Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f9c2130f-6f88-42ac-853e-f39d188adb6d.roa
File: f9c2130f-6f88-42ac-853e-f39d188adb6d.roa (raw, json)
Hash identifier: mtnS4W/AUi9e7wTzmYusjpiT76/mo0PIEjd2FPtqies=
Subject key identifier: 1D:AD:F2:AF:2F:DC:65:9E:E3:AC:F2:15:F1:C7:8F:42:17:10:08:DD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6F245BD9409CC0977EA1A4DE8163E3DB664A9DD5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f9c2130f-6f88-42ac-853e-f39d188adb6d.roa
Signing time: Sat 20 Apr 2024 00:00:00 +0000
ROA not before: Sat 20 Apr 2024 00:00:00 +0000
ROA not after: Sat 25 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.232.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:24:5b:d9:40:9c:c0:97:7e:a1:a4:de:81:63:e3:db:66:4a:9d:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 20 00:00:00 2024 GMT
Not After : May 25 23:59:59 2024 GMT
Subject: serialNumber=788ef289b52ba5de0cbb0fcc0f750aabad29417ea87f9119f45b963003166244, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:63:ad:13:53:41:06:1a:81:70:78:e8:0e:6d:
1c:bb:da:27:4d:3d:16:3a:96:b3:87:51:7b:38:67:
a5:2c:f8:4b:7d:2a:bf:6b:dd:8b:06:d8:b3:2a:ac:
f2:07:d7:61:a0:b3:bd:59:82:4b:16:69:2b:22:5f:
19:4c:d7:c7:ab:01:e7:1d:47:ca:ad:6e:a9:53:82:
60:ed:bd:0e:88:57:ab:6e:d1:cd:58:9a:e3:74:4a:
e5:fd:02:07:1f:62:d9:52:9e:27:fa:fa:1a:15:a0:
2c:e4:6c:12:b3:41:c6:d6:62:89:ca:39:e1:c2:36:
30:43:dd:88:d6:f0:a5:e6:d6:32:09:77:b2:12:19:
1d:af:e7:09:6d:0c:0b:03:b0:f9:b8:eb:91:2d:33:
7c:d7:77:d6:73:1a:87:90:99:7a:c0:e8:48:d3:9e:
e6:32:7d:fe:be:e1:56:6e:1c:28:c2:37:72:3b:7c:
16:f1:27:eb:a1:9d:8c:08:77:76:6f:3b:d5:38:0d:
39:76:6b:6e:ea:34:0a:75:11:c7:eb:b5:2d:95:50:
16:1b:f8:4d:f8:fb:2a:6e:75:ac:02:63:65:37:ff:
1f:f0:ea:f5:6f:65:f2:f3:0e:3e:18:99:88:2c:ee:
f2:77:35:4d:cf:5c:f8:40:b3:e9:b1:73:10:d6:3d:
ec:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:AD:F2:AF:2F:DC:65:9E:E3:AC:F2:15:F1:C7:8F:42:17:10:08:DD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f9c2130f-6f88-42ac-853e-f39d188adb6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.232.0.0/15
Signature Algorithm: sha256WithRSAEncryption
44:4a:a7:b8:8c:cd:bc:47:bd:d5:2b:66:0b:fd:4e:07:fc:a5:
d1:49:c7:55:ec:81:66:8a:2a:89:0a:ab:ec:b8:1c:17:fe:9c:
80:e8:70:a7:cd:e1:d3:e3:67:99:2c:88:11:21:4c:2f:ea:6d:
b4:e4:1b:bf:0a:5c:95:4b:8d:88:f6:a5:10:43:b3:17:a9:73:
8c:22:c4:87:07:24:f3:4d:e5:bd:be:bd:8c:c8:0b:04:fa:80:
66:ff:44:ba:ff:05:d4:39:dc:5a:4d:5d:72:31:ec:70:00:0a:
f0:a2:04:0f:a3:7f:7c:7c:3b:44:df:5e:52:d1:42:36:4e:f3:
80:5e:f0:9f:05:07:56:a9:59:df:21:c1:86:17:c7:14:7e:e8:
35:ba:5e:06:9e:27:3b:1c:95:98:88:f1:36:ea:34:6e:7f:bc:
9e:3d:6b:50:3c:cb:22:b4:62:1c:2e:db:d4:79:3b:ce:77:d7:
40:af:ea:be:97:a2:42:43:03:c1:02:c3:47:a2:7b:d5:90:a8:
04:33:62:03:85:77:70:68:bb:f5:88:ad:4d:1f:9c:f1:2b:10:
81:87:79:08:00:f6:6c:3f:88:75:15:ec:ee:92:8d:0d:e7:03:
14:4f:8f:08:01:24:1a:43:f4:11:74:44:5c:41:5e:ea:90:7d:
71:f6:85:67
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbyRb2UCcwJd+oaTegWPj22ZKndUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjAwMDAwMDBaFw0yNDA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4OGVmMjg5YjUyYmE1ZGUwY2JiMGZjYzBmNzUwYWFiYWQyOTQxN2VhODdm
OTExOWY0NWI5NjMwMDMxNjYyNDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPljrRNTQQYagXB46A5tHLvaJ009FjqWs4dRezhnpSz4S30qv2vdiwbYsyqs
8gfXYaCzvVmCSxZpKyJfGUzXx6sB5x1Hyq1uqVOCYO29DohXq27RzVia43RK5f0C
Bx9i2VKeJ/r6GhWgLORsErNBxtZiico54cI2MEPdiNbwpebWMgl3shIZHa/nCW0M
CwOw+bjrkS0zfNd31nMah5CZesDoSNOe5jJ9/r7hVm4cKMI3cjt8FvEn66GdjAh3
dm871TgNOXZrbuo0CnURx+u1LZVQFhv4Tfj7Km51rAJjZTf/H/Dq9W9l8vMOPhiZ
iCzu8nc1Tc9c+ECz6bFzENY97CcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQdrfKv
L9xlnuOs8hXxx49CFxAI3TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjljMjEzMGYtNmY4OC00MmFjLTg1M2UtZjM5ZDE4OGFkYjZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPoMA0G
CSqGSIb3DQEBCwUAA4IBAQBESqe4jM28R73VK2YL/U4H/KXRScdV7IFmiiqJCqvs
uBwX/pyA6HCnzeHT42eZLIgRIUwv6m205Bu/ClyVS42I9qUQQ7MXqXOMIsSHByTz
TeW9vr2MyAsE+oBm/0S6/wXUOdxaTV1yMexwAArwogQPo398fDtE315S0UI2TvOA
XvCfBQdWqVnfIcGGF8cUfug1ul4Gnic7HJWYiPE26jRuf7yePWtQPMsitGIcLtvU
eTvOd9dAr+q+l6JCQwPBAsNHonvVkKgEM2IDhXdwaLv1iK1NH5zxKxCBh3kIAPZs
P4h1Fezuko0N5wMUT48IASQaQ/QRdERcQV7qkH1x9oVn
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org