Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa
File: 49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa (raw, json)
Hash identifier: v/JFaP02XRpVnbow33k1QwA4/Gl99wUTvjOue3RONWA=
Subject key identifier: 4E:A7:55:3F:7E:90:C9:F6:05:F5:52:45:AD:8F:43:0C:F3:CA:E4:93
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 149166BF8A4945262A8F3B886C8414B0E31015D4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.192.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:91:66:bf:8a:49:45:26:2a:8f:3b:88:6c:84:14:b0:e3:10:15:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=d4e2b96781386bf7e35dd9c87cc9630f740819d55e068635d63f584147cfb0a3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:5b:c9:b4:3a:91:3b:43:26:e9:99:bf:7d:6c:
cb:65:10:8d:30:79:ab:c6:ea:62:f7:f0:e6:ee:9f:
b0:5b:07:0e:28:af:bb:77:c1:f1:95:63:fe:57:db:
f7:e2:e9:87:1c:91:86:81:04:f3:08:1b:8e:af:c0:
dc:4a:b8:7f:21:3c:e4:10:4f:20:bb:bf:0b:8e:18:
2b:27:47:9d:a8:db:7e:b5:79:74:c6:1d:d8:77:7e:
6e:cc:de:34:8d:b1:d8:5f:41:08:49:48:f5:fe:b5:
cd:95:a6:c7:46:cb:98:45:c3:c3:62:e0:90:1d:5c:
fc:f0:ac:3c:19:33:d5:f5:8a:cf:ba:b5:43:eb:41:
81:7d:58:25:1a:5b:b3:b6:16:cd:a7:d0:15:2e:37:
dc:66:f9:81:27:14:28:6b:dc:a4:0d:95:b1:05:a4:
5a:19:0b:38:41:18:a3:7b:0c:ea:cb:f0:61:b8:3a:
87:f8:67:1f:b8:95:86:7e:45:02:b5:ac:df:a7:56:
fd:ad:16:20:cd:68:d8:7c:3d:38:81:ee:f0:2e:83:
1a:11:d5:7b:f2:4e:eb:ff:cf:32:8b:0a:bb:58:f8:
e7:af:49:c9:47:9e:13:54:55:28:58:62:36:44:e7:
3b:2c:b4:69:10:2f:eb:0c:fc:5c:94:96:a9:51:5a:
b8:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:A7:55:3F:7E:90:C9:F6:05:F5:52:45:AD:8F:43:0C:F3:CA:E4:93
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.192.0.0/15
Signature Algorithm: sha256WithRSAEncryption
9f:de:ec:3a:96:5c:d9:57:71:31:b3:cc:4c:8d:1c:b8:15:65:
19:bc:de:54:36:a4:a6:f5:23:17:55:9f:59:c3:83:d9:55:df:
98:3b:e0:fa:d1:29:6f:ce:43:d5:14:67:ce:b8:fe:25:3c:e5:
e4:0f:82:73:68:23:43:e7:6e:2c:a6:d2:97:6f:61:79:52:6d:
6d:a0:7f:32:23:f4:c7:d1:fe:d0:0d:c7:55:02:ce:6a:2a:62:
3e:9b:f1:1d:51:7a:ae:2e:38:d9:93:21:fe:ee:9f:f7:28:c9:
d8:e7:30:07:8f:c6:1d:39:7b:8a:d3:dd:c6:59:8a:4e:c8:a3:
60:eb:2b:24:b1:f1:4b:85:54:ba:21:72:74:45:c4:86:48:be:
66:79:fa:15:3d:5e:a3:2d:a9:ef:79:2f:c0:6f:80:64:ec:16:
21:48:a7:ec:ae:13:58:c1:12:21:58:8a:82:c8:0a:c4:94:f8:
f8:ff:aa:4e:fb:e5:34:2c:7b:72:d1:63:d6:19:ae:3e:d5:7c:
41:60:74:b7:ba:c6:7a:7e:08:a2:27:d7:cf:5a:44:82:6e:21:
32:81:3e:c4:8d:c3:34:6f:d0:f6:02:cd:9e:96:fb:ec:2f:61:
ad:b1:75:58:b7:0f:27:d1:ba:2b:85:ba:41:e8:ea:ea:e8:cd:
b2:32:48:50
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFJFmv4pJRSYqjzuIbIQUsOMQFdQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0ZTJiOTY3ODEzODZiZjdlMzVkZDljODdjYzk2MzBmNzQwODE5ZDU1ZTA2
ODYzNWQ2M2Y1ODQxNDdjZmIwYTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKBbybQ6kTtDJumZv31sy2UQjTB5q8bqYvfw5u6fsFsHDiivu3fB8ZVj/lfb
9+LphxyRhoEE8wgbjq/A3Eq4fyE85BBPILu/C44YKydHnajbfrV5dMYd2Hd+bsze
NI2x2F9BCElI9f61zZWmx0bLmEXDw2LgkB1c/PCsPBkz1fWKz7q1Q+tBgX1YJRpb
s7YWzafQFS433Gb5gScUKGvcpA2VsQWkWhkLOEEYo3sM6svwYbg6h/hnH7iVhn5F
ArWs36dW/a0WIM1o2Hw9OIHu8C6DGhHVe/JO6//PMosKu1j4569JyUeeE1RVKFhi
NkTnOyy0aRAv6wz8XJSWqVFauF0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBROp1U/
fpDJ9gX1UkWtj0MM88rkkzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDliMmI1ZDUtNDZhNy00MmEzLTk5MDAtYmNiN2UzZWRmZmRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPAMA0G
CSqGSIb3DQEBCwUAA4IBAQCf3uw6llzZV3Exs8xMjRy4FWUZvN5UNqSm9SMXVZ9Z
w4PZVd+YO+D60SlvzkPVFGfOuP4lPOXkD4JzaCND524sptKXb2F5Um1toH8yI/TH
0f7QDcdVAs5qKmI+m/EdUXquLjjZkyH+7p/3KMnY5zAHj8YdOXuK093GWYpOyKNg
6ysksfFLhVS6IXJ0RcSGSL5mefoVPV6jLanveS/Ab4Bk7BYhSKfsrhNYwRIhWIqC
yArElPj4/6pO++U0LHty0WPWGa4+1XxBYHS3usZ6fgiiJ9fPWkSCbiEygT7EjcM0
b9D2As2elvvsL2GtsXVYtw8n0borhbpB6Orq6M2yMkhQ
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:28 2024 by rpki-client on console-ams.rpki-client.org