Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa
File: 179c664b-afae-4c21-9c97-2a2a3985d5b0.roa (raw, json)
Hash identifier: K8WDL60sT+vtgu2VNdPQyBLcjkHv1rpsuv3WGpBOwrA=
Subject key identifier: F2:A0:3F:19:5A:31:0D:6A:0C:45:D7:45:99:17:72:98:F3:92:1C:68
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 565A25497BB29913980B7A9F0D7A9C95FD5B127D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.117.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:5a:25:49:7b:b2:99:13:98:0b:7a:9f:0d:7a:9c:95:fd:5b:12:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=a7325bc17f886929daf31ded290e62e332331f07763660465e5359bb52c7ce7e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a9:a0:71:0e:11:4a:65:16:bc:14:3f:80:b0:
6b:88:4f:06:5d:36:61:a0:90:b9:93:e2:dc:a2:80:
6b:e8:92:f2:58:11:d2:40:13:be:f0:fa:95:54:32:
a4:b4:16:7b:9f:56:ad:f4:75:8b:df:97:d5:3c:ff:
8b:fa:fc:8a:a6:e4:5b:3b:47:4d:4d:d8:61:af:ff:
b4:99:f0:19:a9:c9:29:96:ee:35:0f:58:4d:83:8c:
c1:2c:ad:9c:71:4a:ca:b4:63:c9:46:3d:a1:34:04:
25:a8:bd:33:6d:0a:ea:11:b0:b2:8d:74:a6:79:b3:
9e:db:e5:ba:8d:53:1a:30:b7:c6:ca:31:17:d9:99:
e3:93:98:69:da:b9:35:67:fc:97:1d:6c:61:90:78:
e1:88:8a:6c:b2:55:25:71:51:e3:75:bc:c7:68:4b:
cd:07:6e:83:f5:b6:f9:29:55:04:9c:0b:12:21:50:
55:1b:e9:8e:b8:77:4d:1c:43:fd:84:88:6f:a0:a4:
7d:65:c7:c2:79:22:e7:c4:71:5d:12:7f:95:80:bc:
60:2a:8e:7d:ad:a6:4a:3c:67:dc:34:83:89:26:3f:
b1:c4:57:7a:95:dc:f4:52:2a:d3:9d:b3:00:74:83:
dd:cb:7b:15:70:4e:6a:7d:04:3f:4e:61:0e:a5:9f:
a9:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:A0:3F:19:5A:31:0D:6A:0C:45:D7:45:99:17:72:98:F3:92:1C:68
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.117.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a0:92:5f:00:bb:21:9b:df:11:12:84:0e:95:37:a3:d7:35:55:
f9:72:94:e4:19:c9:3c:b1:56:52:03:a9:3a:5e:2d:19:97:fe:
0d:c6:d1:18:bd:1b:01:5a:64:a7:d7:fa:ca:35:1a:97:f7:74:
5e:0f:70:19:91:7b:ec:da:4f:8b:3a:75:c8:47:07:bf:4c:2d:
40:88:d9:a8:68:f2:fa:f7:07:07:2c:6e:ec:44:a9:b5:e6:77:
d0:0e:a2:5d:cf:b9:4c:f8:76:6b:db:9e:93:ab:59:ec:d1:b3:
fa:fb:4d:e8:b6:8c:3d:78:ff:00:f0:ef:e8:6e:60:3d:09:33:
6d:f3:31:53:f3:5e:4c:55:5a:b5:0a:b6:70:3d:fb:5e:39:06:
29:56:3f:71:51:76:90:f3:db:b0:e3:6c:b6:2f:fc:be:4c:f5:
49:ff:e3:60:3d:cc:f9:2d:cf:8f:ff:53:ca:06:9f:52:6b:50:
44:ef:a6:e2:3e:af:40:8a:b4:be:2e:98:0c:39:6f:2c:90:b3:
3a:0a:81:92:46:38:dc:aa:7b:b2:a6:7a:cd:39:89:7c:bf:0f:
4f:7d:e2:9a:6f:3b:88:72:68:4f:ed:fb:3e:d8:64:d9:67:73:
42:1e:a4:66:3c:9e:10:e2:27:3d:01:ef:4c:a3:78:31:5c:3b:
91:f2:b6:24
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVlolSXuymROYC3qfDXqclf1bEn0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGE3MzI1YmMxN2Y4ODY5MjlkYWYzMWRlZDI5MGU2MmUzMzIzMzFmMDc3NjM2
NjA0NjVlNTM1OWJiNTJjN2NlN2UxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIqpoHEOEUplFrwUP4Cwa4hPBl02YaCQuZPi3KKAa+iS8lgR0kATvvD6lVQy
pLQWe59WrfR1i9+X1Tz/i/r8iqbkWztHTU3YYa//tJnwGanJKZbuNQ9YTYOMwSyt
nHFKyrRjyUY9oTQEJai9M20K6hGwso10pnmzntvluo1TGjC3xsoxF9mZ45OYadq5
NWf8lx1sYZB44YiKbLJVJXFR43W8x2hLzQdug/W2+SlVBJwLEiFQVRvpjrh3TRxD
/YSIb6CkfWXHwnki58RxXRJ/lYC8YCqOfa2mSjxn3DSDiSY/scRXepXc9FIq052z
AHSD3ct7FXBOan0EP05hDqWfqUkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTyoD8Z
WjENagxF10WZF3KY85IcaDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTc5YzY2NGItYWZhZS00YzIxLTljOTctMmEyYTM5ODVkNWIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN1MA0G
CSqGSIb3DQEBCwUAA4IBAQCgkl8AuyGb3xEShA6VN6PXNVX5cpTkGck8sVZSA6k6
Xi0Zl/4NxtEYvRsBWmSn1/rKNRqX93ReD3AZkXvs2k+LOnXIRwe/TC1AiNmoaPL6
9wcHLG7sRKm15nfQDqJdz7lM+HZr256Tq1ns0bP6+03otow9eP8A8O/obmA9CTNt
8zFT815MVVq1CrZwPfteOQYpVj9xUXaQ89uw42y2L/y+TPVJ/+NgPcz5Lc+P/1PK
Bp9Sa1BE76biPq9AirS+LpgMOW8skLM6CoGSRjjcqnuypnrNOYl8vw9PfeKabzuI
cmhP7fs+2GTZZ3NCHqRmPJ4Q4ic9Ae9Mo3gxXDuR8rYk
-----END CERTIFICATE-----
Generated at Sun Nov 24 20:58:06 2024 by rpki-client on console-fra.rpki-client.org