Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
File: 444db014-8d2a-4c59-af9c-399bacab4f3f.roa (raw, json)
Hash identifier: w5kKVpac+DM+ca8P5SYgVuq476tkqnnnkhcf2IDzqFc=
Subject key identifier: 29:82:EC:38:00:7C:0E:A5:35:6F:64:2D:78:A2:DB:BF:8C:EE:B6:59
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 53A848AA39FC428360EDEF38715C33C9087C500D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.156.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:a8:48:aa:39:fc:42:83:60:ed:ef:38:71:5c:33:c9:08:7c:50:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=52cb386210524e840f577eff424101bc04cfe318380106520f4e4147d8093c1c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:f8:fa:9c:71:ec:b5:62:88:e8:b2:dc:8a:b1:
25:9f:a5:3b:e2:25:87:11:87:b1:4a:12:0d:cc:35:
66:72:4b:64:fd:87:40:c8:9c:6d:e2:26:3e:26:86:
70:f6:99:24:c0:aa:a0:84:3a:17:97:a2:80:d9:ca:
d5:d4:6f:bc:96:40:16:9f:06:db:7c:60:1d:bb:fe:
9d:1b:d3:dc:a9:29:ea:8d:7f:68:77:e1:fc:56:e7:
94:08:fd:e4:f0:67:c7:59:f8:3f:af:bd:1b:a0:7c:
7b:9c:e8:7a:d0:25:86:d4:b1:d1:f5:14:f4:6f:80:
c7:0a:2b:7a:53:40:9b:c0:77:37:ff:fd:c8:29:4f:
f4:13:3c:fd:86:0e:89:00:1e:ed:aa:aa:e0:39:77:
60:ff:af:3f:97:de:25:a9:3a:dd:b0:45:c3:ce:5d:
8d:4d:06:f2:43:17:be:37:78:10:1b:a6:9e:01:c2:
39:5a:32:87:d4:06:57:d8:1a:9d:57:e3:2b:8d:bb:
2e:79:10:73:0f:af:c1:a2:89:b4:c0:68:a6:fd:2b:
04:de:08:22:1f:e0:7b:7d:8a:39:c9:97:f7:9b:cc:
ff:d2:40:73:50:60:8f:46:b9:10:1a:bb:4a:00:64:
09:2b:04:11:28:23:92:74:70:dd:fa:82:07:2e:81:
d4:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:82:EC:38:00:7C:0E:A5:35:6F:64:2D:78:A2:DB:BF:8C:EE:B6:59
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.156.0.0/15
Signature Algorithm: sha256WithRSAEncryption
53:c6:ea:2d:fa:56:21:c4:2d:c4:47:70:89:79:2a:de:12:c5:
5e:a7:af:fe:af:bb:c6:16:15:10:4c:ec:e8:2a:8b:4f:10:14:
46:48:71:66:a4:78:16:6f:94:a7:11:87:cf:05:75:8a:b6:ba:
8e:20:ec:0f:89:00:cd:89:40:bf:6c:be:18:83:58:41:05:75:
5f:e6:8b:94:d0:a7:4d:31:3a:b1:89:d8:d6:ac:85:b5:98:ec:
e3:00:97:d1:0f:be:40:89:a1:57:19:14:a3:f6:da:88:19:64:
c4:27:91:5d:15:df:f9:5a:64:03:99:84:5d:ab:89:02:21:71:
f0:f0:1c:16:e7:14:4f:bf:39:43:4f:f6:b3:52:e1:89:96:76:
91:07:a3:bf:40:42:07:c8:e4:f9:3e:96:1d:41:e4:da:95:67:
34:26:d9:92:0b:43:19:28:60:e4:75:8c:86:cb:74:29:dc:b3:
2e:3d:e2:4c:a7:d3:b4:25:9b:96:42:38:87:f6:d0:ee:ff:29:
79:fd:54:e9:da:50:e7:94:44:49:ed:81:88:31:82:8a:29:01:
8c:9a:59:27:66:1a:12:4a:47:6d:49:ac:30:f2:8e:c8:64:4a:
59:fc:26:f4:82:e1:bb:f3:1a:d7:54:ce:1b:4f:64:6d:bf:13:
95:3f:e3:ed
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUU6hIqjn8QoNg7e84cVwzyQh8UA0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyY2IzODYyMTA1MjRlODQwZjU3N2VmZjQyNDEwMWJjMDRjZmUzMTgzODAx
MDY1MjBmNGU0MTQ3ZDgwOTNjMWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOH4+pxx7LViiOiy3IqxJZ+lO+IlhxGHsUoSDcw1ZnJLZP2HQMicbeImPiaG
cPaZJMCqoIQ6F5eigNnK1dRvvJZAFp8G23xgHbv+nRvT3Kkp6o1/aHfh/FbnlAj9
5PBnx1n4P6+9G6B8e5zoetAlhtSx0fUU9G+AxworelNAm8B3N//9yClP9BM8/YYO
iQAe7aqq4Dl3YP+vP5feJak63bBFw85djU0G8kMXvjd4EBumngHCOVoyh9QGV9ga
nVfjK427LnkQcw+vwaKJtMBopv0rBN4IIh/ge32KOcmX95vM/9JAc1Bgj0a5EBq7
SgBkCSsEESgjknRw3fqCBy6B1OkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQpguw4
AHwOpTVvZC14otu/jO62WTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDQ0ZGIwMTQtOGQyYS00YzU5LWFmOWMtMzk5YmFjYWI0ZjNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOcMA0G
CSqGSIb3DQEBCwUAA4IBAQBTxuot+lYhxC3ER3CJeSreEsVep6/+r7vGFhUQTOzo
KotPEBRGSHFmpHgWb5SnEYfPBXWKtrqOIOwPiQDNiUC/bL4Yg1hBBXVf5ouU0KdN
MTqxidjWrIW1mOzjAJfRD75AiaFXGRSj9tqIGWTEJ5FdFd/5WmQDmYRdq4kCIXHw
8BwW5xRPvzlDT/azUuGJlnaRB6O/QEIHyOT5PpYdQeTalWc0JtmSC0MZKGDkdYyG
y3Qp3LMuPeJMp9O0JZuWQjiH9tDu/yl5/VTp2lDnlERJ7YGIMYKKKQGMmlknZhoS
SkdtSaww8o7IZEpZ/Cb0guG78xrXVM4bT2RtvxOVP+Pt
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:28 2024 by rpki-client on console-fra.rpki-client.org