Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d39ed330-73e8-4df6-a6f4-8766e2e6190e.roa
File: d39ed330-73e8-4df6-a6f4-8766e2e6190e.roa (raw, json)
Hash identifier: 5/KMzMizmc7ZJ5Gu0HXcmh4wZa/s1sb3A+0H6gKszqE=
Subject key identifier: 23:EE:83:2B:B4:9D:EF:1C:3B:99:B7:26:11:6A:74:E1:81:F2:49:1E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 222373C165C9F7159C62B0F4E64D330E9C98EFA7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d39ed330-73e8-4df6-a6f4-8766e2e6190e.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.0.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:23:73:c1:65:c9:f7:15:9c:62:b0:f4:e6:4d:33:0e:9c:98:ef:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=a88ef8796db0797ea41b5f191404797112683c4edf1c0e45bd09ca1e4abcee49, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:59:3b:9e:43:4a:52:32:11:91:90:fc:7c:22:
6c:c9:5c:c6:77:78:6e:64:0b:3d:60:ec:8f:0f:76:
5b:30:d9:25:f5:b4:8d:57:dd:78:a0:aa:56:b9:4f:
d3:1e:fb:82:10:20:02:2f:7b:f1:8a:ab:cd:65:bf:
16:2c:bc:b7:93:18:a8:a0:03:f3:bd:7a:fa:27:39:
99:f0:2a:0a:50:19:0b:1b:c5:20:9a:aa:00:76:bc:
1e:58:a1:fa:21:b0:b0:7e:c4:01:4f:38:4e:e6:75:
a1:11:c0:8a:64:d0:f6:dd:b1:85:89:b6:ce:c8:fd:
d3:f1:dd:41:fc:0e:a6:81:05:79:f4:40:a4:3b:e9:
e6:be:8c:81:a3:7e:ac:4f:95:70:06:fd:55:f4:a3:
49:50:7f:91:7b:9e:06:37:c7:46:d6:1c:ec:a3:3b:
b8:aa:7b:78:a2:d0:c0:44:ed:63:12:56:c4:51:05:
2f:59:f5:df:da:81:7b:33:93:77:9e:57:60:de:46:
96:8e:0d:a7:00:4d:ae:dd:4d:74:fa:65:98:6e:57:
f3:c4:8d:a8:98:04:0f:c4:c6:49:37:ae:7c:d6:ce:
74:90:4b:ba:d0:20:73:fe:40:7d:17:69:38:6e:60:
27:f9:84:f5:21:14:a7:91:1a:ab:20:a6:c6:ce:34:
99:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:EE:83:2B:B4:9D:EF:1C:3B:99:B7:26:11:6A:74:E1:81:F2:49:1E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d39ed330-73e8-4df6-a6f4-8766e2e6190e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.32.0/19
Signature Algorithm: sha256WithRSAEncryption
28:d1:b1:cf:eb:b4:45:af:d2:f8:38:a7:26:e7:c6:99:3c:a1:
d1:a6:3e:cc:a5:56:69:45:b0:36:65:57:af:0f:ec:06:63:c6:
46:fc:f9:e6:7d:90:d5:17:27:23:30:f7:c9:1a:be:de:3b:db:
5a:81:13:84:bf:3a:1b:6e:2d:6c:69:46:32:d3:09:62:4b:b0:
b5:df:e6:6d:7e:38:36:98:1c:6e:5e:e8:3c:af:fb:49:16:a8:
b1:9b:e7:25:2f:68:31:fc:c7:98:f4:ac:a1:37:53:de:d5:c6:
71:d9:1e:84:e1:3e:00:e2:70:d3:c7:a7:4c:73:b3:04:7e:78:
d1:41:b4:df:06:3d:ec:67:c3:5c:33:84:3c:f8:9d:3e:bc:00:
50:7a:b5:0e:a3:d9:82:79:84:47:84:3e:d4:79:c6:1b:2b:d3:
3b:49:31:8c:fa:39:8d:0f:52:9b:86:69:57:ad:c7:53:3f:c6:
77:6a:27:69:d8:05:a4:ed:5f:d8:98:08:56:30:72:57:3c:07:
0d:54:89:1d:04:49:b5:50:b2:e0:d5:28:b6:a2:c6:f4:d1:30:
50:bf:09:c6:1b:b4:fa:c2:6d:8c:62:49:43:4b:ce:b2:59:c3:
e8:a4:98:f8:31:38:9e:fa:ce:34:0c:ee:ad:87:9a:59:b8:5c:
98:1f:c5:cb
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIiNzwWXJ9xWcYrD05k0zDpyY76cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4OGVmODc5NmRiMDc5N2VhNDFiNWYxOTE0MDQ3OTcxMTI2ODNjNGVkZjFj
MGU0NWJkMDljYTFlNGFiY2VlNDkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM1ZO55DSlIyEZGQ/HwibMlcxnd4bmQLPWDsjw92WzDZJfW0jVfdeKCqVrlP
0x77ghAgAi978YqrzWW/Fiy8t5MYqKAD8716+ic5mfAqClAZCxvFIJqqAHa8Hlih
+iGwsH7EAU84TuZ1oRHAimTQ9t2xhYm2zsj90/HdQfwOpoEFefRApDvp5r6MgaN+
rE+VcAb9VfSjSVB/kXueBjfHRtYc7KM7uKp7eKLQwETtYxJWxFEFL1n139qBezOT
d55XYN5Glo4NpwBNrt1NdPplmG5X88SNqJgED8TGSTeufNbOdJBLutAgc/5AfRdp
OG5gJ/mE9SEUp5EaqyCmxs40mbECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQj7oMr
tJ3vHDuZtyYRanThgfJJHjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDM5ZWQzMzAtNzNlOC00ZGY2LWE2ZjQtODc2NmUyZTYxOTBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBTMAIDAN
BgkqhkiG9w0BAQsFAAOCAQEAKNGxz+u0Ra/S+DinJufGmTyh0aY+zKVWaUWwNmVX
rw/sBmPGRvz55n2Q1RcnIzD3yRq+3jvbWoEThL86G24tbGlGMtMJYkuwtd/mbX44
Npgcbl7oPK/7SRaosZvnJS9oMfzHmPSsoTdT3tXGcdkehOE+AOJw08enTHOzBH54
0UG03wY97GfDXDOEPPidPrwAUHq1DqPZgnmER4Q+1HnGGyvTO0kxjPo5jQ9Sm4Zp
V63HUz/Gd2onadgFpO1f2JgIVjByVzwHDVSJHQRJtVCy4NUotqLG9NEwUL8Jxhu0
+sJtjGJJQ0vOslnD6KSY+DE4nvrONAzurYeaWbhcmB/Fyw==
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:40:28 2024 by rpki-client on console-ams.rpki-client.org