Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
File: cf51afdd-468d-4999-b2cd-4c6517505aee.roa (raw, json)
Hash identifier: XknI2bwgOLUWiVI6p2T6BQoB3azXhD9zj/OHr/h4Cq8=
Subject key identifier: 73:EA:84:9A:AD:B8:C1:CB:65:CD:05:10:8D:37:69:95:73:9C:BE:33
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 04454558E1FD8ADE567CFA9BDB9EB74EF2F3ACB2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.202.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:45:45:58:e1:fd:8a:de:56:7c:fa:9b:db:9e:b7:4e:f2:f3:ac:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=29f46dbc84c019c11cbb588e28985cf0e9dfb6e1bb27ce8cb87d4e87a991ddc8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:97:42:aa:51:21:61:5b:0e:d5:3f:14:1f:a4:
9f:cd:42:1c:ea:3b:8d:6a:f2:4f:52:25:a0:5b:17:
43:14:1d:a1:f2:17:20:e5:89:24:46:62:f0:5f:a6:
c8:72:a7:3f:91:97:73:ea:19:aa:16:8b:54:d9:51:
e7:20:1d:f4:36:23:07:88:b5:5b:44:7f:aa:3a:99:
13:0a:07:6b:e6:6e:d8:c3:44:0d:26:1e:2b:02:d4:
da:4a:8c:21:c1:cc:fa:a0:f0:f3:0c:55:0c:0e:97:
34:ee:e9:c1:59:58:f4:c5:f1:f1:ae:96:d0:97:61:
35:fe:c5:1f:54:13:f0:75:9e:87:4d:3c:98:e1:a5:
86:86:17:99:28:51:16:71:7a:29:8d:23:42:a1:e0:
32:97:bd:30:1d:70:d7:03:99:41:a0:a6:3a:9b:41:
b1:74:84:e7:a8:97:cf:13:cd:73:1b:16:0a:d4:a2:
35:42:aa:d0:e2:90:7f:e7:64:e1:df:d4:86:bb:0a:
34:b5:eb:f1:47:59:7b:0f:d9:fe:8d:1a:46:64:18:
a0:f4:d9:9d:ed:4c:d6:c5:75:66:e1:6b:d5:5a:d9:
da:6d:f3:d6:58:01:82:ba:7d:dc:bd:27:fc:2b:61:
ec:57:f8:10:fd:90:27:67:b3:2f:49:75:b2:e5:b4:
8b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:EA:84:9A:AD:B8:C1:CB:65:CD:05:10:8D:37:69:95:73:9C:BE:33
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.202.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b3:cf:6f:72:30:c0:e8:3f:28:6b:b6:21:f8:04:1e:83:d7:c1:
8b:e6:79:4c:39:ae:86:18:d2:fc:8a:ed:d0:a0:11:a5:fb:dc:
3b:ef:fd:45:20:ea:5f:54:48:62:65:33:4b:44:d2:a4:6a:32:
0a:48:1e:6d:e7:e6:50:2a:8b:81:6e:0b:6e:cc:fb:82:9c:11:
46:e1:04:30:2b:96:c3:d3:a8:78:84:05:28:8d:5b:67:bf:3a:
20:ae:41:21:ba:84:1e:df:b0:15:cd:a6:40:69:28:ff:84:66:
16:c9:7b:5b:f1:62:57:f7:e9:d4:b3:55:71:98:35:bf:c9:00:
93:65:86:30:de:f9:56:ac:f7:54:0d:8b:9a:c0:78:dd:cc:07:
52:52:24:00:8a:bc:e2:51:87:a3:d8:26:d1:bc:51:a6:05:d8:
be:26:1c:01:4b:2a:d9:dc:15:49:68:65:bf:3d:f9:4f:c4:ed:
8e:74:8d:85:4b:a7:be:9b:11:2c:df:b5:c5:69:20:5d:6e:33:
49:13:bd:61:d6:a0:4b:0c:ac:3b:7d:99:26:ff:0b:8a:0b:61:
d0:8f:85:df:06:d0:d8:42:87:da:a0:d6:e1:61:3d:cc:37:ee:
a4:fe:1a:6e:4a:84:b2:3b:83:79:97:86:83:fe:08:03:5e:e1:
31:ee:d1:49
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBEVFWOH9it5WfPqb2563TvLzrLIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDI5ZjQ2ZGJjODRjMDE5YzExY2JiNTg4ZTI4OTg1Y2YwZTlkZmI2ZTFiYjI3
Y2U4Y2I4N2Q0ZTg3YTk5MWRkYzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMWXQqpRIWFbDtU/FB+kn81CHOo7jWryT1IloFsXQxQdofIXIOWJJEZi8F+m
yHKnP5GXc+oZqhaLVNlR5yAd9DYjB4i1W0R/qjqZEwoHa+Zu2MNEDSYeKwLU2kqM
IcHM+qDw8wxVDA6XNO7pwVlY9MXx8a6W0JdhNf7FH1QT8HWeh008mOGlhoYXmShR
FnF6KY0jQqHgMpe9MB1w1wOZQaCmOptBsXSE56iXzxPNcxsWCtSiNUKq0OKQf+dk
4d/UhrsKNLXr8UdZew/Z/o0aRmQYoPTZne1M1sV1ZuFr1VrZ2m3z1lgBgrp93L0n
/Cth7Ff4EP2QJ2ezL0l1suW0i2sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRz6oSa
rbjBy2XNBRCNN2mVc5y+MzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2Y1MWFmZGQtNDY4ZC00OTk5LWIyY2QtNGM2NTE3NTA1YWVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPKMA0G
CSqGSIb3DQEBCwUAA4IBAQCzz29yMMDoPyhrtiH4BB6D18GL5nlMOa6GGNL8iu3Q
oBGl+9w77/1FIOpfVEhiZTNLRNKkajIKSB5t5+ZQKouBbgtuzPuCnBFG4QQwK5bD
06h4hAUojVtnvzogrkEhuoQe37AVzaZAaSj/hGYWyXtb8WJX9+nUs1VxmDW/yQCT
ZYYw3vlWrPdUDYuawHjdzAdSUiQAirziUYej2CbRvFGmBdi+JhwBSyrZ3BVJaGW/
PflPxO2OdI2FS6e+mxEs37XFaSBdbjNJE71h1qBLDKw7fZkm/wuKC2HQj4XfBtDY
QofaoNbhYT3MN+6k/hpuSoSyO4N5l4aD/ggDXuEx7tFJ
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:52:16 2024 by rpki-client on console-ams.rpki-client.org