Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4b3d726c-6d04-451a-8abe-dd2ab0e98314.roa
File: 4b3d726c-6d04-451a-8abe-dd2ab0e98314.roa (raw, json)
Hash identifier: I6Et2zplb2wGjIeIZJXoebEgMg2JrZ6t0le+UuQLEFQ=
Subject key identifier: 5C:FE:E4:0A:0D:EE:B5:3C:0B:5B:9B:3B:E8:17:1F:FF:92:98:FF:7A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6F4A70D78FB3776255492F51DEF4F8494044B42F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4b3d726c-6d04-451a-8abe-dd2ab0e98314.roa
Signing time: Mon 11 Nov 2024 00:00:00 +0000
ROA not before: Mon 11 Nov 2024 00:00:00 +0000
ROA not after: Mon 16 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.70.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:4a:70:d7:8f:b3:77:62:55:49:2f:51:de:f4:f8:49:40:44:b4:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 11 00:00:00 2024 GMT
Not After : Dec 16 23:59:59 2024 GMT
Subject: serialNumber=62f2f4daca88418290b68ef095a1f74e4c48f942377e6086958a752c78925cac, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:56:8a:56:c4:85:86:41:7d:ea:cb:fd:e5:a1:
73:26:96:4e:4d:e1:ce:ff:d8:ee:58:56:25:6a:40:
01:c0:05:dd:30:e6:df:16:32:60:5a:00:fc:09:c5:
d4:b6:35:b2:f0:a5:82:6f:b9:2e:ac:58:ae:db:64:
f5:86:38:a6:42:04:b1:f3:bc:13:65:dd:aa:6e:15:
84:d3:44:0c:a7:2d:a8:45:9c:2d:1f:33:ca:60:08:
1d:d1:61:0b:ba:7b:b1:76:33:5a:d4:7f:76:21:6a:
d5:2c:d2:5e:49:5c:66:4a:7d:cd:3c:1c:83:9d:6f:
ef:81:6b:85:b7:d0:ad:2f:96:3f:08:a1:48:c5:21:
c3:67:24:c9:9b:e8:1b:f4:8a:8e:57:2f:84:44:00:
2d:9f:42:1c:83:97:97:c6:b1:b8:f2:8b:a7:84:42:
26:ea:8d:d2:6a:27:81:e0:d6:6f:a3:be:fc:7b:09:
2a:38:7c:6a:f2:da:0e:45:aa:22:81:45:be:d9:01:
ce:1d:f2:8b:cd:11:ec:5c:34:ed:96:d7:16:2e:50:
0b:84:1b:e8:cd:09:4d:cd:c7:a3:bb:39:78:47:14:
03:67:26:43:ba:ec:21:71:17:d2:9f:f3:b6:4f:0c:
e5:8a:6f:b3:81:d4:3e:6a:83:6d:dd:74:79:55:44:
b5:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:FE:E4:0A:0D:EE:B5:3C:0B:5B:9B:3B:E8:17:1F:FF:92:98:FF:7A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4b3d726c-6d04-451a-8abe-dd2ab0e98314.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.70.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bf:e3:70:2e:b8:3d:4c:fa:ca:c7:e7:b1:ae:8a:3d:2e:ae:5d:
6f:59:e3:14:60:3b:8d:46:ca:07:63:f7:cb:38:4b:cd:94:02:
a6:a8:4c:55:ae:43:8b:f1:ff:97:98:97:d8:b0:97:68:c4:3e:
4d:1e:46:d8:82:b7:c8:30:a1:b3:2e:32:3d:5e:39:01:2d:d1:
de:e3:eb:b9:80:72:09:09:98:22:37:b7:c2:5c:75:93:da:ad:
e8:17:f5:34:18:de:53:d3:28:bf:50:22:3b:9b:cc:59:6c:78:
25:f8:1b:6a:94:4f:74:a1:17:1c:aa:20:a6:10:b3:75:5a:68:
2a:c9:95:3f:3c:27:d9:8e:1e:aa:13:7e:6f:32:63:68:02:f6:
01:61:2e:3f:93:78:8f:3d:ef:aa:e3:a8:8e:2e:99:a7:bb:ad:
ed:1c:a9:87:86:e1:e1:85:c8:5f:4b:d6:b1:31:c1:56:a2:48:
3d:6c:96:ef:4b:3a:67:a1:b6:2f:42:dd:2b:d7:ce:aa:76:c3:
6a:ac:2d:ce:d5:bd:4b:c3:29:09:fa:97:bc:d2:a4:91:24:65:
75:6b:91:5a:15:55:ee:1e:1b:39:d1:24:e1:78:b5:bc:a6:60:
f7:a1:66:ef:04:10:02:bd:e1:ba:c5:f3:c9:6d:b6:80:64:7a:
08:84:57:a3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUb0pw14+zd2JVSS9R3vT4SUBEtC8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTEwMDAwMDBaFw0yNDEyMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyZjJmNGRhY2E4ODQxODI5MGI2OGVmMDk1YTFmNzRlNGM0OGY5NDIzNzdl
NjA4Njk1OGE3NTJjNzg5MjVjYWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOBWilbEhYZBferL/eWhcyaWTk3hzv/Y7lhWJWpAAcAF3TDm3xYyYFoA/AnF
1LY1svClgm+5LqxYrttk9YY4pkIEsfO8E2Xdqm4VhNNEDKctqEWcLR8zymAIHdFh
C7p7sXYzWtR/diFq1SzSXklcZkp9zTwcg51v74FrhbfQrS+WPwihSMUhw2ckyZvo
G/SKjlcvhEQALZ9CHIOXl8axuPKLp4RCJuqN0mongeDWb6O+/HsJKjh8avLaDkWq
IoFFvtkBzh3yi80R7Fw07ZbXFi5QC4Qb6M0JTc3Ho7s5eEcUA2cmQ7rsIXEX0p/z
tk8M5Ypvs4HUPmqDbd10eVVEtUECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRc/uQK
De61PAtbmzvoFx//kpj/ejAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGIzZDcyNmMtNmQwNC00NTFhLThhYmUtZGQyYWIwZTk4MzE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNGMA0G
CSqGSIb3DQEBCwUAA4IBAQC/43AuuD1M+srH57Guij0url1vWeMUYDuNRsoHY/fL
OEvNlAKmqExVrkOL8f+XmJfYsJdoxD5NHkbYgrfIMKGzLjI9XjkBLdHe4+u5gHIJ
CZgiN7fCXHWT2q3oF/U0GN5T0yi/UCI7m8xZbHgl+BtqlE90oRccqiCmELN1Wmgq
yZU/PCfZjh6qE35vMmNoAvYBYS4/k3iPPe+q46iOLpmnu63tHKmHhuHhhchfS9ax
McFWokg9bJbvSzpnobYvQt0r186qdsNqrC3O1b1LwykJ+pe80qSRJGV1a5FaFVXu
Hhs50STheLW8pmD3oWbvBBACveG6xfPJbbaAZHoIhFej
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:28 2024 by rpki-client on console-ams.rpki-client.org