Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4aa77dd3-124e-4b95-8bd3-8fd6e186613e.roa
File: 4aa77dd3-124e-4b95-8bd3-8fd6e186613e.roa (raw, json)
Hash identifier: KbpZ5KvDzNqcLAJ0UP0RcNuE4o6XkjmozxFrjvyiPhY=
Subject key identifier: 95:ED:9A:FF:2F:42:D1:89:6B:E0:FB:58:8F:53:14:2E:E3:5D:D4:49
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1EDFCDB61FA780854669988608A95E6317C8CABB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4aa77dd3-124e-4b95-8bd3-8fd6e186613e.roa
Signing time: Fri 15 Nov 2024 00:00:00 +0000
ROA not before: Fri 15 Nov 2024 00:00:00 +0000
ROA not after: Fri 20 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.90.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:df:cd:b6:1f:a7:80:85:46:69:98:86:08:a9:5e:63:17:c8:ca:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 15 00:00:00 2024 GMT
Not After : Dec 20 23:59:59 2024 GMT
Subject: serialNumber=c2bfd92816bdeec1c188da42aa1fc5a543fc070589985c8c278c36fbca10932e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f6:c7:13:09:aa:e9:a6:4e:b3:63:87:1b:87:
39:c6:5d:28:9d:ba:5c:11:80:8e:cd:6f:e7:85:2a:
90:26:b4:52:20:93:f9:7a:2c:10:1e:a2:89:5b:50:
c5:4b:f0:7d:3e:c5:54:71:a0:fc:de:b7:75:1c:c6:
55:09:96:62:b5:f1:7c:2f:94:b3:96:8e:31:fd:7a:
55:a6:8c:31:64:e6:ed:d1:7c:79:43:fe:2a:24:4e:
e4:68:4b:42:0e:7b:76:a7:84:af:56:6e:2e:36:72:
fb:a4:77:a3:ae:c1:57:e4:3a:b9:03:ff:4b:67:6b:
de:05:44:1f:f7:cd:1e:31:1c:27:64:4c:06:ec:b4:
77:9d:e7:2b:73:75:d1:e9:74:fc:df:7f:be:f5:8f:
be:15:53:7a:1c:b0:41:fe:a5:c4:af:6e:6a:0c:dc:
93:dd:e3:45:d5:84:56:e1:06:8d:34:bd:71:9b:d1:
4f:e7:df:8d:a5:46:0e:7d:94:f3:3c:ec:13:e9:16:
8f:36:2f:99:4b:78:45:15:5f:ab:bd:a9:72:ab:dd:
19:5b:8c:04:13:f0:42:fb:24:9e:48:b8:84:bc:34:
44:59:9d:bd:9c:e1:07:47:3d:29:d5:19:9f:f5:db:
d9:10:f0:f4:d9:b0:76:cc:7a:bd:8f:e5:d2:3e:fd:
b5:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:ED:9A:FF:2F:42:D1:89:6B:E0:FB:58:8F:53:14:2E:E3:5D:D4:49
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4aa77dd3-124e-4b95-8bd3-8fd6e186613e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.90.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b3:13:1b:18:ab:9f:ce:41:69:b1:a2:9d:aa:40:31:04:8d:dd:
18:b2:6d:b0:70:03:59:95:48:d7:c0:02:52:d7:1d:19:e5:e7:
e0:b1:80:bd:41:ae:08:0a:72:69:11:25:7f:a4:c6:d2:dc:fe:
ed:a2:6b:57:7c:ca:d8:83:4d:42:32:86:a0:d1:8a:0d:29:92:
eb:13:14:d3:e0:d9:76:67:3c:37:cc:6b:55:4e:0e:ef:53:65:
42:c9:11:10:5d:f9:ee:0b:ab:39:4f:41:c7:20:5e:40:11:c5:
41:19:02:52:33:40:90:30:57:15:04:03:2d:94:8d:3c:26:04:
47:44:8f:6c:cd:54:a9:91:66:09:15:ac:1b:3e:a7:27:f1:9e:
a3:01:2d:45:78:29:b7:4f:94:22:b9:ea:f6:56:d0:37:1f:ae:
ab:cd:e5:69:87:86:d7:93:1b:14:5e:2a:72:7b:67:79:fd:dc:
cf:4f:e0:10:69:23:f6:3f:08:a0:d8:dc:16:fc:0e:f8:13:89:
ec:8b:dc:cc:46:ac:6d:ae:a7:08:2b:a6:12:88:fb:92:36:33:
92:93:1e:7b:bc:5d:90:e3:61:9a:b9:8a:a6:bb:7e:26:f0:6f:
9d:d1:d0:72:57:8a:60:d5:52:8f:3f:42:74:d5:e8:8a:75:65:
02:5f:7d:b1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHt/Nth+ngIVGaZiGCKleYxfIyrswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTUwMDAwMDBaFw0yNDEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGMyYmZkOTI4MTZiZGVlYzFjMTg4ZGE0MmFhMWZjNWE1NDNmYzA3MDU4OTk4
NWM4YzI3OGMzNmZiY2ExMDkzMmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALn2xxMJqummTrNjhxuHOcZdKJ26XBGAjs1v54UqkCa0UiCT+XosEB6iiVtQ
xUvwfT7FVHGg/N63dRzGVQmWYrXxfC+Us5aOMf16VaaMMWTm7dF8eUP+KiRO5GhL
Qg57dqeEr1ZuLjZy+6R3o67BV+Q6uQP/S2dr3gVEH/fNHjEcJ2RMBuy0d53nK3N1
0el0/N9/vvWPvhVTehywQf6lxK9uagzck93jRdWEVuEGjTS9cZvRT+ffjaVGDn2U
8zzsE+kWjzYvmUt4RRVfq72pcqvdGVuMBBPwQvsknki4hLw0RFmdvZzhB0c9KdUZ
n/Xb2RDw9Nmwdsx6vY/l0j79tUcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSV7Zr/
L0LRiWvg+1iPUxQu413USTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGFhNzdkZDMtMTI0ZS00Yjk1LThiZDMtOGZkNmUxODY2MTNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNaMA0G
CSqGSIb3DQEBCwUAA4IBAQCzExsYq5/OQWmxop2qQDEEjd0Ysm2wcANZlUjXwAJS
1x0Z5efgsYC9Qa4ICnJpESV/pMbS3P7tomtXfMrYg01CMoag0YoNKZLrExTT4Nl2
Zzw3zGtVTg7vU2VCyREQXfnuC6s5T0HHIF5AEcVBGQJSM0CQMFcVBAMtlI08JgRH
RI9szVSpkWYJFawbPqcn8Z6jAS1FeCm3T5Qiuer2VtA3H66rzeVph4bXkxsUXipy
e2d5/dzPT+AQaSP2Pwig2NwW/A74E4nsi9zMRqxtrqcIK6YSiPuSNjOSkx57vF2Q
42GauYqmu34m8G+d0dByV4pg1VKPP0J01eiKdWUCX32x
-----END CERTIFICATE-----
Generated at Sun Nov 24 21:43:49 2024 by rpki-client on console-ams.rpki-client.org