Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
File: d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa (raw, json)
Hash identifier: pLsh+82OKC7SyskhW+NydpdhUA3TfHkrsM7bXTDJ/BQ=
Subject key identifier: AD:9E:11:0D:D3:3E:20:31:76:91:34:95:D4:9A:E5:03:29:FA:9D:38
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6ADDE0605F5AF07E6CE8FD713EF7A0E7EF44B2B0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.151.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Apr 2024 19:21:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:dd:e0:60:5f:5a:f0:7e:6c:e8:fd:71:3e:f7:a0:e7:ef:44:b2:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=4dede826c67dcfce80f078f343b4627391eda4a2dd706caf78bf27bbd39885de, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:48:f5:a9:2b:0d:3b:63:3b:b5:ed:25:55:61:
95:c8:0b:51:4e:7c:73:04:31:fd:15:22:28:e8:39:
9e:61:05:5c:c8:04:a4:6b:36:f9:73:17:99:97:d0:
39:e7:19:87:e7:12:a8:bb:28:6c:f5:e9:de:5a:96:
ff:d8:5b:c1:04:e2:db:6b:c4:93:f5:0a:89:68:88:
ae:9f:7f:cb:2b:80:e8:de:62:d9:1d:2b:f4:d0:3b:
f2:55:b8:14:71:87:96:a1:88:85:9b:7e:04:1f:ac:
b3:1d:58:4a:23:97:e5:bd:ce:60:04:62:c9:dd:a6:
56:85:ea:7e:56:e3:4d:57:23:20:89:d4:62:78:03:
9d:d9:35:48:01:3b:c8:86:13:6c:20:c8:8f:5a:7e:
21:de:65:53:f5:8b:86:8a:17:34:7e:8d:0f:93:19:
95:f0:12:df:81:cd:55:77:23:f4:38:e7:68:df:63:
78:39:01:b3:70:5a:ad:b7:37:f4:74:f3:5c:0a:c4:
06:56:03:64:af:56:18:c1:d0:c8:30:2b:35:43:a5:
71:7d:c9:65:8f:44:68:42:e1:4d:51:dc:d8:12:96:
ff:53:71:d4:0f:f4:7f:b8:f5:18:96:cc:2f:ea:4e:
c1:39:72:74:36:7e:43:c7:b4:3a:a2:1e:01:65:da:
13:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:9E:11:0D:D3:3E:20:31:76:91:34:95:D4:9A:E5:03:29:FA:9D:38
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.151.0.0/16
Signature Algorithm: sha256WithRSAEncryption
19:a0:7b:e4:9d:9e:83:c6:79:40:eb:97:cd:8f:a7:ba:d8:b7:
ac:99:18:f2:2d:5d:92:92:61:97:44:7f:c4:64:a8:04:fc:e6:
c6:a0:4e:d4:b5:99:f0:91:f2:d0:fe:bc:9f:f3:e2:1f:95:14:
83:4c:c5:49:3e:44:50:77:f2:e3:cd:11:a9:65:02:65:58:b9:
7d:d8:6b:0b:2f:51:44:23:8f:e8:59:3d:1f:82:82:eb:9c:5d:
d1:da:fe:6f:0c:8d:b8:fa:e7:d0:7b:96:18:e4:e3:94:5f:b1:
33:48:db:ef:ad:bd:90:5d:b0:b1:7b:43:69:c2:99:8d:cb:ac:
fd:1d:26:b5:b9:99:a3:78:cb:2d:e5:c6:7f:85:d9:6c:60:b8:
9e:e7:87:23:cf:d5:78:35:75:82:96:57:3c:6a:ba:52:00:b9:
b3:12:c9:0f:26:e9:83:3b:ae:1f:c4:1f:67:9d:57:8c:1a:f9:
21:7b:ab:dc:36:8f:83:36:cb:d5:22:e4:e3:e0:7c:7f:ee:2b:
57:09:19:f6:a4:c7:ed:56:b9:7d:61:ed:8c:31:30:d0:47:f5:
51:50:54:ec:e7:68:38:28:f5:7f:21:f3:16:0e:2f:fe:f3:5d:
88:00:a3:7e:f0:29:76:4a:0e:db:f7:8d:b3:a0:f6:8c:b1:24:
72:cb:72:0e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUat3gYF9a8H5s6P1xPveg5+9EsrAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDRkZWRlODI2YzY3ZGNmY2U4MGYwNzhmMzQzYjQ2MjczOTFlZGE0YTJkZDcw
NmNhZjc4YmYyN2JiZDM5ODg1ZGUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN5I9akrDTtjO7XtJVVhlcgLUU58cwQx/RUiKOg5nmEFXMgEpGs2+XMXmZfQ
OecZh+cSqLsobPXp3lqW/9hbwQTi22vEk/UKiWiIrp9/yyuA6N5i2R0r9NA78lW4
FHGHlqGIhZt+BB+ssx1YSiOX5b3OYARiyd2mVoXqflbjTVcjIInUYngDndk1SAE7
yIYTbCDIj1p+Id5lU/WLhooXNH6ND5MZlfAS34HNVXcj9DjnaN9jeDkBs3Barbc3
9HTzXArEBlYDZK9WGMHQyDArNUOlcX3JZY9EaELhTVHc2BKW/1Nx1A/0f7j1GJbM
L+pOwTlydDZ+Q8e0OqIeAWXaE8sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBStnhEN
0z4gMXaRNJXUmuUDKfqdODAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDdmZGVkZmMtMmJkYy00MmNkLWE3MTQtMmFiYmMwMmRlYWU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOXMA0G
CSqGSIb3DQEBCwUAA4IBAQAZoHvknZ6DxnlA65fNj6e62LesmRjyLV2SkmGXRH/E
ZKgE/ObGoE7UtZnwkfLQ/ryf8+IflRSDTMVJPkRQd/LjzRGpZQJlWLl92GsLL1FE
I4/oWT0fgoLrnF3R2v5vDI24+ufQe5YY5OOUX7EzSNvvrb2QXbCxe0NpwpmNy6z9
HSa1uZmjeMst5cZ/hdlsYLie54cjz9V4NXWCllc8arpSALmzEskPJumDO64fxB9n
nVeMGvkhe6vcNo+DNsvVIuTj4Hx/7itXCRn2pMftVrl9Ye2MMTDQR/VRUFTs52g4
KPV/IfMWDi/+812IAKN+8Cl2Sg7b942zoPaMsSRyy3IO
-----END CERTIFICATE-----
Generated at Tue Apr 16 01:21:46 2024 by rpki-client on console-ams.rpki-client.org