Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/297efebe-504f-4d63-8877-e5b94842e462.roa
File: 297efebe-504f-4d63-8877-e5b94842e462.roa (raw, json)
Hash identifier: fa9M6QWDoTQfGN77cP2nxC2JHVf+u0uvmNRIfxLap6c=
Subject key identifier: C4:58:E9:F8:27:32:D4:D3:F1:33:51:F2:17:19:36:AF:76:E5:B6:4B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2B177DC3875587B8124804E9EE548513068E82A4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/297efebe-504f-4d63-8877-e5b94842e462.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.184.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:17:7d:c3:87:55:87:b8:12:48:04:e9:ee:54:85:13:06:8e:82:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=f2c09732644f11376414cc9d12eb423fa45865c7680b25cc5e896dafbc92f226, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:52:23:1e:4a:5d:90:52:34:b7:4e:ef:44:48:
08:d6:6a:35:4d:8c:30:c7:b1:96:75:bb:0f:15:55:
64:ea:a5:d6:b8:b2:0d:d2:e8:63:5e:5e:c9:57:25:
56:26:d8:bc:42:d4:6a:4d:cc:f9:df:90:24:1b:84:
e9:99:19:99:2f:f1:6f:25:5e:d3:5a:d9:5f:0d:28:
97:68:a7:d2:3d:4e:ea:7b:b1:6b:a3:1a:50:16:0d:
47:f7:c2:3a:4b:6f:8a:95:60:f8:78:59:79:81:64:
e0:b1:de:7e:0f:0a:32:3f:cc:8d:8d:f1:98:81:08:
45:42:50:7c:30:96:c5:39:85:ce:6f:94:1c:be:71:
cb:6f:ed:76:21:1f:a6:c7:c7:c6:66:e6:7a:38:9b:
a3:c5:af:fb:32:0c:90:6c:13:95:79:15:81:7f:9a:
bf:46:c1:d9:54:f7:46:b9:41:01:de:49:ba:87:a2:
78:bf:42:d3:62:90:29:5f:2d:c4:34:8a:57:24:ca:
97:e5:d9:56:d6:7e:94:e4:b4:70:c5:21:c9:c2:16:
f5:f6:e5:40:e7:7b:7d:bb:50:c3:f3:8a:8d:a1:a5:
64:c6:f8:34:8d:f2:78:36:01:fd:a1:ca:9f:0b:02:
b2:86:87:06:0d:98:5b:a6:34:2f:50:62:5d:d4:91:
6a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:58:E9:F8:27:32:D4:D3:F1:33:51:F2:17:19:36:AF:76:E5:B6:4B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/297efebe-504f-4d63-8877-e5b94842e462.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.184.0.0/15
Signature Algorithm: sha256WithRSAEncryption
89:ab:5c:f0:c2:82:7e:44:c7:9b:73:ed:7a:53:1a:b3:5b:d3:
7f:06:04:e0:06:aa:5f:b5:87:64:5e:78:cd:f8:d6:5a:de:13:
28:3d:d8:f9:97:38:89:31:8e:2a:f4:4d:53:9a:0f:ef:4b:85:
ca:6b:8e:69:58:aa:db:1c:c9:e6:c8:f4:aa:ad:f3:64:41:f9:
07:10:24:4a:7f:6d:ff:21:d9:37:9f:e1:35:eb:8b:de:2b:e0:
9d:4b:3f:30:f7:a5:ed:d2:ba:01:48:ec:22:84:0a:fe:33:4a:
b1:fb:8b:d0:7a:ac:fc:df:6b:4b:e1:82:02:cf:ed:2d:64:d5:
ad:fd:25:e3:23:4a:c8:a5:93:5a:a6:77:24:86:ab:4b:29:f4:
ad:17:37:9b:53:f1:77:e1:b1:ce:4c:bd:0a:d8:01:62:47:1d:
36:c0:52:0e:21:45:5c:47:10:51:ca:0f:85:2a:6e:c4:e7:88:
c9:be:54:95:77:fc:2e:77:06:48:69:8d:8e:00:b1:0b:73:09:
6c:c0:c4:c3:61:3a:5c:74:3b:6e:0d:c6:68:7d:05:e0:27:cd:
f3:43:7a:38:4c:5b:94:a0:24:76:db:dd:96:3a:d7:2a:b7:7a:
f6:16:af:d7:52:1a:48:6c:cf:10:4d:ce:6a:2c:b7:03:bf:86:
30:e1:e5:38
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKxd9w4dVh7gSSATp7lSFEwaOgqQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyYzA5NzMyNjQ0ZjExMzc2NDE0Y2M5ZDEyZWI0MjNmYTQ1ODY1Yzc2ODBi
MjVjYzVlODk2ZGFmYmM5MmYyMjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANVSIx5KXZBSNLdO70RICNZqNU2MMMexlnW7DxVVZOql1riyDdLoY15eyVcl
VibYvELUak3M+d+QJBuE6ZkZmS/xbyVe01rZXw0ol2in0j1O6nuxa6MaUBYNR/fC
OktvipVg+HhZeYFk4LHefg8KMj/MjY3xmIEIRUJQfDCWxTmFzm+UHL5xy2/tdiEf
psfHxmbmejibo8Wv+zIMkGwTlXkVgX+av0bB2VT3RrlBAd5JuoeieL9C02KQKV8t
xDSKVyTKl+XZVtZ+lOS0cMUhycIW9fblQOd7fbtQw/OKjaGlZMb4NI3yeDYB/aHK
nwsCsoaHBg2YW6Y0L1BiXdSRamkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTEWOn4
JzLU0/EzUfIXGTavduW2SzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mjk3ZWZlYmUtNTA0Zi00ZDYzLTg4NzctZTViOTQ4NDJlNDYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO4MA0G
CSqGSIb3DQEBCwUAA4IBAQCJq1zwwoJ+RMebc+16UxqzW9N/BgTgBqpftYdkXnjN
+NZa3hMoPdj5lziJMY4q9E1Tmg/vS4XKa45pWKrbHMnmyPSqrfNkQfkHECRKf23/
Idk3n+E164veK+CdSz8w96Xt0roBSOwihAr+M0qx+4vQeqz832tL4YICz+0tZNWt
/SXjI0rIpZNapnckhqtLKfStFzebU/F34bHOTL0K2AFiRx02wFIOIUVcRxBRyg+F
Km7E54jJvlSVd/wudwZIaY2OALELcwlswMTDYTpcdDtuDcZofQXgJ83zQ3o4TFuU
oCR2292WOtcqt3r2Fq/XUhpIbM8QTc5qLLcDv4Yw4eU4
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:28 2024 by rpki-client on console-ams.rpki-client.org