Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fd04a54b-459a-491a-a013-59d0ed55825f.roa
File: fd04a54b-459a-491a-a013-59d0ed55825f.roa (raw, json)
Hash identifier: 9vCTkbybbkppVVGtvGsxLYuPvX/vSR8yprgqFvEg4Rg=
Subject key identifier: A0:0F:39:6C:CF:BF:66:33:E7:8A:0A:26:AC:75:15:33:18:EA:A7:4B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 29B88FD0455C94D55B01D20FA296C80BBCE7982C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fd04a54b-459a-491a-a013-59d0ed55825f.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.131.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:b8:8f:d0:45:5c:94:d5:5b:01:d2:0f:a2:96:c8:0b:bc:e7:98:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=5c1e6a0b95d49d07e7030747172630e2fc492171d584075bfbe2d33abc2193f8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:6f:3a:79:4c:d3:59:79:8f:39:7a:71:d6:e1:
ea:25:4b:94:05:56:9d:a9:67:a6:a1:a0:49:51:e5:
91:31:e6:4a:0a:80:25:46:f0:82:44:c7:dd:51:77:
b2:84:66:7f:85:c4:4d:21:30:32:4c:a1:28:41:fb:
1b:a6:fe:8c:fb:90:47:b9:0c:59:e0:71:8f:b8:c5:
46:cd:36:d8:25:56:86:32:ed:21:49:99:d2:4a:df:
f1:7e:6f:be:2e:4a:ff:e5:73:b8:03:0e:5f:26:82:
42:9d:0c:48:ce:88:a1:61:e6:b4:74:de:7b:ee:a8:
27:17:32:f9:ac:c5:74:06:3f:4e:00:f2:f8:ea:e7:
63:cd:88:78:62:32:08:b0:4e:57:25:7c:ad:9a:b1:
a5:ec:f4:5e:84:92:ea:51:5b:57:2e:f5:71:39:f5:
53:62:ad:9d:bd:24:61:69:31:4c:31:87:fe:bd:0f:
ba:d9:d6:e0:dc:1c:b6:e9:60:ea:be:10:8d:7b:aa:
48:91:1b:7f:16:d6:ee:e2:29:2e:eb:aa:fa:ce:07:
63:03:fe:9f:b3:26:66:38:0d:27:fc:3b:19:0b:a4:
06:d7:71:91:4d:90:a2:f1:64:49:c3:89:51:6d:24:
57:5f:06:30:7d:0e:f3:8d:78:b4:60:c1:ab:fb:3a:
6f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:0F:39:6C:CF:BF:66:33:E7:8A:0A:26:AC:75:15:33:18:EA:A7:4B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fd04a54b-459a-491a-a013-59d0ed55825f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.131.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ce:a6:10:01:b3:f4:83:dd:4d:53:75:12:58:c9:91:8d:9c:c1:
15:48:e2:44:97:b8:ac:63:40:85:e8:60:92:3d:8a:73:f5:79:
58:d4:c1:f0:0b:0a:74:0e:e8:f7:e0:da:6b:e5:73:a4:d7:af:
10:90:70:c8:7a:6a:af:31:7b:ce:2b:1a:38:2a:99:ea:f4:41:
c9:6f:5a:c9:39:57:d8:26:5d:7a:6a:93:ea:45:e4:de:1e:2e:
5b:5b:51:da:c0:66:1a:83:c6:27:31:30:f9:0e:3f:ab:bd:a2:
df:06:8a:c2:53:d3:3e:85:61:82:d6:14:f1:c0:13:d9:2a:cb:
ad:15:57:94:c8:d7:7e:ab:d3:0d:b8:fc:7c:1d:b7:62:b9:a1:
3c:d7:bd:be:c4:0a:f9:fe:18:ca:cd:29:99:08:d1:e9:91:bd:
01:09:c6:ba:95:40:32:27:d1:2c:ab:66:d1:66:26:b2:57:d6:
7f:53:f8:99:f6:65:ae:41:b5:b8:04:94:30:9d:92:42:3e:de:
e3:90:64:0b:77:60:bd:dd:19:7b:22:2d:1a:46:2a:f8:00:73:
48:93:de:ca:1a:37:97:c6:72:72:44:c6:38:3e:e3:43:a5:36:
1c:41:d0:a4:c3:63:e4:2f:fc:e0:6d:75:da:84:a5:db:2b:da:
74:9f:1f:27
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKbiP0EVclNVbAdIPopbIC7znmCwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjMWU2YTBiOTVkNDlkMDdlNzAzMDc0NzE3MjYzMGUyZmM0OTIxNzFkNTg0
MDc1YmZiZTJkMzNhYmMyMTkzZjgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL9vOnlM01l5jzl6cdbh6iVLlAVWnalnpqGgSVHlkTHmSgqAJUbwgkTH3VF3
soRmf4XETSEwMkyhKEH7G6b+jPuQR7kMWeBxj7jFRs022CVWhjLtIUmZ0krf8X5v
vi5K/+VzuAMOXyaCQp0MSM6IoWHmtHTee+6oJxcy+azFdAY/TgDy+OrnY82IeGIy
CLBOVyV8rZqxpez0XoSS6lFbVy71cTn1U2Ktnb0kYWkxTDGH/r0PutnW4Nwctulg
6r4QjXuqSJEbfxbW7uIpLuuq+s4HYwP+n7MmZjgNJ/w7GQukBtdxkU2QovFkScOJ
UW0kV18GMH0O8414tGDBq/s6b1kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSgDzls
z79mM+eKCiasdRUzGOqnSzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmQwNGE1NGItNDU5YS00OTFhLWEwMTMtNTlkMGVkNTU4MjVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADODMA0G
CSqGSIb3DQEBCwUAA4IBAQDOphABs/SD3U1TdRJYyZGNnMEVSOJEl7isY0CF6GCS
PYpz9XlY1MHwCwp0Duj34Npr5XOk168QkHDIemqvMXvOKxo4Kpnq9EHJb1rJOVfY
Jl16apPqReTeHi5bW1HawGYag8YnMTD5Dj+rvaLfBorCU9M+hWGC1hTxwBPZKsut
FVeUyNd+q9MNuPx8HbdiuaE8172+xAr5/hjKzSmZCNHpkb0BCca6lUAyJ9Esq2bR
ZiayV9Z/U/iZ9mWuQbW4BJQwnZJCPt7jkGQLd2C93Rl7Ii0aRir4AHNIk97KGjeX
xnJyRMY4PuNDpTYcQdCkw2PkL/zgbXXahKXbK9p0nx8n
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:52:16 2024 by rpki-client on console-ams.rpki-client.org