Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/da784055-12b4-4572-86a3-e152a8681c7c.roa
File: da784055-12b4-4572-86a3-e152a8681c7c.roa (raw, json)
Hash identifier: tlhL9LYIo5Lfyv4wCwTECOWts8PuLMG1VNCri+vTIEA=
Subject key identifier: DB:D5:8E:6F:75:F1:7C:51:7D:55:C5:19:EF:D7:11:23:67:DB:0D:40
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 60FF12E803B310D4FD3A741A71267B539676D93B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/da784055-12b4-4572-86a3-e152a8681c7c.roa
Signing time: Wed 27 Mar 2024 00:00:00 +0000
ROA not before: Wed 27 Mar 2024 00:00:00 +0000
ROA not after: Wed 01 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Apr 2024 20:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:ff:12:e8:03:b3:10:d4:fd:3a:74:1a:71:26:7b:53:96:76:d9:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 27 00:00:00 2024 GMT
Not After : May 1 23:59:59 2024 GMT
Subject: serialNumber=20c6d271eb8bfed20a444ff2e03f94375db40be7cffe7aa182c6d1a0509ed34c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:82:6c:63:ac:72:d6:c8:bd:4e:18:46:43:bf:
a9:32:85:a1:64:39:9f:9e:57:bd:a1:66:cf:3a:c9:
cf:0e:a3:dd:d9:85:e8:06:03:68:81:d6:94:4e:33:
87:d6:b2:4d:5a:4b:fa:2e:b5:fd:b4:c4:18:fb:d3:
c7:75:0b:ab:b5:ed:89:9b:ee:ba:23:82:6f:e4:a1:
2b:14:c8:b3:63:df:6f:2e:f7:fe:2c:8c:a7:4d:43:
b1:c9:b7:5d:9b:1b:4b:26:cb:43:06:45:3a:5a:5c:
79:90:fd:0d:c8:db:e2:d6:f3:20:ad:72:7e:d9:e8:
8c:5f:6d:32:42:19:77:4b:60:18:dc:2b:46:2a:ba:
e3:01:ac:ac:a0:e3:ee:94:ed:80:01:86:f1:6a:b6:
dd:2d:a2:42:a3:d6:14:4f:10:0e:72:72:5e:5e:e7:
43:17:d1:f2:bd:24:06:58:f3:a7:ac:66:03:43:bc:
e8:a0:8d:52:cf:b8:58:fd:4b:69:6e:71:b8:c8:97:
e0:7f:4a:04:ae:19:53:29:14:3e:8f:80:19:56:4d:
a8:a0:72:5f:2a:ec:13:4a:c4:d3:a3:79:53:69:37:
3f:11:cc:c1:cd:e6:fb:ee:08:ec:4a:46:46:e9:22:
dc:4b:2e:07:bb:8d:04:d9:a9:aa:cb:59:99:d9:22:
2a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:D5:8E:6F:75:F1:7C:51:7D:55:C5:19:EF:D7:11:23:67:DB:0D:40
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/da784055-12b4-4572-86a3-e152a8681c7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
36:da:90:26:f9:e9:9d:3a:0b:90:3f:6f:61:12:96:0f:0b:61:
8a:d7:4c:f0:01:57:8f:40:96:7b:0c:da:4c:d7:bb:48:aa:da:
25:ad:48:bf:20:68:7e:27:ef:cf:65:21:44:a8:5c:f1:2f:dd:
4d:87:74:b9:a8:e8:20:54:5f:e2:d5:ad:5b:6c:67:85:b4:3f:
85:bb:cb:11:b0:a6:dc:b4:71:01:44:6e:ae:c4:87:34:dd:05:
d3:02:58:e3:87:84:ac:d8:b4:00:c2:2d:33:c6:89:70:85:71:
98:69:97:5f:bc:32:61:c3:0e:65:df:f2:69:b1:5f:90:3f:da:
c1:8f:f8:ff:08:b4:16:59:ec:47:8e:3f:55:74:86:f5:ee:75:
81:42:60:47:93:a1:16:b4:ea:2c:e9:c3:1b:01:f4:37:b3:fc:
04:be:a7:66:a0:ce:fd:3b:68:01:04:1d:68:05:ee:54:d3:4f:
1b:3f:34:57:ca:13:bd:df:c9:8d:e4:8a:91:22:d1:3e:4c:72:
c0:32:9e:bc:df:5e:82:bb:b2:25:f7:7e:9b:17:61:21:88:99:
44:3b:d1:55:0f:ee:e8:12:db:78:a2:1f:38:10:41:81:6e:b0:
06:4f:c5:ee:e8:c2:73:87:26:22:8e:b8:df:02:ff:93:17:c1:
79:ef:9d:3b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUYP8S6AOzENT9OnQacSZ7U5Z22TswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMjcwMDAwMDBaFw0yNDA1MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDIwYzZkMjcxZWI4YmZlZDIwYTQ0NGZmMmUwM2Y5NDM3NWRiNDBiZTdjZmZl
N2FhMTgyYzZkMWEwNTA5ZWQzNGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJiCbGOsctbIvU4YRkO/qTKFoWQ5n55XvaFmzzrJzw6j3dmF6AYDaIHWlE4z
h9ayTVpL+i61/bTEGPvTx3ULq7XtiZvuuiOCb+ShKxTIs2Pfby73/iyMp01Dscm3
XZsbSybLQwZFOlpceZD9Dcjb4tbzIK1yftnojF9tMkIZd0tgGNwrRiq64wGsrKDj
7pTtgAGG8Wq23S2iQqPWFE8QDnJyXl7nQxfR8r0kBljzp6xmA0O86KCNUs+4WP1L
aW5xuMiX4H9KBK4ZUykUPo+AGVZNqKByXyrsE0rE06N5U2k3PxHMwc3m++4I7EpG
Ruki3EsuB7uNBNmpqstZmdkiKi0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTb1Y5v
dfF8UX1VxRnv1xEjZ9sNQDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGE3ODQwNTUtMTJiNC00NTcyLTg2YTMtZTE1MmE4NjgxYzdjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBjMAQDAN
BgkqhkiG9w0BAQsFAAOCAQEANtqQJvnpnToLkD9vYRKWDwthitdM8AFXj0CWewza
TNe7SKraJa1IvyBofifvz2UhRKhc8S/dTYd0uajoIFRf4tWtW2xnhbQ/hbvLEbCm
3LRxAURursSHNN0F0wJY44eErNi0AMItM8aJcIVxmGmXX7wyYcMOZd/yabFfkD/a
wY/4/wi0FlnsR44/VXSG9e51gUJgR5OhFrTqLOnDGwH0N7P8BL6nZqDO/TtoAQQd
aAXuVNNPGz80V8oTvd/JjeSKkSLRPkxywDKevN9egruyJfd+mxdhIYiZRDvRVQ/u
6BLbeKIfOBBBgW6wBk/F7ujCc4cmIo643wL/kxfBee+dOw==
-----END CERTIFICATE-----
Generated at Thu Apr 18 00:59:32 2024 by rpki-client on console-ams.rpki-client.org