Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc642b10-5c6d-49f8-aaa2-8850efea8c91.roa
File: dc642b10-5c6d-49f8-aaa2-8850efea8c91.roa (raw, json)
Hash identifier: 3Z7mMN/9d5DawQKkUolqPNGnbanPhEJov5I0hQggZ1g=
Subject key identifier: 7B:A1:D7:50:25:76:AB:6B:B0:F7:5F:39:EA:91:0C:40:BA:F5:E1:C4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5E4BE27283C9256B0045DD6B4E0CF422982E64F8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc642b10-5c6d-49f8-aaa2-8850efea8c91.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.224.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Apr 2024 20:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:4b:e2:72:83:c9:25:6b:00:45:dd:6b:4e:0c:f4:22:98:2e:64:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=9f505aa5504660f58e8a905e1998b0bb9439eda742f9a9454ec61b3630c3df81, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:86:6f:5c:ff:d9:25:3e:ca:0b:b6:22:41:3a:
6e:58:70:23:16:86:b1:58:da:ec:ad:7f:5f:58:ed:
8d:ed:30:af:8e:77:8e:79:29:16:e3:98:67:0c:2e:
a4:88:41:ae:51:11:ff:b8:81:39:d6:0d:16:a8:18:
12:aa:bc:4f:ea:29:92:27:ae:89:d6:16:28:79:40:
3d:b4:9c:6b:ba:0e:f7:59:47:05:d7:08:9c:c8:f1:
7f:fd:9c:dc:30:5e:4f:7d:a3:92:11:29:fe:74:de:
38:a2:6b:36:24:17:1d:f3:8f:7b:e6:17:02:e7:04:
98:55:f1:7f:b4:10:36:81:94:00:a6:5c:b5:98:2b:
f5:da:c0:e6:2b:7c:78:77:ba:a6:97:76:87:54:cd:
b7:3d:c2:e4:39:d9:0e:2e:5a:45:25:34:cd:40:9a:
ca:36:3f:bd:d6:10:46:53:9a:a7:2e:08:a1:7f:05:
50:6c:53:31:8c:8f:ff:ce:16:41:d9:68:d5:6f:f7:
15:48:9c:db:cc:47:2a:0b:3f:0a:da:2a:ac:ad:8e:
5d:72:c7:6d:df:7b:7b:6b:5d:22:0f:06:c9:a1:6e:
bd:19:87:53:f5:7b:b1:22:a4:95:06:88:ca:4b:15:
86:8f:13:44:6f:0c:67:b0:8c:d3:12:54:e3:4d:0d:
63:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:A1:D7:50:25:76:AB:6B:B0:F7:5F:39:EA:91:0C:40:BA:F5:E1:C4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc642b10-5c6d-49f8-aaa2-8850efea8c91.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.224.0.0/15
Signature Algorithm: sha256WithRSAEncryption
65:28:3c:79:08:44:e3:77:8f:b0:40:89:53:4c:5b:11:53:9d:
a7:b4:eb:b4:96:8a:8f:f8:ea:c5:dd:5d:0e:d1:fe:7c:50:f5:
f8:ab:f6:45:36:bf:b2:fd:1c:4a:35:9e:74:1c:01:87:40:7f:
08:99:74:48:fc:75:12:58:ec:34:b6:61:f5:d7:54:2e:13:e3:
06:b9:38:e1:56:b4:0c:00:28:84:5e:6d:17:b5:62:e1:af:e3:
9c:a7:99:a7:3d:c9:55:49:54:90:5c:08:6d:02:aa:92:f0:74:
0d:41:fe:d2:01:73:3b:5f:2f:d3:14:b7:97:9f:16:2e:c5:cd:
d1:0a:14:03:1c:58:d0:2b:72:d3:df:7c:c4:d9:d1:8d:d6:e1:
05:6f:d9:5b:9d:6c:b2:a6:4e:e8:3f:e6:24:f0:86:ee:8d:76:
2c:75:ac:01:f1:6a:7c:65:ac:76:d1:75:c6:71:92:00:be:8f:
f2:ef:4a:83:4b:08:54:c1:20:13:87:ee:05:e1:5f:a8:52:b5:
eb:b0:04:8e:da:08:2f:56:f0:61:53:e0:96:b8:2f:b5:a5:e7:
d6:2c:71:fe:e0:1b:74:85:c8:c0:45:a8:50:b1:56:06:00:1d:
6c:45:26:be:27:1e:be:2d:12:42:77:a6:d3:45:c1:90:e5:be:
6a:87:52:69
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXkvicoPJJWsARd1rTgz0IpguZPgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmNTA1YWE1NTA0NjYwZjU4ZThhOTA1ZTE5OThiMGJiOTQzOWVkYTc0MmY5
YTk0NTRlYzYxYjM2MzBjM2RmODExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALqGb1z/2SU+ygu2IkE6blhwIxaGsVja7K1/X1jtje0wr453jnkpFuOYZwwu
pIhBrlER/7iBOdYNFqgYEqq8T+opkieuidYWKHlAPbSca7oO91lHBdcInMjxf/2c
3DBeT32jkhEp/nTeOKJrNiQXHfOPe+YXAucEmFXxf7QQNoGUAKZctZgr9drA5it8
eHe6ppd2h1TNtz3C5DnZDi5aRSU0zUCayjY/vdYQRlOapy4IoX8FUGxTMYyP/84W
Qdlo1W/3FUic28xHKgs/CtoqrK2OXXLHbd97e2tdIg8GyaFuvRmHU/V7sSKklQaI
yksVho8TRG8MZ7CM0xJU400NY4sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR7oddQ
JXara7D3XznqkQxAuvXhxDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGM2NDJiMTAtNWM2ZC00OWY4LWFhYTItODg1MGVmZWE4YzkxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPgMA0G
CSqGSIb3DQEBCwUAA4IBAQBlKDx5CETjd4+wQIlTTFsRU52ntOu0loqP+OrF3V0O
0f58UPX4q/ZFNr+y/RxKNZ50HAGHQH8ImXRI/HUSWOw0tmH111QuE+MGuTjhVrQM
ACiEXm0XtWLhr+Ocp5mnPclVSVSQXAhtAqqS8HQNQf7SAXM7Xy/TFLeXnxYuxc3R
ChQDHFjQK3LT33zE2dGN1uEFb9lbnWyypk7oP+Yk8IbujXYsdawB8Wp8Zax20XXG
cZIAvo/y70qDSwhUwSATh+4F4V+oUrXrsASO2ggvVvBhU+CWuC+1pefWLHH+4Bt0
hcjARahQsVYGAB1sRSa+Jx6+LRJCd6bTRcGQ5b5qh1Jp
-----END CERTIFICATE-----
Generated at Thu Apr 18 00:59:32 2024 by rpki-client on console-ams.rpki-client.org