Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/30196813-1f5f-45cc-801b-df800afa3d6d.roa
File: 30196813-1f5f-45cc-801b-df800afa3d6d.roa (raw, json)
Hash identifier: TLsGW1IFoyN47u+FQ6Yd7sqr/E2ueHRC8sItW7+U4vg=
Subject key identifier: BC:0E:50:71:6B:21:21:20:D1:8B:9A:C9:72:34:0A:9F:D0:42:F9:F8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2826E1BA1817526EA0F3C96A49AE36206C4AE3E7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/30196813-1f5f-45cc-801b-df800afa3d6d.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.69.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:26:e1:ba:18:17:52:6e:a0:f3:c9:6a:49:ae:36:20:6c:4a:e3:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=6368d08cc122782b1256de0b02bb29fea075487434d257a5b3b736dc6f40265c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:da:eb:03:0e:50:0c:c8:15:62:69:47:e3:d1:
99:09:2f:14:9a:86:c6:83:b9:ae:33:d6:6e:21:e1:
ef:99:a2:88:3d:85:71:83:63:e7:e7:f7:61:61:9f:
de:42:bd:de:20:58:6f:49:08:65:dc:c5:3a:1f:f9:
cc:5c:22:95:6f:9b:c3:9b:a9:fa:88:4d:cc:d3:c3:
20:7d:9a:06:dc:3a:64:95:28:aa:bc:eb:13:5d:e5:
ae:7f:c2:b8:9d:ec:ba:b4:b9:c5:4e:fb:b9:35:e7:
2d:87:6c:82:13:fb:9b:88:82:a0:96:14:9d:76:8c:
f7:cf:9b:1f:c3:7f:e3:d9:25:0c:8e:33:57:75:30:
f4:1b:f2:ce:15:53:70:ee:31:62:a6:f3:c4:14:c1:
d3:5a:31:8f:7f:51:66:df:e1:11:fb:fb:b2:de:81:
ea:83:23:9b:44:92:ac:0d:c4:b1:fa:15:6c:5a:d1:
fa:f3:69:b3:65:d7:16:90:83:ff:fb:f7:86:3c:9f:
eb:48:f8:2a:ff:60:87:de:95:9e:59:e7:92:ae:1d:
81:9b:81:b7:9a:d4:83:65:da:c4:a2:5b:5b:df:46:
d5:aa:02:79:9f:77:b5:eb:c4:c8:e3:af:df:72:95:
64:0b:a1:b6:d6:72:58:23:73:b3:46:c3:fb:b0:9c:
1c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:0E:50:71:6B:21:21:20:D1:8B:9A:C9:72:34:0A:9F:D0:42:F9:F8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/30196813-1f5f-45cc-801b-df800afa3d6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.69.0.0/16
Signature Algorithm: sha256WithRSAEncryption
21:70:b2:6b:10:48:72:ff:20:80:91:33:93:92:0a:90:81:39:
61:9e:f1:ba:bb:9e:d6:3b:0d:3c:65:c1:3b:40:77:d6:96:49:
c0:8f:a0:74:2e:3d:e8:1f:af:d4:13:ed:93:be:f3:e6:f9:dd:
d6:03:03:cf:da:43:62:64:97:fa:d3:de:47:14:bd:63:81:7b:
2d:87:51:3a:7b:13:b3:9d:33:6f:b9:87:3f:dc:b0:fa:0d:47:
34:5a:1a:fb:2d:07:fd:2e:6a:49:08:33:21:96:f5:bc:c6:ca:
93:9b:54:8d:d1:1e:09:6a:c5:d8:9d:28:e7:39:0b:fe:1f:f6:
37:fd:71:42:21:f8:76:e3:9a:90:b5:3b:32:0c:55:42:83:5f:
db:dc:3a:dd:00:fd:ed:41:4f:8a:2c:ce:15:fc:d3:fd:6f:68:
ac:69:a9:1c:5e:38:59:ef:a7:b0:f1:41:b0:15:2a:8d:b4:4c:
44:3c:d8:aa:dc:1c:18:e8:14:16:34:5c:a2:08:04:2a:c8:eb:
ea:00:be:6a:be:38:cf:cb:bf:d0:38:69:35:23:d7:eb:d6:9e:
1b:6b:8a:74:32:94:1c:12:18:76:09:43:9b:d9:6e:7c:f3:96:
9e:bc:07:30:bd:58:a8:30:e7:0b:b2:8e:5f:1a:59:44:04:42:
7a:f2:f9:9d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKCbhuhgXUm6g88lqSa42IGxK4+cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDYzNjhkMDhjYzEyMjc4MmIxMjU2ZGUwYjAyYmIyOWZlYTA3NTQ4NzQzNGQy
NTdhNWIzYjczNmRjNmY0MDI2NWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL/a6wMOUAzIFWJpR+PRmQkvFJqGxoO5rjPWbiHh75miiD2FcYNj5+f3YWGf
3kK93iBYb0kIZdzFOh/5zFwilW+bw5up+ohNzNPDIH2aBtw6ZJUoqrzrE13lrn/C
uJ3surS5xU77uTXnLYdsghP7m4iCoJYUnXaM98+bH8N/49klDI4zV3Uw9BvyzhVT
cO4xYqbzxBTB01oxj39RZt/hEfv7st6B6oMjm0SSrA3EsfoVbFrR+vNps2XXFpCD
//v3hjyf60j4Kv9gh96Vnlnnkq4dgZuBt5rUg2XaxKJbW99G1aoCeZ93tevEyOOv
33KVZAuhttZyWCNzs0bD+7CcHP0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS8DlBx
ayEhINGLmslyNAqf0EL5+DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MzAxOTY4MTMtMWY1Zi00NWNjLTgwMWItZGY4MDBhZmEzZDZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNFMA0G
CSqGSIb3DQEBCwUAA4IBAQAhcLJrEEhy/yCAkTOTkgqQgTlhnvG6u57WOw08ZcE7
QHfWlknAj6B0Lj3oH6/UE+2TvvPm+d3WAwPP2kNiZJf6095HFL1jgXsth1E6exOz
nTNvuYc/3LD6DUc0Whr7LQf9LmpJCDMhlvW8xsqTm1SN0R4JasXYnSjnOQv+H/Y3
/XFCIfh245qQtTsyDFVCg1/b3DrdAP3tQU+KLM4V/NP9b2isaakcXjhZ76ew8UGw
FSqNtExEPNiq3BwY6BQWNFyiCAQqyOvqAL5qvjjPy7/QOGk1I9fr1p4ba4p0MpQc
Ehh2CUOb2W5885aevAcwvVioMOcLso5fGllEBEJ68vmd
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:28 2024 by rpki-client on console-ams.rpki-client.org