Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
File: de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa (raw, json)
Hash identifier: 5mEnRRgNrbQUCSf+tX184rk2sztpz8lpJlwo2Th8LA4=
Subject key identifier: 62:29:8F:2E:F5:7C:2A:D1:F7:37:DB:74:9F:69:3A:1A:2F:AD:C3:23
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4A3F0F8ECCB215A6A128E8329354A81444375BBB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.40.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 00:45:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:3f:0f:8e:cc:b2:15:a6:a1:28:e8:32:93:54:a8:14:44:37:5b:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=83ffed183dee75e8ebd744936fab259f6ce852f714eacccd61d3cc1e94acc963, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d7:68:85:90:2c:aa:35:49:96:28:f4:83:13:
cf:79:4e:70:02:f5:98:c9:5e:ee:b5:b2:19:16:04:
9c:0f:86:8d:9f:5c:13:27:70:99:e8:76:d4:83:68:
07:28:b7:b5:c5:8e:e9:2c:c2:d5:04:28:a2:66:c0:
82:ac:a2:f4:f9:95:fb:23:a5:b9:c2:39:23:7b:8d:
03:eb:eb:16:ee:d8:18:8b:de:a8:c8:a4:02:bc:cd:
3c:1b:55:90:60:bc:0d:0e:23:a2:5b:95:f8:85:f2:
2e:96:01:9d:9c:f6:1b:a9:31:34:3b:e1:e2:f2:d7:
1f:d1:e0:13:34:bd:3b:69:f1:d3:aa:99:2b:cd:04:
4e:12:b8:17:77:9c:7f:46:a0:65:53:5c:d4:c1:e0:
83:ec:4f:96:9f:31:5e:fb:45:52:03:b7:1f:d3:03:
9f:4d:ea:d0:9f:ab:95:05:17:1b:49:3c:51:ce:27:
38:0c:8a:9b:0c:86:4f:d1:2f:ac:98:86:98:c0:4a:
23:9a:17:82:fa:b3:1f:1b:c6:ed:62:5f:e4:18:26:
cc:ef:31:14:98:68:08:37:b7:04:11:45:02:83:19:
ee:19:87:91:89:d5:5c:d7:6a:1c:cf:0d:b6:28:1b:
81:39:7d:ae:18:5e:52:c2:31:b5:69:0a:92:81:04:
6f:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:29:8F:2E:F5:7C:2A:D1:F7:37:DB:74:9F:69:3A:1A:2F:AD:C3:23
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.40.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8c:4e:30:94:8d:a8:79:35:03:ea:01:de:fb:e3:bd:39:ce:f9:
ac:be:e6:4a:75:63:39:f8:dc:6f:a9:81:45:47:a6:97:9d:8e:
3e:4d:9a:70:a2:85:b5:1c:6a:82:5a:5b:c5:02:76:54:1a:8b:
f3:b1:9b:f7:56:d6:c6:91:73:e5:3c:a3:b2:55:73:97:02:f4:
36:fc:86:71:11:a9:3e:30:ab:5d:3c:16:4a:e9:34:84:01:8a:
a9:da:14:62:19:1e:8b:74:a9:a7:f8:5e:8a:e8:d7:c6:94:a6:
e4:4d:29:c9:d7:88:3f:59:fe:fb:7d:59:c7:05:a4:d0:b8:33:
8c:3a:7b:9b:dd:69:89:03:81:a2:5f:fb:59:40:c9:cf:40:01:
cb:29:d4:5e:22:8c:d1:87:51:04:25:22:f8:a8:b7:88:a7:fa:
60:2f:88:09:66:45:a8:98:66:e8:96:4a:c7:01:3f:b4:84:0c:
47:c2:14:7b:7f:59:33:fa:c0:69:d2:d4:78:a3:a3:2f:09:34:
55:0c:0b:16:25:a4:d9:cb:45:a5:d8:87:1b:b8:6e:03:e1:43:
46:c8:96:ed:c3:fc:ee:12:08:44:d6:be:fb:ec:79:0b:72:35:
e2:c0:c7:24:19:e9:ff:9f:96:d9:62:03:5d:f5:ee:0f:4c:a3:
d6:9c:5d:42
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSj8PjsyyFaahKOgyk1SoFEQ3W7swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDgzZmZlZDE4M2RlZTc1ZThlYmQ3NDQ5MzZmYWIyNTlmNmNlODUyZjcxNGVh
Y2NjZDYxZDNjYzFlOTRhY2M5NjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAInXaIWQLKo1SZYo9IMTz3lOcAL1mMle7rWyGRYEnA+GjZ9cEydwmeh21INo
Byi3tcWO6SzC1QQoombAgqyi9PmV+yOlucI5I3uNA+vrFu7YGIveqMikArzNPBtV
kGC8DQ4joluV+IXyLpYBnZz2G6kxNDvh4vLXH9HgEzS9O2nx06qZK80EThK4F3ec
f0agZVNc1MHgg+xPlp8xXvtFUgO3H9MDn03q0J+rlQUXG0k8Uc4nOAyKmwyGT9Ev
rJiGmMBKI5oXgvqzHxvG7WJf5BgmzO8xFJhoCDe3BBFFAoMZ7hmHkYnVXNdqHM8N
tigbgTl9rhheUsIxtWkKkoEEb4sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRiKY8u
9Xwq0fc323SfaToaL63DIzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGU4M2FiMGQtNzMwZS00YmEwLTlkMjItYWYyYzhiN2ZkOGY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMoMA0G
CSqGSIb3DQEBCwUAA4IBAQCMTjCUjah5NQPqAd774705zvmsvuZKdWM5+NxvqYFF
R6aXnY4+TZpwooW1HGqCWlvFAnZUGovzsZv3VtbGkXPlPKOyVXOXAvQ2/IZxEak+
MKtdPBZK6TSEAYqp2hRiGR6LdKmn+F6K6NfGlKbkTSnJ14g/Wf77fVnHBaTQuDOM
Onub3WmJA4GiX/tZQMnPQAHLKdReIozRh1EEJSL4qLeIp/pgL4gJZkWomGbolkrH
AT+0hAxHwhR7f1kz+sBp0tR4o6MvCTRVDAsWJaTZy0Wl2IcbuG4D4UNGyJbtw/zu
EghE1r777HkLcjXiwMckGen/n5bZYgNd9e4PTKPWnF1C
-----END CERTIFICATE-----
Generated at Sat Apr 20 02:38:45 2024 by rpki-client on console-ams.rpki-client.org