Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa
File: 44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa (raw, json)
Hash identifier: aDya6BMjfoLvbNhykjTPTGCbX7A+5Ph1JXX2OScXTs0=
Subject key identifier: 89:4F:23:96:92:7A:48:6A:C4:1A:41:FC:12:1B:41:8F:06:8A:F3:DC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6E99031007188471E08C7F4E202F59952F4C6597
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa
Signing time: Fri 24 Jan 2025 00:00:00 +0000
ROA not before: Fri 24 Jan 2025 00:00:00 +0000
ROA not after: Fri 28 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.244.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 05:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:99:03:10:07:18:84:71:e0:8c:7f:4e:20:2f:59:95:2f:4c:65:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 24 00:00:00 2025 GMT
Not After : Feb 28 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:9a:e2:8f:9f:95:16:5e:ad:2e:86:d9:28:e0:
e4:50:6b:fe:8c:0d:9f:36:d4:85:5c:af:bf:88:b0:
60:b1:4e:59:2a:5e:d9:88:a7:60:86:3d:7c:13:b2:
bc:e9:bf:21:87:99:15:75:7f:69:15:92:b9:e3:1c:
fb:8e:2b:50:c6:8e:fe:2a:97:29:82:a2:f7:f9:21:
17:4e:04:a4:4d:4e:2e:7c:0d:77:2a:b0:d7:1a:cc:
b0:1e:2f:c5:cd:77:7d:84:f6:de:d7:aa:3a:1d:a4:
b7:a0:d8:4e:44:27:34:e2:3d:bf:1b:63:19:67:e8:
c2:74:9a:2c:e7:49:a5:4f:40:ce:b1:6f:d7:e1:6b:
02:f4:e0:58:51:45:2f:33:b4:07:1a:ae:40:49:30:
e4:e4:e0:bc:b3:ed:e0:1c:9b:25:99:8c:2f:14:3b:
9b:a5:95:e5:97:5b:a6:5f:90:78:e4:f6:bb:b6:8c:
b6:4e:85:fe:2d:4f:dd:75:87:f2:e6:52:ff:48:30:
5f:8f:92:5c:fb:54:15:30:60:34:67:f9:0a:cd:6c:
b1:43:cd:fc:ac:c1:fb:f4:db:e4:f3:8f:5f:f4:25:
de:6f:7a:8b:17:a9:6e:20:21:43:eb:36:ea:17:b6:
a0:32:8d:81:54:2a:60:30:3c:c1:9f:0a:3d:f6:1d:
16:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:4F:23:96:92:7A:48:6A:C4:1A:41:FC:12:1B:41:8F:06:8A:F3:DC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.244.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a6:42:54:4f:ad:f3:38:c6:87:c8:24:46:de:54:cc:91:b2:19:
a4:86:b2:df:91:3b:45:b9:9e:f9:00:87:d3:13:36:da:30:71:
80:13:9a:18:87:f3:4f:af:e4:06:0e:d3:d0:16:8c:c7:e7:d4:
f9:27:5d:4a:6e:16:33:18:c3:0c:8b:64:e0:3a:f7:62:d4:47:
14:54:5f:a7:7e:ae:82:0c:40:2d:7c:12:97:2d:45:64:55:e6:
f3:ec:89:02:68:6a:0f:d7:4d:91:3c:9d:b2:b1:7d:e1:42:92:
94:85:7f:9b:91:f1:cf:98:a6:16:18:09:2a:56:ae:e9:4a:c7:
83:ab:df:97:67:45:70:0e:f1:1d:88:7d:40:f6:ba:ab:e6:b0:
ae:75:61:32:e8:37:08:50:2b:47:24:df:cb:70:3f:39:96:83:
5f:9e:75:31:c6:96:1e:3e:e2:e5:15:42:97:02:00:68:14:0b:
89:2c:de:e4:0c:b1:35:6c:30:8c:47:68:ba:9a:a5:ce:69:33:
2d:f1:a4:71:a1:00:04:20:fa:11:b4:f5:e0:b6:e7:46:34:22:
31:0a:25:5d:0b:bb:11:90:c6:50:18:f3:b0:d1:83:41:0d:96:
1c:7d:62:98:e7:d4:f1:a9:1f:2c:75:d0:d9:5b:1d:dd:a9:c9:
3f:93:04:30
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbpkDEAcYhHHgjH9OIC9ZlS9MZZcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMjQwMDAwMDBaFw0yNTAyMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDM5YmE3YzdkNTRhNWE3MTZhNjUyYzhiZjBiNjU2NzZjOTU4N2E4MzIwMDFk
MjM2ZjU5OTIxOGJmNGIwZTE2ZTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMya4o+flRZerS6G2Sjg5FBr/owNnzbUhVyvv4iwYLFOWSpe2YinYIY9fBOy
vOm/IYeZFXV/aRWSueMc+44rUMaO/iqXKYKi9/khF04EpE1OLnwNdyqw1xrMsB4v
xc13fYT23teqOh2kt6DYTkQnNOI9vxtjGWfownSaLOdJpU9AzrFv1+FrAvTgWFFF
LzO0BxquQEkw5OTgvLPt4BybJZmMLxQ7m6WV5Zdbpl+QeOT2u7aMtk6F/i1P3XWH
8uZS/0gwX4+SXPtUFTBgNGf5Cs1ssUPN/KzB+/Tb5POPX/Ql3m96ixepbiAhQ+s2
6he2oDKNgVQqYDA8wZ8KPfYdFlsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSJTyOW
knpIasQaQfwSG0GPBorz3DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDRiYjAwY2MtM2RlZS00Y2Y2LThkZTktMmZlYmZhMGYwZjZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATP0MA0G
CSqGSIb3DQEBCwUAA4IBAQCmQlRPrfM4xofIJEbeVMyRshmkhrLfkTtFuZ75AIfT
EzbaMHGAE5oYh/NPr+QGDtPQFozH59T5J11KbhYzGMMMi2TgOvdi1EcUVF+nfq6C
DEAtfBKXLUVkVebz7IkCaGoP102RPJ2ysX3hQpKUhX+bkfHPmKYWGAkqVq7pSseD
q9+XZ0VwDvEdiH1A9rqr5rCudWEy6DcIUCtHJN/LcD85loNfnnUxxpYePuLlFUKX
AgBoFAuJLN7kDLE1bDCMR2i6mqXOaTMt8aRxoQAEIPoRtPXgtudGNCIxCiVdC7sR
kMZQGPOw0YNBDZYcfWKY59TxqR8sddDZWx3dqck/kwQw
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:27:35 2025 by rpki-client