Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f7ff52a8-9cd5-4878-bf2f-18941574c9bd.roa
File: f7ff52a8-9cd5-4878-bf2f-18941574c9bd.roa (raw, json)
Hash identifier: gu34mul4YSISnN9E6q/76017ClYkNevHNlvlY8gb1Ks=
Subject key identifier: 43:F9:52:94:C2:19:52:7B:E5:9A:E7:B7:16:E6:6E:EC:49:61:BB:6C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 38FB257C7384CD171C2D2AE67DD6AD9E88A9E86D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f7ff52a8-9cd5-4878-bf2f-18941574c9bd.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.188.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 00:45:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:fb:25:7c:73:84:cd:17:1c:2d:2a:e6:7d:d6:ad:9e:88:a9:e8:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=6f73cb80c08d2eccc4bee16bf933b8dc17999a9b56544a3f2d4046b007f2e979, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:63:d1:74:4b:8f:1e:11:4c:60:a8:66:6a:7e:
0f:50:6a:e5:cf:b8:92:6e:9b:02:92:42:96:e4:da:
ec:c4:5f:d2:41:b5:5e:55:68:ec:a2:56:d1:69:8b:
ef:a2:64:03:24:52:d0:64:ec:80:14:f6:62:26:5c:
67:76:42:b5:e0:f0:61:62:c3:f1:ce:8f:41:64:f9:
ed:aa:6c:39:07:21:30:9f:a2:26:1f:99:52:ea:12:
75:26:d9:0f:8d:c1:e5:db:6d:20:3b:96:3f:a1:1b:
7d:34:b9:3c:31:ed:fa:d3:7b:ee:3d:a9:fa:47:bf:
b5:d7:46:13:7c:88:34:23:f2:ea:be:e9:fc:e5:dd:
da:54:09:21:9a:38:8a:c8:09:ce:20:c1:c2:77:74:
b5:bc:8d:65:1c:e0:ad:c3:72:04:ab:07:84:4e:cf:
c7:d1:59:2e:2f:07:98:d4:11:30:59:39:72:5c:3d:
b9:e5:f9:7f:1c:82:2e:b4:88:4c:b5:fc:50:0d:c9:
10:89:1d:c6:a8:49:29:b3:73:d3:d2:ba:3c:67:7d:
a3:b6:6d:0b:07:f2:3a:d7:2d:37:4d:d3:a9:60:42:
a0:f9:5a:37:60:4b:7d:c1:63:19:62:d8:84:e8:54:
3b:37:16:98:74:39:89:73:45:ed:d7:89:fa:92:a1:
d9:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:F9:52:94:C2:19:52:7B:E5:9A:E7:B7:16:E6:6E:EC:49:61:BB:6C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f7ff52a8-9cd5-4878-bf2f-18941574c9bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.188.0.0/15
Signature Algorithm: sha256WithRSAEncryption
69:63:92:35:2b:6d:0f:56:5f:8f:2a:e0:03:68:38:cc:56:41:
16:9a:72:33:4e:06:01:fa:2c:a6:4a:27:3a:2a:d5:23:74:84:
46:57:d2:9c:ed:eb:10:fe:b3:cd:33:74:d4:34:28:d7:09:51:
be:8f:6b:0d:07:f1:b7:1d:95:21:6c:ef:d3:fa:78:7c:65:76:
59:9e:d1:a3:50:fe:c2:47:4c:24:d5:4e:68:3f:56:25:2a:71:
b1:ed:16:71:e9:97:08:5e:c7:10:eb:2c:d6:18:8d:79:64:62:
af:59:3d:ea:be:59:97:cb:ab:82:cd:40:69:c2:3a:98:a0:8f:
24:27:0f:b0:dd:83:0b:3e:d3:15:92:47:bd:b3:6d:05:6d:70:
38:f0:95:bb:6a:cc:ca:e1:1b:f4:7a:01:7c:d9:2a:fd:cd:2f:
47:d7:b1:91:05:69:41:94:d0:ed:f6:2e:a8:1d:5e:8a:83:3f:
15:48:6c:3f:4f:af:db:b8:bc:6d:cc:de:2e:4e:51:13:24:59:
f8:e1:00:25:1c:9e:1f:59:d6:0e:06:0f:e4:30:45:47:f3:fd:
11:1f:eb:c0:fe:d1:72:0d:63:44:25:be:77:d7:23:29:5a:f7:
d5:b0:19:26:58:fe:be:5f:12:df:04:25:d6:81:32:bd:89:14:
53:1c:54:b8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOPslfHOEzRccLSrmfdatnoip6G0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDZmNzNjYjgwYzA4ZDJlY2NjNGJlZTE2YmY5MzNiOGRjMTc5OTlhOWI1NjU0
NGEzZjJkNDA0NmIwMDdmMmU5NzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALBj0XRLjx4RTGCoZmp+D1Bq5c+4km6bApJCluTa7MRf0kG1XlVo7KJW0WmL
76JkAyRS0GTsgBT2YiZcZ3ZCteDwYWLD8c6PQWT57apsOQchMJ+iJh+ZUuoSdSbZ
D43B5dttIDuWP6EbfTS5PDHt+tN77j2p+ke/tddGE3yINCPy6r7p/OXd2lQJIZo4
isgJziDBwnd0tbyNZRzgrcNyBKsHhE7Px9FZLi8HmNQRMFk5clw9ueX5fxyCLrSI
TLX8UA3JEIkdxqhJKbNz09K6PGd9o7ZtCwfyOtctN03TqWBCoPlaN2BLfcFjGWLY
hOhUOzcWmHQ5iXNF7deJ+pKh2dUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRD+VKU
whlSe+Wa57cW5m7sSWG7bDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjdmZjUyYTgtOWNkNS00ODc4LWJmMmYtMTg5NDE1NzRjOWJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO8MA0G
CSqGSIb3DQEBCwUAA4IBAQBpY5I1K20PVl+PKuADaDjMVkEWmnIzTgYB+iymSic6
KtUjdIRGV9Kc7esQ/rPNM3TUNCjXCVG+j2sNB/G3HZUhbO/T+nh8ZXZZntGjUP7C
R0wk1U5oP1YlKnGx7RZx6ZcIXscQ6yzWGI15ZGKvWT3qvlmXy6uCzUBpwjqYoI8k
Jw+w3YMLPtMVkke9s20FbXA48JW7aszK4Rv0egF82Sr9zS9H17GRBWlBlNDt9i6o
HV6Kgz8VSGw/T6/buLxtzN4uTlETJFn44QAlHJ4fWdYOBg/kMEVH8/0RH+vA/tFy
DWNEJb531yMpWvfVsBkmWP6+XxLfBCXWgTK9iRRTHFS4
-----END CERTIFICATE-----
Generated at Sat Apr 20 02:38:45 2024 by rpki-client on console-ams.rpki-client.org