Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/29b3caa9-6470-45c4-9283-9836b50ed0d6.roa
File: 29b3caa9-6470-45c4-9283-9836b50ed0d6.roa (raw, json)
Hash identifier: s28arLXBPWaQlAcnWi5pqw/q40zf8R30u6wInjUcvkU=
Subject key identifier: 6B:A3:5A:C3:13:21:03:C6:B8:87:25:D7:DB:23:AC:C2:C1:F2:84:FD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1151133F37092D891A735C65DB6707A7DF09AF88
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/29b3caa9-6470-45c4-9283-9836b50ed0d6.roa
Signing time: Tue 12 Nov 2024 00:00:00 +0000
ROA not before: Tue 12 Nov 2024 00:00:00 +0000
ROA not after: Tue 17 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.24.0.0/13 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:51:13:3f:37:09:2d:89:1a:73:5c:65:db:67:07:a7:df:09:af:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 12 00:00:00 2024 GMT
Not After : Dec 17 23:59:59 2024 GMT
Subject: serialNumber=2a4e082ba2e4b2098f9a70c421925afa2c68cee1d6486d10d8ce7d7fd70e798b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:bc:9a:21:fb:3f:5f:e8:d9:d6:f3:dc:63:0d:
70:bf:a2:17:b8:68:95:73:4e:75:88:db:88:bf:42:
0a:5c:53:bc:d2:dc:c7:6e:d8:c0:f4:6d:8f:66:78:
04:b0:76:08:a1:b3:2a:ca:6e:76:4d:0b:14:fa:ec:
2d:c7:19:41:5c:cd:c4:7a:e7:a0:7b:3e:d6:05:46:
b9:3b:ed:a1:c8:67:c4:a2:94:03:d5:bd:97:e9:c0:
ac:d1:0f:0e:4e:64:f1:a2:09:da:49:53:c4:0c:7c:
3b:7c:4a:e1:b0:5c:02:f4:1d:63:3e:98:1d:32:c8:
44:d7:7c:bf:0e:dc:f7:d2:c2:27:51:a7:8c:50:55:
65:83:66:3d:c3:a7:9e:72:c9:06:81:d8:89:b7:80:
30:14:b7:e0:e1:ba:1f:15:43:7a:d0:a8:88:43:e0:
b2:0b:a3:14:04:44:bf:74:a6:ab:44:3c:92:6b:a3:
a4:f2:6b:75:c8:47:96:8e:02:63:7b:7f:ec:8e:88:
84:2f:12:b2:5d:a8:09:eb:1c:d7:ae:d9:11:f0:b4:
66:8e:a1:c6:76:12:30:ef:fc:af:be:e1:83:7b:1d:
33:2a:2f:a4:2d:e6:6d:3e:6e:35:08:8c:35:c5:fa:
5d:9c:63:20:d9:25:45:93:c7:74:61:da:8a:bf:5d:
ca:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:A3:5A:C3:13:21:03:C6:B8:87:25:D7:DB:23:AC:C2:C1:F2:84:FD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/29b3caa9-6470-45c4-9283-9836b50ed0d6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.24.0.0/13
Signature Algorithm: sha256WithRSAEncryption
7c:45:79:69:fb:07:36:a8:fa:8d:8d:e5:3a:93:74:d1:cb:98:
58:52:f0:be:01:a3:54:57:24:e0:24:b7:6e:83:e4:4e:f8:4c:
df:70:f1:a0:9e:67:8a:1c:36:7f:97:3c:13:80:2a:b2:70:03:
5f:80:64:d6:cb:8f:b1:4a:d2:d7:8a:5c:fc:60:7e:de:75:b2:
0a:91:fd:9a:58:01:62:eb:a7:4a:85:1e:df:a4:65:06:24:e8:
3d:73:8c:9b:0b:56:7e:37:89:74:28:fb:a2:67:79:b0:b2:bf:
de:8e:32:60:3c:30:b9:de:90:f1:04:f8:dd:a9:03:a1:62:03:
37:ee:04:da:e6:2a:e5:c4:ca:bf:61:33:1d:1f:7f:2f:0b:14:
d3:37:20:05:e4:5a:c4:db:60:42:28:03:a3:fd:7d:fa:ec:e5:
1f:b3:e8:21:8c:b8:6c:7a:40:bf:f5:f1:c9:8a:4c:aa:b5:cb:
ab:64:76:3a:98:46:ed:e0:d1:98:38:bd:38:66:df:38:9d:56:
5b:4f:42:de:be:6e:8f:e3:3c:5f:d6:91:8d:36:aa:54:0f:4e:
84:2b:1b:ee:16:b6:09:03:f3:97:8e:11:dd:43:ed:ce:76:2e:
b0:69:24:33:ce:b0:a5:30:5d:0b:9a:dc:a7:e6:36:d1:e2:e7:
88:e2:4d:09
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEVETPzcJLYkac1xl22cHp98Jr4gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTIwMDAwMDBaFw0yNDEyMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhNGUwODJiYTJlNGIyMDk4ZjlhNzBjNDIxOTI1YWZhMmM2OGNlZTFkNjQ4
NmQxMGQ4Y2U3ZDdmZDcwZTc5OGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALq8miH7P1/o2dbz3GMNcL+iF7holXNOdYjbiL9CClxTvNLcx27YwPRtj2Z4
BLB2CKGzKspudk0LFPrsLccZQVzNxHrnoHs+1gVGuTvtochnxKKUA9W9l+nArNEP
Dk5k8aIJ2klTxAx8O3xK4bBcAvQdYz6YHTLIRNd8vw7c99LCJ1GnjFBVZYNmPcOn
nnLJBoHYibeAMBS34OG6HxVDetCoiEPgsgujFAREv3Smq0Q8kmujpPJrdchHlo4C
Y3t/7I6IhC8Ssl2oCesc167ZEfC0Zo6hxnYSMO/8r77hg3sdMyovpC3mbT5uNQiM
NcX6XZxjINklRZPHdGHair9dyuMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRro1rD
EyEDxriHJdfbI6zCwfKE/TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjliM2NhYTktNjQ3MC00NWM0LTkyODMtOTgzNmI1MGVkMGQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzMYMA0G
CSqGSIb3DQEBCwUAA4IBAQB8RXlp+wc2qPqNjeU6k3TRy5hYUvC+AaNUVyTgJLdu
g+RO+EzfcPGgnmeKHDZ/lzwTgCqycANfgGTWy4+xStLXilz8YH7edbIKkf2aWAFi
66dKhR7fpGUGJOg9c4ybC1Z+N4l0KPuiZ3mwsr/ejjJgPDC53pDxBPjdqQOhYgM3
7gTa5irlxMq/YTMdH38vCxTTNyAF5FrE22BCKAOj/X367OUfs+ghjLhsekC/9fHJ
ikyqtcurZHY6mEbt4NGYOL04Zt84nVZbT0Levm6P4zxf1pGNNqpUD06EKxvuFrYJ
A/OXjhHdQ+3Odi6waSQzzrClMF0Lmtyn5jbR4ueI4k0J
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:28 2024 by rpki-client on console-ams.rpki-client.org