Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3113975a-2f82-4201-a061-176481f88265.roa
File: 3113975a-2f82-4201-a061-176481f88265.roa (raw, json)
Hash identifier: hMhKqzfLbqBnWdpq+Alf6NOZvxY+V2zhbq1fsUniI8U=
Subject key identifier: 1D:BA:2E:5C:7B:8C:D1:11:89:97:78:71:18:5A:E5:0F:BA:87:4F:FD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 552C54EAFF9F460937AAA2430E9FE3072C564885
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3113975a-2f82-4201-a061-176481f88265.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.180.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:2c:54:ea:ff:9f:46:09:37:aa:a2:43:0e:9f:e3:07:2c:56:48:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=9e695ad12720c96706a5b8969da11c9d9741afa79d7e6c4346ad84af5b7c48b9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:83:47:6d:2e:c3:72:ee:31:42:7b:a4:80:5b:
ff:51:68:7e:d3:45:ba:69:09:84:2d:66:15:8e:30:
5f:6c:4e:01:32:ad:fa:37:08:90:ac:1c:8b:a5:3f:
6f:4b:1a:71:01:d6:bc:34:53:7c:8b:54:dc:91:96:
8d:ad:ac:df:96:0e:6c:75:9f:d3:ac:55:48:18:f7:
a3:66:0e:22:3f:8f:f4:21:86:24:0f:2d:74:96:2c:
26:42:65:72:3c:b0:f7:37:16:fd:59:b7:2d:d0:fe:
7b:ce:7b:1b:88:9e:0f:3b:87:b7:9a:7c:58:84:35:
64:a1:55:47:39:8e:f5:fe:47:f4:f3:96:63:b1:37:
b6:95:86:91:97:8e:07:61:7f:96:d4:94:a1:95:1f:
28:b0:ab:10:34:af:d3:d6:be:11:97:5d:94:d8:cf:
91:14:5f:d9:4d:8d:f1:b6:08:85:73:12:59:c1:eb:
fa:31:33:f0:26:19:a4:11:2a:77:cb:fd:8f:de:3c:
14:aa:78:f3:86:2b:d4:d3:d3:98:33:87:f3:0d:fb:
fd:b8:47:a3:b5:88:8b:a3:a1:f2:62:12:26:be:2b:
54:3a:8b:6e:fe:27:c3:4d:8e:8d:de:73:33:02:5a:
97:70:0a:d2:88:96:04:36:31:ac:24:1c:01:b7:6c:
34:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:BA:2E:5C:7B:8C:D1:11:89:97:78:71:18:5A:E5:0F:BA:87:4F:FD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3113975a-2f82-4201-a061-176481f88265.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.180.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c9:bb:59:a0:7d:ff:dc:19:78:9a:85:6f:f8:5f:24:09:0c:54:
0e:f0:2e:12:16:9c:f4:66:25:54:31:95:14:28:38:9d:31:f2:
fe:9d:d8:a6:df:60:77:3e:3b:fc:f0:8c:a7:1f:4d:3f:3b:5b:
5a:7c:be:88:c8:4d:6d:7f:23:70:da:c4:93:2b:ec:34:95:2c:
62:6e:b2:dd:f4:fa:37:c9:d9:47:85:d9:7a:8a:52:e4:fd:9b:
d0:87:45:40:75:71:9e:6f:7c:f8:44:3b:7e:f8:e6:74:01:cf:
f9:f5:b1:d4:e8:fe:e0:08:4e:b0:dc:fd:a7:73:19:0e:04:51:
89:fc:ca:cc:03:b6:82:5d:92:e2:90:41:a4:10:bd:9f:41:06:
0e:a9:1e:5c:17:50:5c:ff:d6:fe:01:4d:4c:22:88:d3:4a:3f:
8b:df:f2:33:1a:dd:d0:42:c5:56:9e:6e:9c:1e:e8:63:9f:3d:
57:b3:b4:79:80:1b:0e:92:8c:16:2d:a1:ab:4a:80:a3:87:23:
e1:25:54:34:d0:f7:2f:23:d6:74:a1:3d:1e:0f:d9:67:ca:f7:
22:e7:2b:72:08:aa:88:bd:b3:50:22:12:e2:92:ae:96:1c:01:
19:39:77:c9:61:e3:60:e9:31:90:b3:3f:57:01:53:ae:66:36:
a1:71:e9:1a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVSxU6v+fRgk3qqJDDp/jByxWSIUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDllNjk1YWQxMjcyMGM5NjcwNmE1Yjg5NjlkYTExYzlkOTc0MWFmYTc5ZDdl
NmM0MzQ2YWQ4NGFmNWI3YzQ4YjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALWDR20uw3LuMUJ7pIBb/1FoftNFumkJhC1mFY4wX2xOATKt+jcIkKwci6U/
b0sacQHWvDRTfItU3JGWja2s35YObHWf06xVSBj3o2YOIj+P9CGGJA8tdJYsJkJl
cjyw9zcW/Vm3LdD+e857G4ieDzuHt5p8WIQ1ZKFVRzmO9f5H9POWY7E3tpWGkZeO
B2F/ltSUoZUfKLCrEDSv09a+EZddlNjPkRRf2U2N8bYIhXMSWcHr+jEz8CYZpBEq
d8v9j948FKp484Yr1NPTmDOH8w37/bhHo7WIi6Oh8mISJr4rVDqLbv4nw02Ojd5z
MwJal3AK0oiWBDYxrCQcAbdsNCUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQdui5c
e4zREYmXeHEYWuUPuodP/TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MzExMzk3NWEtMmY4Mi00MjAxLWEwNjEtMTc2NDgxZjg4MjY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO0MA0G
CSqGSIb3DQEBCwUAA4IBAQDJu1mgff/cGXiahW/4XyQJDFQO8C4SFpz0ZiVUMZUU
KDidMfL+ndim32B3Pjv88IynH00/O1tafL6IyE1tfyNw2sSTK+w0lSxibrLd9Po3
ydlHhdl6ilLk/ZvQh0VAdXGeb3z4RDt++OZ0Ac/59bHU6P7gCE6w3P2ncxkOBFGJ
/MrMA7aCXZLikEGkEL2fQQYOqR5cF1Bc/9b+AU1MIojTSj+L3/IzGt3QQsVWnm6c
Huhjnz1Xs7R5gBsOkowWLaGrSoCjhyPhJVQ00PcvI9Z0oT0eD9lnyvci5ytyCKqI
vbNQIhLikq6WHAEZOXfJYeNg6TGQsz9XAVOuZjahceka
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:28 2024 by rpki-client on console-ams.rpki-client.org