Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49e55691-07d2-4a06-87d9-31acb51cef86.roa
File: 49e55691-07d2-4a06-87d9-31acb51cef86.roa (raw, json)
Hash identifier: YjG7em0gZ7oyYj0DeJMwn/0W4eyCiLH+oTUM8/OPyQ4=
Subject key identifier: 90:5F:B4:2E:62:A7:07:40:F7:F9:55:C6:6B:DE:53:1C:64:F5:D7:60
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 68C7F02EAE84AE41623D7AB9303A50F952DDBC13
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49e55691-07d2-4a06-87d9-31acb51cef86.roa
Signing time: Fri 08 Nov 2024 00:00:00 +0000
ROA not before: Fri 08 Nov 2024 00:00:00 +0000
ROA not after: Fri 13 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.244.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:c7:f0:2e:ae:84:ae:41:62:3d:7a:b9:30:3a:50:f9:52:dd:bc:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 8 00:00:00 2024 GMT
Not After : Dec 13 23:59:59 2024 GMT
Subject: serialNumber=cf28577ae02416104a23528e3ccf68e31fb265a864c3d2cda73125039cefa921, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b5:72:9b:0e:61:c4:66:e1:1c:cf:37:38:46:
4b:09:da:ad:28:67:03:e0:63:93:3c:7e:14:c7:f3:
11:86:6f:9f:d0:39:dc:1a:0d:ae:e4:9c:18:1a:e8:
5d:ee:8b:5a:36:ed:34:54:fc:ab:2d:a7:bd:b8:d6:
de:a4:58:1e:6d:eb:6b:3b:10:7a:77:42:96:31:dc:
23:fa:1a:6b:d8:41:59:c2:77:4f:83:01:dd:83:87:
80:18:68:18:79:a8:9a:c3:42:5b:0a:f3:ed:1d:42:
84:45:03:75:66:9d:bc:b4:02:e7:2d:9a:ff:a8:82:
28:c7:d9:2d:71:17:38:7f:8d:fa:83:34:cb:04:43:
ca:bc:1c:04:26:5e:ab:26:98:d5:b7:dd:40:e0:36:
a2:05:38:e2:92:a3:e2:5d:bd:1d:c2:23:10:f9:73:
ef:86:a1:8d:ff:3d:7a:dd:81:75:06:bf:87:26:c7:
c5:d5:02:3e:81:16:a2:21:c8:f5:0d:d8:78:7a:c0:
ea:29:00:e0:cf:25:53:15:5d:24:b1:6e:02:a6:94:
05:39:2d:42:70:c0:17:7d:36:9e:cb:5c:33:5a:c5:
cc:16:8c:db:e7:80:a1:4c:29:d8:4a:f0:c4:b2:9b:
78:50:9e:31:cb:12:68:3a:d7:1f:88:3f:a0:f4:ab:
64:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:5F:B4:2E:62:A7:07:40:F7:F9:55:C6:6B:DE:53:1C:64:F5:D7:60
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49e55691-07d2-4a06-87d9-31acb51cef86.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.244.0.0/15
Signature Algorithm: sha256WithRSAEncryption
9f:a8:7d:d4:bd:f5:fb:85:0f:96:28:3c:e8:78:e8:c0:7a:f5:
f8:c5:0f:a1:e7:9b:68:9a:d5:cc:dc:35:64:9c:05:a5:ab:c4:
1f:92:81:ea:71:65:45:45:d1:12:4c:1e:88:be:e3:58:0b:a6:
ee:2d:0b:9c:b7:21:47:65:e0:7d:0b:c7:01:56:ff:6a:6b:c6:
3f:70:d7:92:36:e5:cc:23:b4:95:07:96:91:4b:0d:58:0c:f9:
ca:95:d6:d0:34:55:9f:c4:dd:82:67:4c:b6:6f:ca:43:d8:4d:
cc:03:c9:a9:f0:a9:57:21:91:ff:8f:bf:aa:d0:a2:68:51:58:
aa:dc:b8:0d:bd:8d:f3:aa:88:1f:cb:6c:31:31:3d:46:d2:fd:
95:ea:0b:25:6d:57:20:32:7a:c3:2a:02:99:f8:1b:45:57:fa:
ec:54:8b:ea:bd:07:ae:1e:b3:83:10:12:2d:a6:88:85:13:21:
88:62:e6:6e:b7:61:96:25:b8:2c:bb:f4:19:f3:8d:cc:5e:4f:
36:33:7b:5f:15:b5:13:6a:c0:2c:90:83:d4:ba:60:45:18:74:
ad:50:0f:26:62:38:3a:84:ec:df:89:6f:a1:96:e6:4b:d0:8a:
4f:e5:b8:52:c5:5f:b4:96:85:c4:a3:f5:47:52:af:f5:a1:21:
be:71:0a:11
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUaMfwLq6ErkFiPXq5MDpQ+VLdvBMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDgwMDAwMDBaFw0yNDEyMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmMjg1NzdhZTAyNDE2MTA0YTIzNTI4ZTNjY2Y2OGUzMWZiMjY1YTg2NGMz
ZDJjZGE3MzEyNTAzOWNlZmE5MjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKK1cpsOYcRm4RzPNzhGSwnarShnA+Bjkzx+FMfzEYZvn9A53BoNruScGBro
Xe6LWjbtNFT8qy2nvbjW3qRYHm3razsQendCljHcI/oaa9hBWcJ3T4MB3YOHgBho
GHmomsNCWwrz7R1ChEUDdWadvLQC5y2a/6iCKMfZLXEXOH+N+oM0ywRDyrwcBCZe
qyaY1bfdQOA2ogU44pKj4l29HcIjEPlz74ahjf89et2BdQa/hybHxdUCPoEWoiHI
9Q3YeHrA6ikA4M8lUxVdJLFuAqaUBTktQnDAF302nstcM1rFzBaM2+eAoUwp2Erw
xLKbeFCeMcsSaDrXH4g/oPSrZIcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSQX7Qu
YqcHQPf5VcZr3lMcZPXXYDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDllNTU2OTEtMDdkMi00YTA2LTg3ZDktMzFhY2I1MWNlZjg2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATP0MA0G
CSqGSIb3DQEBCwUAA4IBAQCfqH3UvfX7hQ+WKDzoeOjAevX4xQ+h55tomtXM3DVk
nAWlq8QfkoHqcWVFRdESTB6IvuNYC6buLQuctyFHZeB9C8cBVv9qa8Y/cNeSNuXM
I7SVB5aRSw1YDPnKldbQNFWfxN2CZ0y2b8pD2E3MA8mp8KlXIZH/j7+q0KJoUViq
3LgNvY3zqogfy2wxMT1G0v2V6gslbVcgMnrDKgKZ+BtFV/rsVIvqvQeuHrODEBIt
poiFEyGIYuZut2GWJbgsu/QZ843MXk82M3tfFbUTasAskIPUumBFGHStUA8mYjg6
hOzfiW+hluZL0IpP5bhSxV+0loXEo/VHUq/1oSG+cQoR
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:28 2024 by rpki-client on console-ams.rpki-client.org