Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4305fc8e-966f-4fac-88dd-b53410014e6b.roa
File: 4305fc8e-966f-4fac-88dd-b53410014e6b.roa (raw, json)
Hash identifier: HyB6tBQ5KZJb+G2Tofo0Ldg9KIXaNnwyoGFG0umpgxw=
Subject key identifier: 05:D0:AB:51:57:3A:A4:B1:5A:CC:85:56:58:1E:BD:89:08:D1:F1:39
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0BD7BCA42A17E0BA92F789E01B6CA878E36FD3AD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4305fc8e-966f-4fac-88dd-b53410014e6b.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.164.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:d7:bc:a4:2a:17:e0:ba:92:f7:89:e0:1b:6c:a8:78:e3:6f:d3:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=ee891274d6c4483a975c5d7c0c051a369a0da8482f5be8a75959bd1312683ce4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:2a:5c:41:1d:a5:b1:a5:16:5d:b6:71:66:85:
26:e1:b1:fe:25:c7:79:00:91:c9:e9:16:e2:5d:86:
92:fc:96:c6:cb:5d:0d:7d:17:53:aa:7f:e4:99:fb:
84:79:3f:e1:04:15:4f:be:53:f9:d7:f0:12:7d:5e:
2f:ea:46:e1:cd:e3:2a:71:a3:08:a8:bd:1d:98:d6:
2b:bc:2d:87:0d:7f:c2:fb:97:2c:c7:5d:77:f0:7f:
be:f5:3b:60:4c:b3:9b:20:1c:b9:22:08:c4:4c:67:
cd:95:f3:9a:ea:0a:59:03:f0:6d:d8:8d:b1:05:35:
04:33:5f:11:0d:5c:c2:2d:e7:0b:20:82:38:e4:65:
ff:9b:f4:7b:44:d0:8c:62:ac:0b:4d:2e:dc:fd:07:
c3:5c:ac:0c:de:15:e3:ff:5f:33:67:49:f4:8d:15:
77:04:11:c5:07:97:a6:0f:ad:ee:13:ad:2a:f6:e5:
49:c6:b9:73:ee:fd:8e:74:66:3b:a1:db:eb:94:b4:
8c:50:e5:b7:dd:29:81:7d:a4:34:30:22:4c:a3:39:
8f:a1:94:da:8c:4a:8a:1f:05:c3:0b:d4:87:0e:d8:
c1:85:0d:66:d8:08:ad:c4:cc:c5:3d:6a:c4:04:a8:
8f:6d:58:f7:31:81:84:5b:72:3f:94:03:0f:cc:1b:
a2:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:D0:AB:51:57:3A:A4:B1:5A:CC:85:56:58:1E:BD:89:08:D1:F1:39
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4305fc8e-966f-4fac-88dd-b53410014e6b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.164.0.0/15
Signature Algorithm: sha256WithRSAEncryption
ca:9d:5a:c2:6c:5f:94:7a:95:26:d3:d3:7f:d6:62:7e:d7:57:
bd:c1:c3:78:45:4b:82:c2:64:d9:aa:47:d5:73:38:bc:bc:e4:
86:ab:45:2c:20:97:43:93:7d:5d:18:b4:32:b7:b9:6a:14:8f:
6a:50:b2:ac:69:36:74:34:5b:29:de:a6:44:fb:77:49:46:53:
01:25:a0:18:f9:21:7e:53:3e:c5:1b:cf:4f:4d:98:80:f2:91:
86:f9:08:c7:e7:42:ce:10:44:39:e5:6c:be:a0:c2:3f:19:8b:
ac:66:76:61:eb:73:29:be:f3:6e:f8:21:92:06:c8:c3:71:96:
d5:76:8f:b3:6b:3e:24:a8:26:a1:48:d7:85:d2:30:f0:86:cd:
a0:92:4f:5c:9e:d9:e2:ba:76:e2:88:92:d5:e3:ca:7b:1c:37:
aa:9d:3b:3f:84:2e:44:57:26:53:76:1f:c4:f5:42:39:6f:b1:
db:73:e0:94:93:a0:95:b0:dd:ec:06:59:35:59:6d:60:eb:7c:
7d:ec:2a:6d:2d:98:ca:27:08:c5:6b:87:07:e7:6d:18:33:9f:
49:7b:91:4e:57:fc:9b:d2:ef:82:68:68:e2:90:e8:98:2b:dd:
8a:3b:e0:6a:13:b6:8d:78:e4:98:95:a2:96:af:7d:31:f1:b2:
07:1f:85:00
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUC9e8pCoX4LqS94ngG2yoeONv060wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGVlODkxMjc0ZDZjNDQ4M2E5NzVjNWQ3YzBjMDUxYTM2OWEwZGE4NDgyZjVi
ZThhNzU5NTliZDEzMTI2ODNjZTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKAqXEEdpbGlFl22cWaFJuGx/iXHeQCRyekW4l2GkvyWxstdDX0XU6p/5Jn7
hHk/4QQVT75T+dfwEn1eL+pG4c3jKnGjCKi9HZjWK7wthw1/wvuXLMddd/B/vvU7
YEyzmyAcuSIIxExnzZXzmuoKWQPwbdiNsQU1BDNfEQ1cwi3nCyCCOORl/5v0e0TQ
jGKsC00u3P0Hw1ysDN4V4/9fM2dJ9I0VdwQRxQeXpg+t7hOtKvblSca5c+79jnRm
O6Hb65S0jFDlt90pgX2kNDAiTKM5j6GU2oxKih8FwwvUhw7YwYUNZtgIrcTMxT1q
xASoj21Y9zGBhFtyP5QDD8wbopUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQF0KtR
VzqksVrMhVZYHr2JCNHxOTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDMwNWZjOGUtOTY2Zi00ZmFjLTg4ZGQtYjUzNDEwMDE0ZTZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOkMA0G
CSqGSIb3DQEBCwUAA4IBAQDKnVrCbF+UepUm09N/1mJ+11e9wcN4RUuCwmTZqkfV
czi8vOSGq0UsIJdDk31dGLQyt7lqFI9qULKsaTZ0NFsp3qZE+3dJRlMBJaAY+SF+
Uz7FG89PTZiA8pGG+QjH50LOEEQ55Wy+oMI/GYusZnZh63MpvvNu+CGSBsjDcZbV
do+zaz4kqCahSNeF0jDwhs2gkk9cntniunbiiJLV48p7HDeqnTs/hC5EVyZTdh/E
9UI5b7Hbc+CUk6CVsN3sBlk1WW1g63x97CptLZjKJwjFa4cH520YM59Je5FOV/yb
0u+CaGjikOiYK92KO+BqE7aNeOSYlaKWr30x8bIHH4UA
-----END CERTIFICATE-----
Generated at Sun Nov 24 21:43:49 2024 by rpki-client on console-ams.rpki-client.org