Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
File: fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa (raw, json)
Hash identifier: 7Bmuvo3RJp+c/1ajgZyoix23SffGBbsVYisX+Qrr3iI=
Subject key identifier: 5A:96:97:14:E3:87:31:0F:2F:4B:B4:46:13:30:83:70:8A:67:08:BE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3D6AAA91238BCF01BDB9764811A4D7080E2FCEEC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.184.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:6a:aa:91:23:8b:cf:01:bd:b9:76:48:11:a4:d7:08:0e:2f:ce:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=f8fbef4e83cb0e114e52a004d92392f514ee01e33731f6e3154460124b4d6f0a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:0f:c7:7d:be:5b:8d:81:86:25:7a:72:76:6b:
b6:8c:4a:67:28:63:67:38:91:15:16:6e:73:bd:6c:
1f:a2:c4:6e:3e:7b:b2:fc:32:8a:35:07:a6:c8:94:
b9:b0:49:f8:5f:f0:63:b9:c4:ea:77:ec:d2:a8:27:
29:71:a3:c4:d3:a3:44:fa:5a:a1:58:4f:63:fe:b2:
80:28:7f:7e:17:63:55:24:b6:f8:11:52:ee:62:63:
97:cd:85:28:a7:c6:df:44:d2:c7:e3:db:57:32:df:
d2:25:fd:c0:ec:a6:04:e5:14:a5:bc:3d:94:91:cd:
ae:8c:05:57:a3:e2:10:27:18:24:d7:5f:26:a4:50:
f2:4b:58:b7:e8:55:b0:1d:6e:8a:1f:71:c1:9c:51:
88:50:38:4f:0a:09:1e:78:d1:f5:37:ae:64:b7:f9:
db:61:59:0b:f6:6c:74:24:ef:9b:2f:7c:8e:f4:51:
31:c3:40:69:b0:99:38:cd:01:96:8e:03:5c:92:dc:
9a:fd:f0:d7:03:0b:3d:51:13:9c:d3:6b:b7:a2:32:
42:12:b9:54:4c:2e:77:0b:d1:ad:b4:7f:09:60:34:
a4:00:3d:b1:e8:ed:8b:39:fd:8b:d2:f3:a0:1c:29:
9f:7a:8c:76:bf:6e:20:0a:d0:b3:ec:26:b1:26:8a:
05:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:96:97:14:E3:87:31:0F:2F:4B:B4:46:13:30:83:70:8A:67:08:BE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.184.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b6:98:cb:d5:e2:6f:1a:40:d7:16:e7:61:b4:4c:2e:a2:73:5e:
82:e1:88:ec:54:4b:55:76:9f:78:2d:6a:87:f0:8c:7d:be:0b:
9b:44:cb:55:16:85:1b:fc:78:b1:13:4b:8a:41:bf:75:57:e5:
80:d3:47:bb:4a:7d:29:14:e0:32:ec:1c:2c:85:5c:e8:95:b2:
68:5b:dc:4b:04:ef:b9:04:3a:8e:ca:db:1b:90:fb:6f:2d:f8:
4c:57:84:c6:62:79:78:c0:6e:31:2a:0f:3a:e2:f2:82:a1:2d:
75:d1:61:82:f9:91:5b:83:44:5e:b1:87:14:d5:85:b7:0c:c0:
76:ed:a2:96:c3:e8:27:27:5b:d8:86:1e:f5:02:88:0c:eb:cf:
12:52:2e:fe:e9:b3:3a:bb:26:f5:44:17:5f:d5:ad:95:f9:d7:
31:2d:52:0c:35:13:09:f4:61:f1:b1:e6:da:c7:7a:b4:0e:3c:
ca:9c:75:c8:00:d3:0e:55:eb:37:9c:71:55:4a:7c:28:0d:7d:
40:04:1d:3e:a7:f3:72:d0:e1:52:a1:65:a9:90:49:27:a9:46:
35:c1:a5:6d:b5:9e:a6:69:14:6c:61:a0:fc:d8:89:7f:ba:b7:
f2:28:6d:89:57:2a:ec:c3:f4:91:07:0f:3b:d6:5a:8f:ce:6e:
c7:ae:22:f4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPWqqkSOLzwG9uXZIEaTXCA4vzuwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGY4ZmJlZjRlODNjYjBlMTE0ZTUyYTAwNGQ5MjM5MmY1MTRlZTAxZTMzNzMx
ZjZlMzE1NDQ2MDEyNGI0ZDZmMGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANYPx32+W42BhiV6cnZrtoxKZyhjZziRFRZuc71sH6LEbj57svwyijUHpsiU
ubBJ+F/wY7nE6nfs0qgnKXGjxNOjRPpaoVhPY/6ygCh/fhdjVSS2+BFS7mJjl82F
KKfG30TSx+PbVzLf0iX9wOymBOUUpbw9lJHNrowFV6PiECcYJNdfJqRQ8ktYt+hV
sB1uih9xwZxRiFA4TwoJHnjR9TeuZLf522FZC/ZsdCTvmy98jvRRMcNAabCZOM0B
lo4DXJLcmv3w1wMLPVETnNNrt6IyQhK5VEwudwvRrbR/CWA0pAA9sejtizn9i9Lz
oBwpn3qMdr9uIArQs+wmsSaKBc8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRalpcU
44cxDy9LtEYTMINwimcIvjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmU0YTFjZGMtMWYyMi00ZTgxLWE0NTUtZjY5NjY1Zjk3M2YwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO4MA0G
CSqGSIb3DQEBCwUAA4IBAQC2mMvV4m8aQNcW52G0TC6ic16C4YjsVEtVdp94LWqH
8Ix9vgubRMtVFoUb/HixE0uKQb91V+WA00e7Sn0pFOAy7BwshVzolbJoW9xLBO+5
BDqOytsbkPtvLfhMV4TGYnl4wG4xKg864vKCoS110WGC+ZFbg0ResYcU1YW3DMB2
7aKWw+gnJ1vYhh71AogM688SUi7+6bM6uyb1RBdf1a2V+dcxLVIMNRMJ9GHxseba
x3q0DjzKnHXIANMOVes3nHFVSnwoDX1ABB0+p/Ny0OFSoWWpkEknqUY1waVttZ6m
aRRsYaD82Il/urfyKG2JVyrsw/SRBw871lqPzm7HriL0
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org