Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
File: d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa (raw, json)
Hash identifier: gG+s9dIjBG+37ttkTQN0GbNyZA2pAPhJWCrKiSDYZ0k=
Subject key identifier: 6B:80:DE:CA:49:94:94:32:86:EB:9E:F2:9B:BF:AF:65:73:FD:81:35
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6340507FCF17064EC279ECF6234E27373161E5E3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.129.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:40:50:7f:cf:17:06:4e:c2:79:ec:f6:23:4e:27:37:31:61:e5:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=97c31f6becd5b75970eb96c5b22063067ab097aae0379e0f55bfa3579da604fa, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:36:e1:f4:1d:a0:0c:e6:ca:a7:9f:de:79:6b:
c0:a8:2d:34:95:7b:b8:e8:e1:26:f3:0b:b8:72:ba:
26:9b:f7:0d:f8:be:3d:5c:c9:b4:ed:56:02:34:85:
8d:94:9e:3f:3e:d1:cc:b3:50:d7:2d:c7:83:d8:2c:
02:09:6e:62:84:44:0b:47:df:3e:10:84:88:d8:cc:
a8:11:ad:21:5e:6a:97:51:19:57:a1:58:42:a5:01:
c7:65:b1:a3:55:bd:78:c8:70:bc:de:da:c0:88:44:
24:3e:95:10:47:73:37:f3:27:95:95:83:04:e6:d6:
18:29:f6:99:73:7d:f0:24:00:18:77:d4:c4:cf:43:
69:d3:58:1b:1b:e4:a8:68:e5:1f:ee:2f:b7:69:8c:
72:e7:e0:23:b9:d6:d1:6f:d3:e2:2f:ba:7c:d3:da:
58:62:6a:6b:d3:74:2b:a4:19:20:72:de:04:2a:b2:
79:f3:ea:55:ea:28:4b:d1:4f:65:ea:96:7d:a7:42:
b9:c3:73:ce:7f:f0:82:c1:38:ad:56:7c:2b:84:77:
4c:99:fb:c0:a1:d8:f6:7b:d8:30:31:5d:bc:5a:ec:
4d:03:c5:86:e7:d9:9e:f7:da:da:a3:ab:89:3c:14:
99:51:cf:23:2e:d9:c0:a1:25:4c:76:d3:68:25:43:
52:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:80:DE:CA:49:94:94:32:86:EB:9E:F2:9B:BF:AF:65:73:FD:81:35
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
48:73:99:e4:c3:f5:58:dd:8f:3b:4f:3a:de:c4:93:75:e5:11:
6e:6d:3a:59:65:10:d3:32:fd:0d:f2:6b:d7:b3:b5:15:bb:8f:
b1:49:73:8b:6f:b4:30:75:3f:ff:83:2d:09:66:e4:4c:6d:c0:
cf:9c:62:e0:e1:05:47:26:87:a2:43:f0:25:46:79:d6:95:0c:
d4:79:d3:a5:0e:b4:91:04:6b:f8:e0:39:0d:f1:43:df:ec:be:
94:ae:a1:0e:51:d4:20:c8:ab:e0:f7:33:1e:6d:41:cb:e1:d7:
e6:1b:1b:06:bf:f6:49:d3:eb:12:2a:6a:f8:4b:77:4e:18:09:
a4:18:00:d3:77:83:31:51:55:69:c8:fb:c7:e0:9a:22:fe:05:
61:ff:26:0f:2f:5b:2d:75:15:89:c1:c0:39:79:f6:45:7f:c9:
90:50:60:60:62:ce:e4:d9:de:32:15:1a:10:7c:08:bb:f6:09:
d8:8b:29:fd:68:8a:b0:77:b0:0c:43:50:fb:25:db:eb:c6:45:
f0:7a:8d:0a:4f:08:72:3f:cc:f2:75:33:0d:5a:c1:b0:c3:41:
b6:8f:20:28:1d:11:69:06:bc:fa:3d:3e:0f:2b:b9:ce:7a:21:
a0:9c:95:1a:d6:e5:28:57:6d:21:ca:12:8a:56:5d:3d:87:f1:
48:14:e2:4b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUY0BQf88XBk7Ceez2I04nNzFh5eMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDk3YzMxZjZiZWNkNWI3NTk3MGViOTZjNWIyMjA2MzA2N2FiMDk3YWFlMDM3
OWUwZjU1YmZhMzU3OWRhNjA0ZmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALs24fQdoAzmyqef3nlrwKgtNJV7uOjhJvMLuHK6Jpv3Dfi+PVzJtO1WAjSF
jZSePz7RzLNQ1y3Hg9gsAgluYoREC0ffPhCEiNjMqBGtIV5ql1EZV6FYQqUBx2Wx
o1W9eMhwvN7awIhEJD6VEEdzN/MnlZWDBObWGCn2mXN98CQAGHfUxM9DadNYGxvk
qGjlH+4vt2mMcufgI7nW0W/T4i+6fNPaWGJqa9N0K6QZIHLeBCqyefPqVeooS9FP
ZeqWfadCucNzzn/wgsE4rVZ8K4R3TJn7wKHY9nvYMDFdvFrsTQPFhufZnvfa2qOr
iTwUmVHPIy7ZwKElTHbTaCVDUjsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRrgN7K
SZSUMobrnvKbv69lc/2BNTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDEzZDI2YWUtMzZiMS00ODE1LWE3ZjAtNGRjMDkwZDE1Yjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOBMA0G
CSqGSIb3DQEBCwUAA4IBAQBIc5nkw/VY3Y87TzrexJN15RFubTpZZRDTMv0N8mvX
s7UVu4+xSXOLb7QwdT//gy0JZuRMbcDPnGLg4QVHJoeiQ/AlRnnWlQzUedOlDrSR
BGv44DkN8UPf7L6UrqEOUdQgyKvg9zMebUHL4dfmGxsGv/ZJ0+sSKmr4S3dOGAmk
GADTd4MxUVVpyPvH4Joi/gVh/yYPL1stdRWJwcA5efZFf8mQUGBgYs7k2d4yFRoQ
fAi79gnYiyn9aIqwd7AMQ1D7JdvrxkXweo0KTwhyP8zydTMNWsGww0G2jyAoHRFp
Brz6PT4PK7nOeiGgnJUa1uUoV20hyhKKVl09h/FIFOJL
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org