Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1350b3cb-6def-4283-90f3-051faef7a4e3.roa
File: 1350b3cb-6def-4283-90f3-051faef7a4e3.roa (raw, json)
Hash identifier: MECur8omIyrKVOt2t8fs3YZdWUYW4GWy1vbpIZWStTc=
Subject key identifier: 88:01:CE:BE:AA:30:0F:E9:25:E6:27:19:98:18:4F:F7:AC:E1:89:C8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4BAAE843CB6B68AED65E6F466E200E4F9343078A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1350b3cb-6def-4283-90f3-051faef7a4e3.roa
Signing time: Tue 19 Nov 2024 00:00:00 +0000
ROA not before: Tue 19 Nov 2024 00:00:00 +0000
ROA not after: Tue 24 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.20.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:aa:e8:43:cb:6b:68:ae:d6:5e:6f:46:6e:20:0e:4f:93:43:07:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 19 00:00:00 2024 GMT
Not After : Dec 24 23:59:59 2024 GMT
Subject: serialNumber=782d0b36ef17649a6de96774913d44cff3a920a2c7f57583d2505247e22fd85e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:02:6f:d9:c2:eb:14:e5:79:41:5f:2e:e4:77:
ab:b7:dc:bc:31:c5:4e:c5:a1:17:21:d2:76:30:d8:
3b:be:11:5e:f6:f7:0e:ff:71:f1:72:bd:97:b7:74:
59:4d:31:1a:03:cf:22:c9:10:f7:9e:e8:71:b6:de:
3b:75:69:14:6b:01:4d:b0:80:0f:39:c2:2c:24:83:
d2:ed:3d:1e:64:54:bd:3c:5f:7f:bb:4e:57:c0:99:
a1:04:20:f6:8c:1d:26:99:fe:ae:50:2f:ab:dc:b2:
06:2f:57:2f:c5:32:1d:13:18:e4:aa:6f:02:c9:ed:
3a:08:31:98:0b:2e:fb:e4:74:73:54:73:8b:50:d6:
1a:a7:1c:0e:73:85:fd:3c:8d:b8:48:9a:f8:ef:a7:
b0:bc:c6:5b:59:bd:da:43:20:f5:0b:df:fa:b9:9c:
76:83:3c:60:54:46:9b:85:13:37:e2:aa:07:0d:ad:
00:37:dc:89:58:e3:ea:de:69:93:76:10:92:84:13:
91:f6:c8:5a:b6:bc:9a:a7:83:48:c3:20:ee:3b:56:
b1:4c:00:fb:be:e3:90:fa:c4:19:b2:64:19:4f:66:
fe:34:c1:4a:64:21:53:bd:70:18:5a:8b:50:8a:0b:
d6:73:5e:9c:3c:8c:e7:1a:12:7e:81:eb:51:d9:de:
25:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:01:CE:BE:AA:30:0F:E9:25:E6:27:19:98:18:4F:F7:AC:E1:89:C8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1350b3cb-6def-4283-90f3-051faef7a4e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.20.0.0/14
Signature Algorithm: sha256WithRSAEncryption
2d:76:30:00:e9:05:60:b2:a4:71:e2:de:8d:e0:f4:9f:66:18:
c1:1a:01:b3:46:b0:40:e2:ca:db:ae:14:13:38:7d:8d:5e:af:
14:2d:b6:80:bd:25:61:b3:09:c1:f9:8e:96:07:4f:ff:14:7e:
f6:ee:b0:04:9c:30:8f:e5:0c:ea:c4:4e:78:c7:5b:dc:14:31:
33:93:9f:02:15:89:9a:c3:8c:76:02:ec:f9:87:28:38:6e:43:
a7:ff:d9:7b:c0:5a:11:1a:a7:b3:5e:46:7d:fd:08:a9:52:7e:
bf:23:5b:df:cb:21:68:88:1b:8e:10:3f:ba:82:8e:9a:75:d1:
82:54:fe:0b:4e:4b:cc:48:04:fc:be:b3:47:2c:f6:f6:fe:f3:
25:4a:e8:30:f2:87:2d:85:a4:1d:62:9b:57:0d:4b:42:93:e2:
27:19:2a:41:be:3e:95:76:9f:6d:40:51:8a:76:d9:d1:72:e4:
56:4d:6d:7c:c3:09:d7:71:52:e3:55:26:11:2e:17:dd:72:50:
96:b5:c8:38:ee:60:a3:6b:3d:00:a9:44:77:33:45:58:a7:cf:
3a:f6:b6:2a:64:59:7c:be:d7:1e:b1:04:8e:ce:35:9d:b9:4e:
f9:63:a8:fc:ad:b4:97:17:65:47:ee:15:73:0a:86:e8:c4:b7:
5a:00:07:2e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUS6roQ8traK7WXm9GbiAOT5NDB4owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTkwMDAwMDBaFw0yNDEyMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4MmQwYjM2ZWYxNzY0OWE2ZGU5Njc3NDkxM2Q0NGNmZjNhOTIwYTJjN2Y1
NzU4M2QyNTA1MjQ3ZTIyZmQ4NWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOECb9nC6xTleUFfLuR3q7fcvDHFTsWhFyHSdjDYO74RXvb3Dv9x8XK9l7d0
WU0xGgPPIskQ957ocbbeO3VpFGsBTbCADznCLCSD0u09HmRUvTxff7tOV8CZoQQg
9owdJpn+rlAvq9yyBi9XL8UyHRMY5KpvAsntOggxmAsu++R0c1Rzi1DWGqccDnOF
/TyNuEia+O+nsLzGW1m92kMg9Qvf+rmcdoM8YFRGm4UTN+KqBw2tADfciVjj6t5p
k3YQkoQTkfbIWra8mqeDSMMg7jtWsUwA+77jkPrEGbJkGU9m/jTBSmQhU71wGFqL
UIoL1nNenDyM5xoSfoHrUdneJXUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSIAc6+
qjAP6SXmJxmYGE/3rOGJyDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTM1MGIzY2ItNmRlZi00MjgzLTkwZjMtMDUxZmFlZjdhNGUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMUMA0G
CSqGSIb3DQEBCwUAA4IBAQAtdjAA6QVgsqRx4t6N4PSfZhjBGgGzRrBA4srbrhQT
OH2NXq8ULbaAvSVhswnB+Y6WB0//FH727rAEnDCP5QzqxE54x1vcFDEzk58CFYma
w4x2Auz5hyg4bkOn/9l7wFoRGqezXkZ9/QipUn6/I1vfyyFoiBuOED+6go6addGC
VP4LTkvMSAT8vrNHLPb2/vMlSugw8octhaQdYptXDUtCk+InGSpBvj6Vdp9tQFGK
dtnRcuRWTW18wwnXcVLjVSYRLhfdclCWtcg47mCjaz0AqUR3M0VYp8869rYqZFl8
vtcesQSOzjWduU75Y6j8rbSXF2VH7hVzCoboxLdaAAcu
-----END CERTIFICATE-----
Generated at Sun Nov 24 21:43:49 2024 by rpki-client on console-ams.rpki-client.org