Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d4b4aa1a-385e-428a-9444-c44b9dd07114.roa
File: d4b4aa1a-385e-428a-9444-c44b9dd07114.roa (raw, json)
Hash identifier: sxvnosKJFTOcqBrCFk84L03Ma9jVUgvQs0q40fT6aO8=
Subject key identifier: 17:96:A7:CE:DE:ED:4C:8F:AA:18:DE:3B:6F:0F:CB:D4:D9:C8:5C:A8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5E973DA947E6D7E7352965E38642DFE0F5AF68FE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d4b4aa1a-385e-428a-9444-c44b9dd07114.roa
Signing time: Wed 27 Mar 2024 00:00:00 +0000
ROA not before: Wed 27 Mar 2024 00:00:00 +0000
ROA not after: Wed 01 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.44.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 29 Mar 2024 21:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:97:3d:a9:47:e6:d7:e7:35:29:65:e3:86:42:df:e0:f5:af:68:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 27 00:00:00 2024 GMT
Not After : May 1 23:59:59 2024 GMT
Subject: serialNumber=2a01e8bf7744d63d3b7e1a298b3812023f14997b0cc465d388626b55ff7cb963, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d2:fc:e5:97:d9:69:9a:57:51:9d:44:d9:6c:
8a:0a:0a:dd:f3:ee:2f:51:96:e3:01:bc:0c:2f:40:
b9:ee:44:73:65:e5:f2:b6:4f:a0:46:4f:29:7e:23:
ad:fc:2b:1d:62:73:df:c6:4e:77:d6:9b:e4:91:f4:
03:15:dd:aa:58:aa:56:36:ee:b0:72:8c:44:88:13:
84:91:2b:dc:1c:cd:cc:d7:ba:d0:a3:5a:8d:e5:fb:
6c:3c:47:17:d3:27:12:08:b5:f5:d5:66:38:92:9b:
78:9b:1d:93:db:87:d5:76:bf:9c:80:59:b3:c0:c8:
92:c9:8e:43:2c:c6:d2:8a:ac:7d:e3:f4:31:bb:f9:
d4:e6:a6:7d:d1:ef:15:e2:ea:f7:0f:65:27:4b:ac:
c4:a5:30:7a:2b:bf:61:10:79:2d:05:ce:6a:4f:5b:
dd:e9:34:d8:7e:65:11:48:93:29:49:ad:8c:bb:fd:
06:50:17:ce:e4:85:12:5e:2f:2f:77:4f:2d:8b:ca:
bc:a0:60:37:7a:9a:4d:26:2d:06:96:90:d5:27:83:
25:95:e1:25:f2:eb:0b:6a:94:60:b9:71:5c:96:d1:
42:93:97:e3:eb:6c:6c:fc:ca:9a:6c:e4:c6:90:37:
9b:9d:f6:be:48:e1:61:7b:80:7c:2b:6f:a5:80:5b:
de:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:96:A7:CE:DE:ED:4C:8F:AA:18:DE:3B:6F:0F:CB:D4:D9:C8:5C:A8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d4b4aa1a-385e-428a-9444-c44b9dd07114.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.44.0.0/14
Signature Algorithm: sha256WithRSAEncryption
be:6e:ec:e4:f3:02:7e:25:ea:1c:94:2c:9b:60:e9:84:e3:42:
cf:06:59:e6:f0:08:b3:12:13:58:f5:bc:c4:68:8c:57:fa:1a:
6b:94:ed:e0:38:84:02:a8:73:2c:24:20:50:d1:b5:9a:79:27:
33:56:ff:60:04:72:48:ac:7e:45:a7:bd:22:b3:c7:36:87:d9:
92:64:93:f2:93:96:e7:0f:a4:ca:0b:d5:94:a2:3a:92:69:8a:
19:37:ba:be:05:65:93:81:ba:c7:fc:dc:ad:67:1b:5c:6f:1b:
3f:5e:ef:c2:56:e3:bd:70:36:b8:22:e3:d3:49:a5:cd:e3:5d:
e5:52:3c:17:2b:98:30:9d:9e:87:33:2b:0d:02:e3:1d:c9:c5:
85:c5:2c:e7:a4:bb:85:d5:9c:99:7d:38:a6:0e:dc:56:75:04:
03:70:25:4c:d1:e7:0a:f8:79:01:f3:6c:20:78:dd:6e:59:4f:
a4:ce:57:82:56:14:2b:e8:3a:13:a7:cb:3d:56:01:91:5a:b8:
56:a5:cc:1e:99:92:f9:1e:64:88:f2:88:ee:74:6b:c4:3b:bb:
fa:87:fd:3e:2e:52:db:ef:09:94:2a:02:0d:c1:61:4b:b3:7b:
7f:23:72:af:b3:67:b8:32:51:3b:0c:9e:c9:20:d6:ef:70:d1:
95:7f:b2:70
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXpc9qUfm1+c1KWXjhkLf4PWvaP4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMjcwMDAwMDBaFw0yNDA1MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhMDFlOGJmNzc0NGQ2M2QzYjdlMWEyOThiMzgxMjAyM2YxNDk5N2IwY2M0
NjVkMzg4NjI2YjU1ZmY3Y2I5NjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANjS/OWX2WmaV1GdRNlsigoK3fPuL1GW4wG8DC9Aue5Ec2Xl8rZPoEZPKX4j
rfwrHWJz38ZOd9ab5JH0AxXdqliqVjbusHKMRIgThJEr3BzNzNe60KNajeX7bDxH
F9MnEgi19dVmOJKbeJsdk9uH1Xa/nIBZs8DIksmOQyzG0oqsfeP0Mbv51OamfdHv
FeLq9w9lJ0usxKUweiu/YRB5LQXOak9b3ek02H5lEUiTKUmtjLv9BlAXzuSFEl4v
L3dPLYvKvKBgN3qaTSYtBpaQ1SeDJZXhJfLrC2qUYLlxXJbRQpOX4+tsbPzKmmzk
xpA3m532vkjhYXuAfCtvpYBb3lsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQXlqfO
3u1Mj6oY3jtvD8vU2chcqDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDRiNGFhMWEtMzg1ZS00MjhhLTk0NDQtYzQ0YjlkZDA3MTE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMsMA0G
CSqGSIb3DQEBCwUAA4IBAQC+buzk8wJ+JeoclCybYOmE40LPBlnm8AizEhNY9bzE
aIxX+hprlO3gOIQCqHMsJCBQ0bWaeSczVv9gBHJIrH5Fp70is8c2h9mSZJPyk5bn
D6TKC9WUojqSaYoZN7q+BWWTgbrH/NytZxtcbxs/Xu/CVuO9cDa4IuPTSaXN413l
UjwXK5gwnZ6HMysNAuMdycWFxSznpLuF1ZyZfTimDtxWdQQDcCVM0ecK+HkB82wg
eN1uWU+kzleCVhQr6DoTp8s9VgGRWrhWpcwemZL5HmSI8ojudGvEO7v6h/0+LlLb
7wmUKgINwWFLs3t/I3Kvs2e4MlE7DJ7JINbvcNGVf7Jw
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:38:21 2024 by rpki-client on console-fra.rpki-client.org