Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f09232b8-719a-44e7-87fb-14733ec6c6e8.roa
File: f09232b8-719a-44e7-87fb-14733ec6c6e8.roa (raw, json)
Hash identifier: 6jiVB5X20VUVpEt1WsrTarke41EBV3Y22adUstfxLQs=
Subject key identifier: 0F:1E:EF:F5:69:CA:FC:E9:C8:5F:33:62:38:BC:E5:90:3F:4F:8A:44
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6D91ADC079052595BBA229359596771788B6D7CA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f09232b8-719a-44e7-87fb-14733ec6c6e8.roa
Signing time: Tue 05 Mar 2024 00:00:00 +0000
ROA not before: Tue 05 Mar 2024 00:00:00 +0000
ROA not after: Tue 09 Apr 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.34.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 29 Mar 2024 21:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:91:ad:c0:79:05:25:95:bb:a2:29:35:95:96:77:17:88:b6:d7:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 00:00:00 2024 GMT
Not After : Apr 9 23:59:59 2024 GMT
Subject: serialNumber=b1f11ad4746516b1e3ef7698cf99659284f0a7e37363042639abf7af3d4e072e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:5c:c8:7e:88:f5:ff:cd:51:c0:b8:b1:81:00:
8b:02:84:7a:76:99:fa:0e:49:85:13:9a:e1:b3:36:
54:ad:e4:13:b0:20:be:2f:89:69:f9:ae:22:dd:19:
26:d9:64:42:33:f9:20:57:5a:07:4c:d8:a8:82:b3:
df:93:de:69:e2:76:a7:d6:e8:19:97:13:39:ea:7c:
c4:6f:de:91:22:89:e0:25:d9:66:95:c0:4f:3b:bf:
7b:4a:3b:44:36:17:08:83:36:12:3f:bb:c1:06:70:
13:95:99:f9:58:c0:df:88:0e:f6:95:09:a4:b7:5c:
7c:70:62:8f:31:ee:94:bc:30:e5:2c:95:da:bc:7b:
2d:c9:d4:5b:ed:07:8f:b5:bd:29:44:2d:c7:53:e2:
f2:a3:34:f5:9e:98:b2:bb:b1:d0:de:16:d0:5d:c2:
ac:e5:5c:82:77:54:a8:c2:9f:27:c0:ac:81:d1:41:
9f:cc:b7:03:e9:6d:23:03:12:b8:e7:b9:a0:b7:fa:
9f:7f:0d:93:38:ad:31:0f:78:5a:2f:63:c7:a5:4c:
c1:59:0a:0f:1e:a0:59:37:3d:fc:97:e5:2d:1b:8d:
48:f5:48:dd:30:8d:e9:66:3e:ba:83:44:a3:e0:df:
b9:9f:52:4d:f4:da:bd:85:7c:d3:62:31:ad:b9:9a:
6b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:1E:EF:F5:69:CA:FC:E9:C8:5F:33:62:38:BC:E5:90:3F:4F:8A:44
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f09232b8-719a-44e7-87fb-14733ec6c6e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.34.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a2:ba:85:95:a1:e8:01:54:b3:16:ff:59:38:07:ea:64:06:ce:
84:b9:e8:60:43:bc:a0:8a:51:d2:4b:5c:93:b3:32:51:71:86:
3e:df:b3:33:de:5b:5e:83:37:06:f5:a9:d6:92:0a:12:d4:b5:
56:08:5b:e6:8d:d3:b1:0f:b7:f1:6c:44:1a:8a:fc:93:39:24:
5b:5d:2b:5b:03:3d:1d:0f:65:6d:8b:4d:9b:0a:17:82:a1:bc:
63:43:94:ba:63:f0:ef:81:26:7e:52:c1:03:08:eb:1a:76:89:
3f:72:9b:8d:b9:e0:94:04:d8:7a:16:e3:80:63:b3:cf:a5:9f:
2b:b5:f2:ed:12:20:9d:c1:26:11:51:ca:99:36:08:a9:99:86:
da:73:b2:41:33:1e:7f:a8:cd:01:35:a9:8b:19:ae:37:78:55:
21:e9:a0:59:12:02:f4:da:40:41:e7:82:e5:33:3e:42:4f:e5:
f5:48:2c:f8:8b:d7:77:f2:52:1f:88:d1:58:86:0c:4d:98:07:
7b:43:b7:98:07:92:dd:46:48:f8:29:c8:cb:95:81:be:7a:bc:
ab:24:2b:fb:c8:23:ca:b7:de:e9:ea:53:cf:b0:4e:85:32:bb:
2a:93:b6:24:31:29:99:27:d8:91:88:21:51:7f:66:61:88:fb:
11:0d:3a:cb
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbZGtwHkFJZW7oik1lZZ3F4i218owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMDUwMDAwMDBaFw0yNDA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxZjExYWQ0NzQ2NTE2YjFlM2VmNzY5OGNmOTk2NTkyODRmMGE3ZTM3MzYz
MDQyNjM5YWJmN2FmM2Q0ZTA3MmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJRcyH6I9f/NUcC4sYEAiwKEenaZ+g5JhROa4bM2VK3kE7Agvi+JafmuIt0Z
JtlkQjP5IFdaB0zYqIKz35PeaeJ2p9boGZcTOep8xG/ekSKJ4CXZZpXATzu/e0o7
RDYXCIM2Ej+7wQZwE5WZ+VjA34gO9pUJpLdcfHBijzHulLww5SyV2rx7LcnUW+0H
j7W9KUQtx1Pi8qM09Z6Ysrux0N4W0F3CrOVcgndUqMKfJ8CsgdFBn8y3A+ltIwMS
uOe5oLf6n38NkzitMQ94Wi9jx6VMwVkKDx6gWTc9/JflLRuNSPVI3TCN6WY+uoNE
o+DfuZ9STfTavYV802Ixrbmaa3MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQPHu/1
acr86chfM2I4vOWQP0+KRDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjA5MjMyYjgtNzE5YS00NGU3LTg3ZmItMTQ3MzNlYzZjNmU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMiMA0G
CSqGSIb3DQEBCwUAA4IBAQCiuoWVoegBVLMW/1k4B+pkBs6EuehgQ7ygilHSS1yT
szJRcYY+37Mz3ltegzcG9anWkgoS1LVWCFvmjdOxD7fxbEQaivyTOSRbXStbAz0d
D2Vti02bCheCobxjQ5S6Y/DvgSZ+UsEDCOsadok/cpuNueCUBNh6FuOAY7PPpZ8r
tfLtEiCdwSYRUcqZNgipmYbac7JBMx5/qM0BNamLGa43eFUh6aBZEgL02kBB54Ll
Mz5CT+X1SCz4i9d38lIfiNFYhgxNmAd7Q7eYB5LdRkj4KcjLlYG+eryrJCv7yCPK
t97p6lPPsE6FMrsqk7YkMSmZJ9iRiCFRf2ZhiPsRDTrL
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:18:29 2024 by rpki-client on console-ams.rpki-client.org