Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1c6a1167-c110-4a43-924e-7edbc1f49e2b.roa
File: 1c6a1167-c110-4a43-924e-7edbc1f49e2b.roa (raw, json)
Hash identifier: j6oyXQH9Hn2poUpMFG37LMqrLEusXhsA9DXCXHMTVnE=
Subject key identifier: 0B:69:33:46:70:F8:BA:3A:35:B4:FF:96:F1:FD:16:1D:F1:04:B7:EA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 541B112FD656A6B5592EA6FC339A54B95A158229
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1c6a1167-c110-4a43-924e-7edbc1f49e2b.roa
Signing time: Mon 11 Nov 2024 00:00:00 +0000
ROA not before: Mon 11 Nov 2024 00:00:00 +0000
ROA not after: Mon 16 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.206.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:1b:11:2f:d6:56:a6:b5:59:2e:a6:fc:33:9a:54:b9:5a:15:82:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 11 00:00:00 2024 GMT
Not After : Dec 16 23:59:59 2024 GMT
Subject: serialNumber=7db696c06c71618f2655ed9a67d069c92786fd35e9a4caa8b5f353c289ee0403, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6d:71:03:de:57:3d:6d:43:f5:01:e0:93:b6:
8f:f4:58:dd:41:99:d6:12:6a:f3:8f:a5:59:dd:da:
0d:f3:bb:41:6e:6d:75:92:06:1b:6f:15:4d:d8:6b:
9a:e9:f4:41:4d:61:fd:b2:e5:9a:39:45:8d:a7:69:
82:b0:8a:b0:99:83:29:e3:b6:0b:8a:e5:fb:13:a1:
ec:87:ed:eb:a9:fa:25:38:c9:77:e8:3b:8f:fe:1c:
fd:39:b1:61:3f:a0:63:08:66:36:18:11:74:b4:0a:
2b:0f:ae:f2:57:56:18:d5:ad:49:e8:c1:3f:fc:f4:
99:c7:d4:6b:2d:9e:b4:d6:34:4d:0b:e8:42:21:87:
78:b2:5e:be:53:9e:1d:f9:27:22:6f:85:f5:d1:c5:
af:dc:19:65:2a:39:22:05:69:b8:60:02:60:4b:75:
b5:03:82:e6:3f:d9:65:9b:35:0a:81:29:c1:87:a6:
2c:78:37:8c:51:c3:ff:75:c7:01:33:41:e7:12:2c:
2d:46:9e:e2:d7:f1:ad:96:38:b8:8c:6e:b3:a5:a8:
6c:08:9d:c0:fc:b6:7c:47:00:21:0e:be:3d:e2:5b:
59:bb:2f:eb:d5:fd:d4:07:26:e3:1c:b6:d2:a3:75:
ad:5e:83:08:47:c9:50:cf:dd:88:85:f5:ad:ab:e2:
5c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:69:33:46:70:F8:BA:3A:35:B4:FF:96:F1:FD:16:1D:F1:04:B7:EA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1c6a1167-c110-4a43-924e-7edbc1f49e2b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.206.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c7:1f:fe:84:d1:91:f2:f5:e2:86:d5:2c:1c:16:1f:3b:aa:95:
2a:7b:63:23:f3:83:74:0d:d5:2b:14:c4:89:f8:7e:ad:9b:dc:
e1:6d:30:4d:f1:dc:5e:6e:60:9c:ec:cf:9d:a1:1f:c2:28:1c:
c1:f4:33:c3:d5:97:cc:41:22:c5:2f:fa:da:01:dc:b9:8b:3d:
8c:a0:60:e7:1a:e8:53:68:a0:62:b5:54:5e:cb:55:67:49:d5:
23:86:72:95:7e:a6:18:12:73:46:e7:d4:52:b4:ae:b8:15:61:
de:f9:91:a6:b4:13:23:02:ba:f3:a4:80:4c:50:1e:35:90:b3:
2d:11:07:ca:e0:30:8e:f6:cf:f5:31:18:06:4d:27:4b:7b:e0:
55:66:9a:d7:12:b8:f7:eb:49:d4:7f:37:f7:e8:ad:24:7d:c4:
8a:26:65:61:e1:5f:22:f9:d0:e0:e3:5b:d1:f1:b1:9e:12:46:
d2:c9:4c:14:7a:9e:52:79:7b:6a:7f:ca:85:39:17:21:30:86:
9f:8b:2c:a9:2c:5b:81:f1:a9:45:d9:22:75:08:ca:a3:6f:6e:
b3:d2:73:f5:5f:8d:13:36:cf:01:c6:09:04:18:0b:7b:0f:ab:
87:74:ec:3f:a7:56:19:9d:c3:5a:93:75:5c:7c:91:f5:79:16:
a5:70:e2:66
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVBsRL9ZWprVZLqb8M5pUuVoVgikwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTEwMDAwMDBaFw0yNDEyMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDdkYjY5NmMwNmM3MTYxOGYyNjU1ZWQ5YTY3ZDA2OWM5Mjc4NmZkMzVlOWE0
Y2FhOGI1ZjM1M2MyODllZTA0MDMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKJtcQPeVz1tQ/UB4JO2j/RY3UGZ1hJq84+lWd3aDfO7QW5tdZIGG28VTdhr
mun0QU1h/bLlmjlFjadpgrCKsJmDKeO2C4rl+xOh7Ift66n6JTjJd+g7j/4c/Tmx
YT+gYwhmNhgRdLQKKw+u8ldWGNWtSejBP/z0mcfUay2etNY0TQvoQiGHeLJevlOe
HfknIm+F9dHFr9wZZSo5IgVpuGACYEt1tQOC5j/ZZZs1CoEpwYemLHg3jFHD/3XH
ATNB5xIsLUae4tfxrZY4uIxus6WobAidwPy2fEcAIQ6+PeJbWbsv69X91Acm4xy2
0qN1rV6DCEfJUM/diIX1raviXLMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQLaTNG
cPi6OjW0/5bx/RYd8QS36jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWM2YTExNjctYzExMC00YTQzLTkyNGUtN2VkYmMxZjQ5ZTJiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPOMA0G
CSqGSIb3DQEBCwUAA4IBAQDHH/6E0ZHy9eKG1SwcFh87qpUqe2Mj84N0DdUrFMSJ
+H6tm9zhbTBN8dxebmCc7M+doR/CKBzB9DPD1ZfMQSLFL/raAdy5iz2MoGDnGuhT
aKBitVRey1VnSdUjhnKVfqYYEnNG59RStK64FWHe+ZGmtBMjArrzpIBMUB41kLMt
EQfK4DCO9s/1MRgGTSdLe+BVZprXErj360nUfzf36K0kfcSKJmVh4V8i+dDg41vR
8bGeEkbSyUwUep5SeXtqf8qFORchMIafiyypLFuB8alF2SJ1CMqjb26z0nP1X40T
Ns8BxgkEGAt7D6uHdOw/p1YZncNak3VcfJH1eRalcOJm
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:27 2024 by rpki-client on console-ams.rpki-client.org