Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/356dd5ec-7559-45e8-81d0-9e45590b5ae5.roa
File: 356dd5ec-7559-45e8-81d0-9e45590b5ae5.roa (raw, json)
Hash identifier: 9OuHzQ+0ae/KCc0B08Pq+IbNMwaxa4GcxHAMYT1KkPw=
Subject key identifier: CC:7D:DB:A1:CC:E9:93:3F:5E:27:36:59:75:0F:B9:6A:82:46:53:BB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2B5D73A5913D29C1E9BFEC5867A3A316B5A819C7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/356dd5ec-7559-45e8-81d0-9e45590b5ae5.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.176.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:5d:73:a5:91:3d:29:c1:e9:bf:ec:58:67:a3:a3:16:b5:a8:19:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=6bf6bc910d80db1fb754f89c6f4b83a88d8c34a73a065fe5360a52583c70bd74, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:92:05:67:68:2b:c0:da:78:75:16:96:af:aa:
ee:a3:50:6c:f6:5a:70:3f:0f:85:e5:3d:15:ee:51:
4b:b4:3e:a8:e1:48:e0:dd:be:47:e1:f9:56:1c:bb:
dd:7d:55:d1:4e:46:bb:87:5d:e0:dd:db:3d:ba:eb:
6e:4e:04:83:be:e4:1e:22:1f:26:ae:94:ed:83:5e:
48:31:1a:0c:b0:c4:e7:79:8d:7d:5b:22:c0:8e:2f:
67:c3:c3:22:ff:ac:de:d0:0b:43:a3:21:05:28:f9:
dd:ec:f9:ef:26:f5:df:a6:d0:33:ab:b3:04:dc:0a:
5e:cb:64:3f:e2:69:89:e5:1b:49:3d:40:92:bf:15:
aa:59:20:1c:c2:f9:09:dc:97:03:8b:ac:77:c5:e1:
72:56:57:74:9e:28:fc:cb:e3:bc:4f:0b:a8:9c:9b:
66:7c:0f:e7:9d:af:54:04:8d:a3:7e:dc:64:6a:d1:
1d:ec:60:6f:8a:a4:83:4a:d6:1d:56:79:01:19:86:
bb:75:8c:ad:a4:14:6f:13:85:a9:8d:0e:8c:2a:47:
10:0a:30:94:3d:59:c5:26:1b:cd:ba:16:10:91:a2:
f2:8a:f8:01:11:0b:c8:f8:e6:d2:eb:43:57:70:13:
0d:47:91:ff:46:9e:f5:b3:c1:05:ff:a7:36:80:d6:
0a:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:7D:DB:A1:CC:E9:93:3F:5E:27:36:59:75:0F:B9:6A:82:46:53:BB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/356dd5ec-7559-45e8-81d0-9e45590b5ae5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.176.0.0/15
Signature Algorithm: sha256WithRSAEncryption
13:ad:03:9f:d9:23:52:6d:ce:14:78:7d:55:72:32:d2:f5:f3:
cc:33:cd:aa:b3:17:bf:c5:95:72:1d:23:66:24:4c:a8:1b:81:
63:cb:18:e1:cd:fe:c1:2c:a4:91:68:31:99:68:97:4b:10:d9:
c9:74:7c:99:06:6f:89:82:a6:52:14:91:d2:ae:d2:90:a5:a7:
7a:6d:3a:53:01:8c:ec:1e:7f:a2:8a:d8:d0:b2:d7:6a:3d:6e:
18:f3:02:29:af:fc:7e:82:fe:02:67:f8:9e:19:62:55:3c:a5:
cb:b5:c1:de:9e:f8:b8:ca:69:1b:b4:35:a9:81:31:60:cd:d3:
20:33:11:22:1e:92:ca:04:37:91:63:8c:fb:82:7f:27:98:f8:
72:df:4f:b0:22:4e:85:2f:67:83:8a:de:78:b9:fa:a9:89:2b:
49:5f:ab:88:ee:1e:fa:3a:cc:97:1f:62:7d:be:48:2f:1f:fc:
e7:7b:b1:b9:ac:a0:de:ea:26:07:2c:cc:7a:7d:5d:14:b8:76:
e3:0e:36:b5:fd:be:da:1f:3e:6f:bd:6c:f9:11:48:e0:71:6d:
0d:1e:a3:c2:81:e5:3d:ee:eb:25:0b:56:7c:c0:f1:66:66:94:
d6:8d:e5:85:a6:17:f6:4c:28:da:33:ec:61:d0:9e:bc:82:e0:
a1:39:8c:d9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUK11zpZE9KcHpv+xYZ6OjFrWoGccwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDZiZjZiYzkxMGQ4MGRiMWZiNzU0Zjg5YzZmNGI4M2E4OGQ4YzM0YTczYTA2
NWZlNTM2MGE1MjU4M2M3MGJkNzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALqSBWdoK8DaeHUWlq+q7qNQbPZacD8PheU9Fe5RS7Q+qOFI4N2+R+H5Vhy7
3X1V0U5Gu4dd4N3bPbrrbk4Eg77kHiIfJq6U7YNeSDEaDLDE53mNfVsiwI4vZ8PD
Iv+s3tALQ6MhBSj53ez57yb136bQM6uzBNwKXstkP+JpieUbST1Akr8VqlkgHML5
CdyXA4usd8XhclZXdJ4o/MvjvE8LqJybZnwP552vVASNo37cZGrRHexgb4qkg0rW
HVZ5ARmGu3WMraQUbxOFqY0OjCpHEAowlD1ZxSYbzboWEJGi8or4ARELyPjm0utD
V3ATDUeR/0ae9bPBBf+nNoDWCs8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTMfduh
zOmTP14nNll1D7lqgkZTuzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MzU2ZGQ1ZWMtNzU1OS00NWU4LTgxZDAtOWU0NTU5MGI1YWU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOwMA0G
CSqGSIb3DQEBCwUAA4IBAQATrQOf2SNSbc4UeH1VcjLS9fPMM82qsxe/xZVyHSNm
JEyoG4Fjyxjhzf7BLKSRaDGZaJdLENnJdHyZBm+JgqZSFJHSrtKQpad6bTpTAYzs
Hn+iitjQstdqPW4Y8wIpr/x+gv4CZ/ieGWJVPKXLtcHenvi4ymkbtDWpgTFgzdMg
MxEiHpLKBDeRY4z7gn8nmPhy30+wIk6FL2eDit54ufqpiStJX6uI7h76OsyXH2J9
vkgvH/zne7G5rKDe6iYHLMx6fV0UuHbjDja1/b7aHz5vvWz5EUjgcW0NHqPCgeU9
7uslC1Z8wPFmZpTWjeWFphf2TCjaM+xh0J68guChOYzZ
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:28 2024 by rpki-client on console-ams.rpki-client.org