f7:d5:b5:48:9b:6f:b2:e6:cb:c3:37:e8:71:
bd:f3:b1:3b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUS3PyWmE2bT1ia7ff1MoV4aqQdMAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMDUwMDAwMDBaFw0yNDA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkYmI2OGMyZTUyNjU1YTg2ODA5YjI0MTViZDFjOTMyMWNhMTljY2JjNjFi
MmI0MGM2MmY1M2M2MjY4NWE0YzcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMRov2VGvmfJl7QvHLD9CHuwsMG3JCOA4bwIc3lKIo9QvMBBTDHo+wsc8HzB
kyeJABXK9ALUOVvH6SqmGxvbOOiou/yvMELPiWFMNv3lIwUQUU9vLkUx9/NojgXp
HgpSgNLAnyM45iv5hNDuCdg5XBtBOsfRyfHeeWA+fkvOTGiYFawGDxgqu/CBLEaw
V9QLgGWuQifNMi+ituBmirNZc+AfgNVlqni71N7Kbg/QY2lBnuRxWuspFk5wbwek
azpbKhmeHhYWCvatecdp2qIpRF0exZjQTQ9zHzzMTmYfaE+tP0MRG14Ky03sNa6w
ko3c9+B/E+DN0WU0C/002t7NYPECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ6hQBW
+yIlqUEbFCYG5AGbifZ5oDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2I3NzMxN2ItZTU2NS00MTE2LThlMWMtNmI1YTYzYmUyNDg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOmMA0G
CSqGSIb3DQEBCwUAA4IBAQClzB4R/f8Wj3zQzMyxvDmq/0T7mkKoiWJFlURKO6o7
jAka0uyOCguf4OMDFN7p3D/lboSqXJm/OyKzZgAqQaCKa9EFVqVs4bw4c8UGxqgi
c8M6pr3bDL3kvqMle3oyfRLead75v6WS2GG1iePNIvHnxCLE5LO96k0yo4isWt0d
wZJGptwc9ZgMXDxlsnj+ucJ8COhSENcl3KKqIOfQwQ1PGxpYwopT0trqDuFPSCFQ
YSf9gAHh3Ab58fg8wXk3vrSyYu68ujJK/HuQVJbeVOFy/xGqaiMSyLGOhIPRmM6F
DCEydtt3qTLQwTFdse7OYffVtUibb7Lmy8M36HG987E7
-----END CERTIFICATE-----
Generated at Thu Mar 28 01:01:24 2024 by rpki-client on console-fra.rpki-client.org