Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa
File: f0b62efe-867d-4733-9b0c-8354a04195f8.roa (raw, json)
Hash identifier: qHI5b5smeo3QA/IuhejkekAfUP99pf2/5t7/La9JjX8=
Subject key identifier: 32:E5:88:BE:AD:CD:21:58:5D:4F:AC:96:63:98:10:2E:07:D1:48:5E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0F443F2A26FC173145067A3F940EA5FEAD8D216E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.128.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:44:3f:2a:26:fc:17:31:45:06:7a:3f:94:0e:a5:fe:ad:8d:21:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=ad4ceb5041333c0cd5b18c9ed948e1312f42f0a2135b7b32e0b4d2de0d6cf2c5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e0:6b:86:db:28:ab:6d:58:e9:41:53:e1:66:
7c:25:d7:08:83:44:69:38:0f:36:f6:cf:de:b0:91:
b6:fc:24:b0:20:1c:9a:9b:d1:b0:fa:0a:f6:44:c8:
ca:19:4b:1d:1d:1e:3c:41:73:76:2a:ac:bf:19:b6:
60:86:dc:58:33:e0:d4:70:5b:6b:f5:c8:18:24:63:
ad:4f:7c:ba:59:ff:65:2a:e0:ce:83:a2:28:02:15:
09:6a:22:70:ad:cc:45:3f:8b:d0:8f:9e:d6:de:b6:
e0:ad:39:b1:29:85:ba:7e:2d:02:4a:75:db:39:51:
f4:94:df:2b:0c:fe:27:80:3b:6b:bd:51:a8:d9:55:
3f:a4:4d:89:66:e5:ee:5a:70:df:1b:b1:59:11:3b:
48:fd:b9:52:2a:ef:46:66:38:4b:f0:62:d0:6f:be:
f8:39:9a:17:26:f3:39:ba:94:bb:ff:d5:c9:dd:76:
43:fd:6b:c0:84:8c:de:e5:84:bf:8d:f7:70:af:2b:
d8:2f:70:fb:36:a6:a9:59:2a:69:8e:d8:76:23:27:
76:92:20:ee:d6:3d:d6:8f:d1:07:53:a2:ae:a5:32:
a1:9c:39:bb:2e:b8:e8:cb:b2:84:01:e1:24:7c:d6:
62:f8:c5:f3:8a:04:ac:27:47:56:4d:ec:89:34:71:
3e:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:E5:88:BE:AD:CD:21:58:5D:4F:AC:96:63:98:10:2E:07:D1:48:5E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.128.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4d:52:9c:a8:e4:6d:ee:23:63:ac:ba:0b:f3:a3:2e:74:be:82:
95:cc:f4:70:a0:5a:31:b8:bd:68:c9:24:bd:0c:af:b1:e9:35:
67:cd:f1:b7:8c:99:2b:54:34:ae:63:5b:9c:67:4a:c9:d5:9a:
a3:21:a1:5d:51:f2:fe:30:27:70:4e:05:db:d8:6e:44:84:3b:
3f:cc:80:a4:20:0b:3a:28:55:e0:e2:e7:2b:13:32:cf:67:44:
ab:d1:96:78:20:43:b2:27:e6:4f:71:84:fe:b8:a2:28:50:3f:
18:89:4c:e9:15:32:2f:c5:02:b2:42:f3:39:21:f6:e1:4c:cf:
5e:f9:07:99:ad:9c:d7:3d:5c:58:56:9b:5f:5d:9b:e3:90:b4:
05:05:4c:44:ae:eb:45:b6:ba:c1:48:28:88:d9:00:7c:be:d5:
93:55:38:fc:bb:e7:11:5b:05:ea:62:79:8b:24:52:f7:7b:cb:
7b:12:be:63:15:ac:9f:37:9a:2f:5c:50:ee:38:95:75:21:14:
d3:e6:64:94:bc:f6:aa:f9:69:ad:79:15:b8:4f:3b:31:01:33:
fd:11:6b:52:d2:be:35:19:22:ff:17:dc:5d:c9:48:b9:c4:1e:
88:cd:86:e0:8d:e0:df:32:b7:27:c8:c6:1d:cd:71:2b:26:32:
ba:42:5f:8a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUD0Q/Kib8FzFFBno/lA6l/q2NIW4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGFkNGNlYjUwNDEzMzNjMGNkNWIxOGM5ZWQ5NDhlMTMxMmY0MmYwYTIxMzVi
N2IzMmUwYjRkMmRlMGQ2Y2YyYzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALvga4bbKKttWOlBU+FmfCXXCINEaTgPNvbP3rCRtvwksCAcmpvRsPoK9kTI
yhlLHR0ePEFzdiqsvxm2YIbcWDPg1HBba/XIGCRjrU98uln/ZSrgzoOiKAIVCWoi
cK3MRT+L0I+e1t624K05sSmFun4tAkp12zlR9JTfKwz+J4A7a71RqNlVP6RNiWbl
7lpw3xuxWRE7SP25UirvRmY4S/Bi0G+++DmaFybzObqUu//Vyd12Q/1rwISM3uWE
v433cK8r2C9w+zamqVkqaY7YdiMndpIg7tY91o/RB1OirqUyoZw5uy646MuyhAHh
JHzWYvjF84oErCdHVk3siTRxPtkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQy5Yi+
rc0hWF1PrJZjmBAuB9FIXjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjBiNjJlZmUtODY3ZC00NzMzLTliMGMtODM1NGEwNDE5NWY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOAMA0G
CSqGSIb3DQEBCwUAA4IBAQBNUpyo5G3uI2Osugvzoy50voKVzPRwoFoxuL1oySS9
DK+x6TVnzfG3jJkrVDSuY1ucZ0rJ1ZqjIaFdUfL+MCdwTgXb2G5EhDs/zICkIAs6
KFXg4ucrEzLPZ0Sr0ZZ4IEOyJ+ZPcYT+uKIoUD8YiUzpFTIvxQKyQvM5IfbhTM9e
+QeZrZzXPVxYVptfXZvjkLQFBUxErutFtrrBSCiI2QB8vtWTVTj8u+cRWwXqYnmL
JFL3e8t7Er5jFayfN5ovXFDuOJV1IRTT5mSUvPaq+WmteRW4TzsxATP9EWtS0r41
GSL/F9xdyUi5xB6IzYbgjeDfMrcnyMYdzXErJjK6Ql+K
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:52:16 2024 by rpki-client on console-ams.rpki-client.org