Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d310e678-58b7-443e-b704-6a24720f63c2.roa
File: d310e678-58b7-443e-b704-6a24720f63c2.roa (raw, json)
Hash identifier: XbC77QJsD89eiZQn8ceRG6YEnrw0pyARbOhSu8AAUFM=
Subject key identifier: CC:60:A2:DE:10:9E:C0:16:C9:D2:D3:87:7A:40:81:FF:F1:AA:B0:0C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 577703FC33F170712FFD7A18A08A284284AADCFE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d310e678-58b7-443e-b704-6a24720f63c2.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.114.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 00:45:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:77:03:fc:33:f1:70:71:2f:fd:7a:18:a0:8a:28:42:84:aa:dc:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=307cd200e4d2e54bfb989f892f459d768d6705fb32e9478f6b298bc2b03a512c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3e:5b:34:4f:f9:3f:da:36:51:f3:07:c1:0e:
f0:bf:f3:95:e0:da:e0:74:de:14:7a:c3:56:b4:bb:
24:ed:bb:eb:11:9e:00:b3:3b:a9:ad:a4:4e:b8:b9:
06:f4:f1:03:01:cb:84:72:23:40:11:24:aa:be:37:
78:ff:3b:b6:22:f0:77:f5:0d:a8:ce:56:c7:3f:26:
f2:c0:a5:d6:fa:cc:c2:68:e6:6f:7f:f5:a2:e7:1b:
86:7e:74:7f:5a:eb:da:c9:5c:4b:34:61:b1:12:db:
2e:48:1e:75:68:3e:a4:03:9e:d9:15:97:b6:02:7b:
65:c6:aa:f1:13:30:39:ab:10:58:c6:8a:09:9f:a9:
73:f0:a3:55:92:5d:e4:2b:7d:40:2a:9a:e0:ad:ca:
40:f1:20:05:bc:83:74:4f:26:b7:b8:d5:a7:17:0d:
78:39:b7:72:6f:6b:c7:89:d3:b1:c9:ac:1c:ba:f3:
15:ae:7e:05:3f:d9:03:05:e6:30:e7:23:96:2d:84:
f7:f8:09:03:96:79:89:af:58:d7:56:8c:ee:c0:c8:
a0:23:28:21:22:19:9f:fe:d2:1d:0f:fc:5d:8a:9e:
82:3a:58:57:27:49:23:ff:9c:f9:bd:08:92:0a:e4:
57:17:0a:c7:16:b3:84:80:b3:b7:6e:31:f6:29:18:
d9:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:60:A2:DE:10:9E:C0:16:C9:D2:D3:87:7A:40:81:FF:F1:AA:B0:0C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d310e678-58b7-443e-b704-6a24720f63c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.114.0.0/16
Signature Algorithm: sha256WithRSAEncryption
29:60:f8:f1:0c:38:f9:fc:e9:70:f7:32:02:b9:e2:1d:6a:d2:
43:aa:e2:cb:77:11:17:a7:00:f1:ef:3c:dd:67:c7:d1:01:6b:
d9:47:ba:b2:16:0f:27:c2:80:05:eb:2d:f9:1e:39:f2:24:7d:
1c:c9:0e:01:5b:67:93:87:94:7f:7a:bf:5f:ad:39:d3:8a:38:
b2:20:0e:ae:26:9d:e7:94:c2:fd:48:3e:28:b1:5e:11:79:6a:
d2:6e:ae:78:ac:c3:f5:99:74:e5:08:de:6d:5d:fb:80:2a:87:
c8:c9:24:88:f6:28:9d:81:bd:ce:11:da:d4:f6:fd:62:4c:dc:
7d:e9:23:9d:62:ea:8d:d9:b9:ad:da:b5:dc:66:24:9c:62:ba:
dc:98:68:31:98:95:43:99:4e:1a:88:15:37:1f:71:07:f3:13:
c0:b1:91:19:d8:9d:7d:71:20:d7:1a:5d:c3:ea:30:b3:00:1d:
37:91:70:b9:06:48:95:a5:f8:c8:81:86:44:28:00:38:63:02:
10:a8:b3:25:67:b5:d0:08:1e:61:58:02:93:f6:52:5f:ed:cb:
88:f3:cb:69:20:66:16:d1:17:ce:72:cd:28:01:83:c3:62:ac:
a6:e4:37:b1:9c:e2:ae:7d:ba:ef:1d:b6:9f:be:80:28:bc:c9:
8b:35:85:e0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUV3cD/DPxcHEv/XoYoIooQoSq3P4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwN2NkMjAwZTRkMmU1NGJmYjk4OWY4OTJmNDU5ZDc2OGQ2NzA1ZmIzMmU5
NDc4ZjZiMjk4YmMyYjAzYTUxMmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL8+WzRP+T/aNlHzB8EO8L/zleDa4HTeFHrDVrS7JO276xGeALM7qa2kTri5
BvTxAwHLhHIjQBEkqr43eP87tiLwd/UNqM5Wxz8m8sCl1vrMwmjmb3/1oucbhn50
f1rr2slcSzRhsRLbLkgedWg+pAOe2RWXtgJ7Zcaq8RMwOasQWMaKCZ+pc/CjVZJd
5Ct9QCqa4K3KQPEgBbyDdE8mt7jVpxcNeDm3cm9rx4nTscmsHLrzFa5+BT/ZAwXm
MOcjli2E9/gJA5Z5ia9Y11aM7sDIoCMoISIZn/7SHQ/8XYqegjpYVydJI/+c+b0I
kgrkVxcKxxazhICzt24x9ikY2UkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTMYKLe
EJ7AFsnS04d6QIH/8aqwDDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDMxMGU2NzgtNThiNy00NDNlLWI3MDQtNmEyNDcyMGY2M2MyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNyMA0G
CSqGSIb3DQEBCwUAA4IBAQApYPjxDDj5/Olw9zICueIdatJDquLLdxEXpwDx7zzd
Z8fRAWvZR7qyFg8nwoAF6y35HjnyJH0cyQ4BW2eTh5R/er9frTnTijiyIA6uJp3n
lML9SD4osV4ReWrSbq54rMP1mXTlCN5tXfuAKofIySSI9iidgb3OEdrU9v1iTNx9
6SOdYuqN2bmt2rXcZiScYrrcmGgxmJVDmU4aiBU3H3EH8xPAsZEZ2J19cSDXGl3D
6jCzAB03kXC5BkiVpfjIgYZEKAA4YwIQqLMlZ7XQCB5hWAKT9lJf7cuI88tpIGYW
0RfOcs0oAYPDYqym5DexnOKufbrvHbafvoAovMmLNYXg
-----END CERTIFICATE-----
Generated at Sat Apr 20 02:38:45 2024 by rpki-client on console-ams.rpki-client.org