Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cd3318b5-2879-4be5-ab89-dd65461ef6fe.roa
File: cd3318b5-2879-4be5-ab89-dd65461ef6fe.roa (raw, json)
Hash identifier: +bTafUU75nqprr3bjsbrkQ8CzPL6Al2xNk7SNTB10J4=
Subject key identifier: B3:F3:E6:11:0C:5A:2D:4D:2D:10:A8:84:F6:AE:2D:9B:F7:40:1D:71
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3732DBA97703F3464A9A4B6425D87E4C2500FC47
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cd3318b5-2879-4be5-ab89-dd65461ef6fe.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.204.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:32:db:a9:77:03:f3:46:4a:9a:4b:64:25:d8:7e:4c:25:00:fc:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=cd27ce548ddbcd6811c99d5214fc7b4bcc4449a4a94ef09b67c8d312112226dc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:82:6d:f5:4c:5f:26:be:8b:bc:5d:33:62:a9:
a9:6a:05:c9:9b:fb:6d:5b:8d:4f:e7:a9:bc:02:32:
b8:27:57:46:52:26:29:93:b7:94:06:8a:ca:0c:5b:
d2:0e:5a:6f:d8:04:45:94:3c:04:06:2e:d3:e2:bc:
af:72:16:ae:bd:9c:fe:cb:e4:e5:bb:73:cd:cc:ef:
8f:74:4e:34:e7:65:e8:b3:53:3c:71:73:dc:cb:b8:
ba:eb:86:cc:e2:f7:4b:41:48:10:39:0b:70:91:00:
cd:d0:54:a9:27:26:b4:ea:0d:d2:f1:2a:a4:54:9e:
f0:54:13:d8:07:ad:e0:fc:fa:c3:fd:9e:16:70:35:
3c:ee:1f:0d:72:ad:0b:26:4b:e8:88:87:12:17:d0:
7b:28:c5:d0:ab:60:dc:d8:99:ea:91:e0:ff:b3:29:
4e:50:22:ff:32:f3:be:e0:cc:e8:b0:1d:4a:11:ed:
1b:9f:35:65:89:bf:b1:1d:c0:61:7e:17:2e:bc:98:
23:c9:d3:6f:4b:36:16:2d:df:d4:55:7e:13:eb:a2:
78:f5:cd:7b:8c:5a:0f:f0:d9:fe:3f:63:c4:c1:17:
eb:20:20:65:6a:11:24:24:5f:03:1e:91:28:71:32:
03:84:b4:54:5c:63:43:a3:67:4f:ae:18:f1:1e:ff:
ae:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:F3:E6:11:0C:5A:2D:4D:2D:10:A8:84:F6:AE:2D:9B:F7:40:1D:71
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cd3318b5-2879-4be5-ab89-dd65461ef6fe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.204.0.0/15
Signature Algorithm: sha256WithRSAEncryption
4a:ca:a4:e5:48:ea:77:98:30:c8:23:e7:70:04:79:88:88:e4:
0e:e8:ec:4b:e9:a2:69:fd:66:55:5d:28:0e:b5:e2:d2:20:6d:
e6:da:56:6a:c2:db:30:ff:60:f0:60:07:51:92:39:2f:90:86:
c4:93:56:d6:64:47:ed:ca:b2:72:36:05:11:65:44:58:c4:84:
39:5b:34:22:15:95:6e:3d:39:e4:41:c6:c1:19:a6:36:79:4f:
46:ce:58:d5:c0:11:01:5a:54:59:8c:af:c8:59:7e:12:52:29:
16:23:bf:4c:db:b4:7d:65:f3:47:2f:da:94:66:bc:76:3e:8a:
ec:96:23:e1:d0:94:77:ac:07:58:5e:3c:80:e3:fd:67:c8:00:
0e:0b:98:e2:30:08:97:be:d3:30:e8:b6:85:7e:e9:ac:9e:40:
ed:b9:7f:b5:cc:50:52:94:ff:24:a1:6c:c8:bb:a8:db:ed:c6:
59:83:26:5b:f8:04:e7:66:f4:59:eb:12:1e:f7:00:81:fd:d5:
81:2e:4f:54:d3:cd:ff:0b:3f:e9:e1:34:06:86:d7:6e:ef:d9:
b9:e7:8e:3c:3b:8c:a1:51:79:e6:d5:db:73:a1:7d:03:a6:cf:
34:12:a4:fe:2c:28:b3:86:69:e2:4a:79:d7:3f:fd:a0:e2:e2:
9d:03:72:f6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNzLbqXcD80ZKmktkJdh+TCUA/EcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGNkMjdjZTU0OGRkYmNkNjgxMWM5OWQ1MjE0ZmM3YjRiY2M0NDQ5YTRhOTRl
ZjA5YjY3YzhkMzEyMTEyMjI2ZGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANeCbfVMXya+i7xdM2KpqWoFyZv7bVuNT+epvAIyuCdXRlImKZO3lAaKygxb
0g5ab9gERZQ8BAYu0+K8r3IWrr2c/svk5btzzczvj3RONOdl6LNTPHFz3Mu4uuuG
zOL3S0FIEDkLcJEAzdBUqScmtOoN0vEqpFSe8FQT2Aet4Pz6w/2eFnA1PO4fDXKt
CyZL6IiHEhfQeyjF0Ktg3NiZ6pHg/7MpTlAi/zLzvuDM6LAdShHtG581ZYm/sR3A
YX4XLryYI8nTb0s2Fi3f1FV+E+uiePXNe4xaD/DZ/j9jxMEX6yAgZWoRJCRfAx6R
KHEyA4S0VFxjQ6NnT64Y8R7/rhUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSz8+YR
DFotTS0QqIT2ri2b90AdcTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2QzMzE4YjUtMjg3OS00YmU1LWFiODktZGQ2NTQ2MWVmNmZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPMMA0G
CSqGSIb3DQEBCwUAA4IBAQBKyqTlSOp3mDDII+dwBHmIiOQO6OxL6aJp/WZVXSgO
teLSIG3m2lZqwtsw/2DwYAdRkjkvkIbEk1bWZEftyrJyNgURZURYxIQ5WzQiFZVu
PTnkQcbBGaY2eU9GzljVwBEBWlRZjK/IWX4SUikWI79M27R9ZfNHL9qUZrx2Pors
liPh0JR3rAdYXjyA4/1nyAAOC5jiMAiXvtMw6LaFfumsnkDtuX+1zFBSlP8koWzI
u6jb7cZZgyZb+ATnZvRZ6xIe9wCB/dWBLk9U083/Cz/p4TQGhtdu79m55448O4yh
UXnm1dtzoX0Dps80EqT+LCizhmniSnnXP/2g4uKdA3L2
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:30 2024 by rpki-client on console-fra.rpki-client.org