Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1db20bc8-3bbe-45ae-975a-e89becd95e47.roa
File: 1db20bc8-3bbe-45ae-975a-e89becd95e47.roa (raw, json)
Hash identifier: sCzA98BA0Pisd/6ufW4XdZ5x5GDPF7GIwx5HqD8Trjc=
Subject key identifier: C9:40:94:BF:27:63:97:00:B0:0F:25:8B:36:36:C3:8A:7A:2A:78:F0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 20677B45AE1E5F4A55E36EBA6E78490F06160F25
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1db20bc8-3bbe-45ae-975a-e89becd95e47.roa
Signing time: Tue 29 Oct 2024 00:00:00 +0000
ROA not before: Tue 29 Oct 2024 00:00:00 +0000
ROA not after: Tue 03 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.44.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:67:7b:45:ae:1e:5f:4a:55:e3:6e:ba:6e:78:49:0f:06:16:0f:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 29 00:00:00 2024 GMT
Not After : Dec 3 23:59:59 2024 GMT
Subject: serialNumber=ff966a781598c03182dc750a4b8579f7f80000aaa4eb5561a812719cc1d46560, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c8:6d:3e:13:91:fe:97:2a:7f:30:bb:78:8d:
8e:bb:42:28:53:88:df:59:0e:63:46:ee:61:e6:b3:
9e:05:9a:93:f0:d4:22:8d:5c:4f:90:15:25:df:34:
e6:2b:47:90:d8:3e:16:cb:25:fe:21:b4:a0:6f:4f:
3a:23:3a:e9:5d:21:5a:8e:f0:03:c1:d9:a5:e2:0b:
5b:0a:3c:89:b0:0b:af:6c:55:fc:ef:2e:36:37:ec:
f1:4f:f2:29:2b:77:8a:65:ae:da:74:5a:69:b2:b2:
bb:ab:a9:8b:f0:c9:eb:37:99:c3:6b:a8:e9:9d:e1:
44:8b:c1:32:d7:8b:01:5a:77:01:de:ed:4b:ec:0f:
6c:f2:b0:b7:54:c4:11:b7:2c:f0:26:fb:23:03:45:
32:18:87:cc:78:66:ed:f0:c3:17:69:4f:5d:ec:b0:
70:5b:b2:6b:bf:9e:a5:3d:54:d5:13:1a:26:3e:ee:
ff:8f:27:03:b5:53:f3:fb:78:1f:15:75:53:96:53:
47:b5:ef:d2:3b:72:78:75:c4:53:78:b1:96:e9:a5:
7e:4a:8c:0a:d8:38:97:d9:e0:72:43:ea:e1:05:dd:
6a:4e:91:27:6c:20:48:86:79:b3:66:2c:68:40:81:
1c:d9:aa:47:aa:7d:6a:fb:2d:be:27:9d:aa:90:ba:
13:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:40:94:BF:27:63:97:00:B0:0F:25:8B:36:36:C3:8A:7A:2A:78:F0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1db20bc8-3bbe-45ae-975a-e89becd95e47.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.44.0.0/14
Signature Algorithm: sha256WithRSAEncryption
00:c3:66:84:b9:78:83:88:1f:66:21:cb:2a:59:b7:56:e1:63:
b5:b8:c2:3d:80:c6:c4:69:27:47:36:06:a2:b9:13:3d:2e:15:
99:be:12:5e:18:df:b7:e6:b8:e2:1b:ed:a6:af:97:81:17:bb:
47:ba:b5:f1:6b:39:fd:04:1f:6c:52:41:45:7f:70:fd:8f:9d:
7a:0e:85:72:54:5f:0c:27:c0:b8:eb:06:fc:b5:82:7f:42:72:
05:90:4f:10:af:64:96:3e:3a:e7:72:24:52:0b:46:e7:9d:82:
07:e8:d8:60:72:ac:13:bd:98:ab:b5:f5:db:9b:16:d9:d2:9c:
b1:7b:83:a8:9e:40:19:b6:a3:4e:81:28:b9:34:9b:eb:c9:a8:
1e:34:14:15:3c:6f:03:d9:68:fb:aa:33:a4:c4:34:ea:ac:f3:
b6:a1:32:af:b2:5d:44:5a:0a:bc:40:2c:2f:75:3c:03:48:b5:
8a:3f:71:77:41:0c:e6:93:35:ae:b3:97:3b:25:c0:12:ee:b4:
fe:c8:75:f3:e0:42:92:95:39:d3:e6:fe:25:44:f8:e0:68:bb:
62:85:da:69:cb:7c:3d:19:8d:f0:12:c8:0a:98:61:20:8e:5c:
97:20:02:44:a7:88:c0:98:a9:f9:39:0c:92:e7:4a:ab:03:0a:
c5:d8:f4:6b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIGd7Ra4eX0pV4266bnhJDwYWDyUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEwMjkwMDAwMDBaFw0yNDEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmOTY2YTc4MTU5OGMwMzE4MmRjNzUwYTRiODU3OWY3ZjgwMDAwYWFhNGVi
NTU2MWE4MTI3MTljYzFkNDY1NjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJvIbT4Tkf6XKn8wu3iNjrtCKFOI31kOY0buYeazngWak/DUIo1cT5AVJd80
5itHkNg+Fssl/iG0oG9POiM66V0hWo7wA8HZpeILWwo8ibALr2xV/O8uNjfs8U/y
KSt3imWu2nRaabKyu6upi/DJ6zeZw2uo6Z3hRIvBMteLAVp3Ad7tS+wPbPKwt1TE
Ebcs8Cb7IwNFMhiHzHhm7fDDF2lPXeywcFuya7+epT1U1RMaJj7u/48nA7VT8/t4
HxV1U5ZTR7Xv0jtyeHXEU3ixlumlfkqMCtg4l9ngckPq4QXdak6RJ2wgSIZ5s2Ys
aECBHNmqR6p9avstviedqpC6EwMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTJQJS/
J2OXALAPJYs2NsOKeip48DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWRiMjBiYzgtM2JiZS00NWFlLTk3NWEtZTg5YmVjZDk1ZTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMsMA0G
CSqGSIb3DQEBCwUAA4IBAQAAw2aEuXiDiB9mIcsqWbdW4WO1uMI9gMbEaSdHNgai
uRM9LhWZvhJeGN+35rjiG+2mr5eBF7tHurXxazn9BB9sUkFFf3D9j516DoVyVF8M
J8C46wb8tYJ/QnIFkE8Qr2SWPjrnciRSC0bnnYIH6NhgcqwTvZirtfXbmxbZ0pyx
e4OonkAZtqNOgSi5NJvryageNBQVPG8D2Wj7qjOkxDTqrPO2oTKvsl1EWgq8QCwv
dTwDSLWKP3F3QQzmkzWus5c7JcAS7rT+yHXz4EKSlTnT5v4lRPjgaLtihdppy3w9
GY3wEsgKmGEgjlyXIAJEp4jAmKn5OQyS50qrAwrF2PRr
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:27 2024 by rpki-client on console-ams.rpki-client.org