Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/262e824a-a2cb-4415-9ee1-bbfcf897df99.roa
File: 262e824a-a2cb-4415-9ee1-bbfcf897df99.roa (raw, json)
Hash identifier: ddBlwdWnwQH+J/QQLwKuXn0a1ALBESGSIYjlMcnl61c=
Subject key identifier: D8:CF:5B:06:B0:00:BA:11:EB:85:1F:1F:D6:2A:16:07:69:99:6F:86
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 208C665D04B56BA9138611FE5605B558F4FFA227
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/262e824a-a2cb-4415-9ee1-bbfcf897df99.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 212.255.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:8c:66:5d:04:b5:6b:a9:13:86:11:fe:56:05:b5:58:f4:ff:a2:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=431a4c2d71f1542759cc1b87ae8b2a1eb664b434b7f203b7d77bfea3acdbe9ca, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:0d:a1:85:60:16:08:9c:b2:0d:be:74:7c:4a:
7a:7c:f2:ce:bd:87:6b:f8:a6:88:ce:1f:fd:8b:69:
2d:ff:4d:8a:15:7a:67:85:78:7c:38:ee:9b:0f:c6:
83:be:67:3a:51:7a:fe:b5:36:16:6b:60:7d:8e:6f:
96:7f:68:9c:c3:12:10:d7:51:40:be:b7:4b:b9:6f:
16:b0:e8:00:c9:ae:af:94:5b:a7:1b:4b:90:1f:00:
de:c5:fd:5f:39:d1:d2:c6:a6:2e:dd:7a:c4:7c:9d:
b2:58:a8:39:de:86:a2:1c:6d:9f:ae:7a:7f:69:08:
b4:d8:d0:6b:e6:85:08:68:6e:e3:bd:e8:34:af:4c:
9a:79:77:2d:e2:bf:8f:a6:4e:5b:ba:72:c8:05:00:
73:0a:67:a6:fb:b3:a0:e9:9c:57:65:b5:74:a3:d1:
91:2f:2a:57:9f:e6:2e:24:32:b8:10:ce:7f:84:1c:
39:0b:61:2f:4c:5f:c6:f1:cb:47:9c:5e:01:dc:d2:
cd:70:92:35:5a:6b:88:94:0f:32:fe:de:1b:28:37:
cd:23:70:98:98:9f:51:48:71:d9:7f:d2:41:48:cd:
12:3d:ec:a1:58:3a:64:71:12:d6:6c:a8:d7:4b:ec:
b6:1f:01:f7:04:c8:bb:74:74:12:69:fc:0c:6f:bf:
1d:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:CF:5B:06:B0:00:BA:11:EB:85:1F:1F:D6:2A:16:07:69:99:6F:86
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/262e824a-a2cb-4415-9ee1-bbfcf897df99.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.255.0.0/16
Signature Algorithm: sha256WithRSAEncryption
21:fe:e4:c8:4b:83:57:3c:f3:b9:32:2a:9f:5c:28:0e:e3:12:
d2:56:f6:5a:83:48:e2:a8:53:cb:8c:5f:1f:58:82:e5:6c:26:
06:45:68:65:48:43:03:3a:e3:e1:33:fc:5c:cc:25:d8:c2:bf:
d4:3f:c3:bc:56:9c:59:30:3e:eb:f5:96:ea:ee:a8:61:41:f1:
a7:f8:05:5c:dd:1f:d5:3e:21:48:8f:97:62:d6:92:bd:64:d7:
0e:40:b4:10:53:0b:2e:76:4b:34:c3:e5:ac:50:b2:89:4e:fc:
51:77:98:78:c3:de:88:69:a1:22:02:ab:e9:42:45:dc:9e:ee:
92:8f:24:17:80:d9:f6:b8:41:3f:5a:90:3c:2e:3f:87:45:23:
ed:a3:08:8f:66:8f:84:a9:92:75:20:c2:9d:46:43:3b:f8:0e:
a6:c1:ac:9b:c4:61:fd:c6:52:eb:67:c7:8f:48:8e:b9:4c:15:
27:bc:38:b1:a7:da:61:ab:4e:5e:e2:67:7a:1e:df:fb:99:54:
a0:46:b6:80:6c:29:4b:c3:17:79:00:86:69:b0:16:e6:0b:86:
66:1b:55:4b:4d:48:6b:c0:cf:dc:86:09:9a:f5:c0:a4:c2:a4:
52:28:3b:51:d1:77:59:48:81:b2:c8:85:69:67:3c:f2:14:ae:
b7:40:c4:7b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIIxmXQS1a6kThhH+VgW1WPT/oicwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDQzMWE0YzJkNzFmMTU0Mjc1OWNjMWI4N2FlOGIyYTFlYjY2NGI0MzRiN2Yy
MDNiN2Q3N2JmZWEzYWNkYmU5Y2ExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJkNoYVgFgicsg2+dHxKenzyzr2Ha/imiM4f/YtpLf9NihV6Z4V4fDjumw/G
g75nOlF6/rU2FmtgfY5vln9onMMSENdRQL63S7lvFrDoAMmur5RbpxtLkB8A3sX9
XznR0samLt16xHydslioOd6Gohxtn656f2kItNjQa+aFCGhu473oNK9Mmnl3LeK/
j6ZOW7pyyAUAcwpnpvuzoOmcV2W1dKPRkS8qV5/mLiQyuBDOf4QcOQthL0xfxvHL
R5xeAdzSzXCSNVpriJQPMv7eGyg3zSNwmJifUUhx2X/SQUjNEj3soVg6ZHES1myo
10vsth8B9wTIu3R0Emn8DG+/HckCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTYz1sG
sAC6EeuFHx/WKhYHaZlvhjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjYyZTgyNGEtYTJjYi00NDE1LTllZTEtYmJmY2Y4OTdkZjk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANT/MA0G
CSqGSIb3DQEBCwUAA4IBAQAh/uTIS4NXPPO5MiqfXCgO4xLSVvZag0jiqFPLjF8f
WILlbCYGRWhlSEMDOuPhM/xczCXYwr/UP8O8VpxZMD7r9Zbq7qhhQfGn+AVc3R/V
PiFIj5di1pK9ZNcOQLQQUwsudks0w+WsULKJTvxRd5h4w96IaaEiAqvpQkXcnu6S
jyQXgNn2uEE/WpA8Lj+HRSPtowiPZo+EqZJ1IMKdRkM7+A6mwaybxGH9xlLrZ8eP
SI65TBUnvDixp9phq05e4md6Ht/7mVSgRraAbClLwxd5AIZpsBbmC4ZmG1VLTUhr
wM/chgma9cCkwqRSKDtR0XdZSIGyyIVpZzzyFK63QMR7
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:28 2024 by rpki-client on console-ams.rpki-client.org