Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
File: d51a4935-8601-4ebd-a099-1d61b0a661b3.roa (raw, json)
Hash identifier: eqnjHHvUJ8zeIZw3+kVWxqmIBtSrF10SYRdMO3hvRXc=
Subject key identifier: 22:3A:3B:02:2B:72:73:44:DC:9A:A7:4D:B5:26:09:AA:C4:56:03:3E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7738284DC23E3625F974A0BB2EE4D46B0F128A24
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
Signing time: Tue 05 Mar 2024 00:00:00 +0000
ROA not before: Tue 05 Mar 2024 00:00:00 +0000
ROA not after: Tue 09 Apr 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.228.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 Mar 2024 18:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:38:28:4d:c2:3e:36:25:f9:74:a0:bb:2e:e4:d4:6b:0f:12:8a:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 00:00:00 2024 GMT
Not After : Apr 9 23:59:59 2024 GMT
Subject: serialNumber=8d14ff1f1fecef05058d30a5b22f8eea90171e28da85ef5f5c7e2eeec18af1d5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:53:3d:a6:4e:dc:d7:07:41:17:a5:25:f1:e5:
dd:51:e0:ec:fe:38:7a:3a:1a:fd:6f:b5:97:b3:92:
a5:9c:c0:4b:7f:b9:9b:bf:b4:4b:4e:fa:49:39:4f:
6f:51:1d:ff:85:6d:01:34:ef:6c:73:a4:6b:52:a9:
8a:6e:42:bf:56:a1:98:3a:66:91:8d:30:7b:15:ea:
ad:0d:59:7f:9f:81:29:03:90:e4:4a:a8:9a:75:f1:
ee:c2:38:be:0d:8a:3d:86:53:43:53:31:18:20:39:
b1:03:25:76:f5:09:4a:67:b8:c2:22:ab:1f:64:d0:
5f:ae:4d:ed:90:e4:e6:f4:bb:58:d2:90:85:e6:ca:
27:df:09:72:93:ad:54:76:fd:2a:2f:78:c9:5c:e2:
61:45:dd:53:71:21:e5:f2:ba:ed:c5:48:1e:70:f8:
8c:fe:fb:71:60:83:b0:f5:74:35:0a:3b:dd:2f:b0:
dd:32:6b:12:93:e4:96:0f:f5:b7:df:8b:57:00:4e:
c4:09:a6:54:12:d9:30:77:1f:69:8c:e6:94:79:45:
3d:5e:73:51:55:4b:72:32:1c:58:bb:fd:c1:7f:c1:
5b:b2:63:0d:34:34:d8:67:de:f6:0d:65:48:b4:f1:
9a:ca:c4:01:81:7f:94:ae:44:cd:15:33:97:03:c6:
9d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:3A:3B:02:2B:72:73:44:DC:9A:A7:4D:B5:26:09:AA:C4:56:03:3E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.228.0.0/15
Signature Algorithm: sha256WithRSAEncryption
32:42:4e:09:5d:74:d0:11:d5:6b:83:78:90:87:df:60:c8:cc:
f2:d4:2d:e3:e7:47:a2:59:d9:3d:e5:3e:8a:c4:dd:61:9e:25:
e3:83:7e:2f:c5:08:a0:1e:cf:5e:2c:e4:4d:ba:db:e2:99:bb:
c3:bf:13:c3:e4:fb:0d:d1:54:ab:00:52:70:ac:cd:b5:81:ce:
2c:8b:5a:5a:ef:06:05:68:cf:a2:9a:2e:df:0d:44:dc:8d:a7:
b4:62:4e:09:51:e4:ba:10:71:b8:63:e6:b2:a3:6f:54:f4:53:
64:73:aa:d3:09:cc:97:09:e1:12:4d:09:7f:cd:15:7a:47:03:
e1:7d:a5:4b:a7:78:5d:46:9e:d0:75:f5:ba:48:88:c7:46:26:
e4:12:07:2e:21:7f:13:7c:61:a9:91:ca:11:fc:26:41:9c:4b:
20:c4:3c:12:db:95:65:b9:07:b9:98:26:f3:be:12:d3:51:72:
b8:b9:cd:b5:22:19:24:2e:29:31:07:34:89:43:18:75:9e:66:
78:2b:c6:2b:27:cf:39:f0:65:64:22:55:fe:3c:ab:e4:b6:96:
bf:8c:22:16:93:7b:56:7e:28:1b:e9:d6:42:93:a7:5c:75:04:
81:d1:a4:3e:dc:e1:f8:e0:59:db:ab:23:c7:76:d7:89:38:98:
40:84:2c:46
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdzgoTcI+NiX5dKC7LuTUaw8SiiQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMDUwMDAwMDBaFw0yNDA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDhkMTRmZjFmMWZlY2VmMDUwNThkMzBhNWIyMmY4ZWVhOTAxNzFlMjhkYTg1
ZWY1ZjVjN2UyZWVlYzE4YWYxZDUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM9TPaZO3NcHQRelJfHl3VHg7P44ejoa/W+1l7OSpZzAS3+5m7+0S076STlP
b1Ed/4VtATTvbHOka1Kpim5Cv1ahmDpmkY0wexXqrQ1Zf5+BKQOQ5EqomnXx7sI4
vg2KPYZTQ1MxGCA5sQMldvUJSme4wiKrH2TQX65N7ZDk5vS7WNKQhebKJ98JcpOt
VHb9Ki94yVziYUXdU3Eh5fK67cVIHnD4jP77cWCDsPV0NQo73S+w3TJrEpPklg/1
t9+LVwBOxAmmVBLZMHcfaYzmlHlFPV5zUVVLcjIcWLv9wX/BW7JjDTQ02Gfe9g1l
SLTxmsrEAYF/lK5EzRUzlwPGnd0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQiOjsC
K3JzRNyap021JgmqxFYDPjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDUxYTQ5MzUtODYwMS00ZWJkLWEwOTktMWQ2MWIwYTY2MWIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPkMA0G
CSqGSIb3DQEBCwUAA4IBAQAyQk4JXXTQEdVrg3iQh99gyMzy1C3j50eiWdk95T6K
xN1hniXjg34vxQigHs9eLORNutvimbvDvxPD5PsN0VSrAFJwrM21gc4si1pa7wYF
aM+imi7fDUTcjae0Yk4JUeS6EHG4Y+ayo29U9FNkc6rTCcyXCeESTQl/zRV6RwPh
faVLp3hdRp7QdfW6SIjHRibkEgcuIX8TfGGpkcoR/CZBnEsgxDwS25VluQe5mCbz
vhLTUXK4uc21IhkkLikxBzSJQxh1nmZ4K8YrJ8858GVkIlX+PKvktpa/jCIWk3tW
figb6dZCk6dcdQSB0aQ+3OH44FnbqyPHdteJOJhAhCxG
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:06:41 2024 by rpki-client on console-ams.rpki-client.org