Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4c110694-386d-49d5-9883-bd1723f43820.roa
File: 4c110694-386d-49d5-9883-bd1723f43820.roa (raw, json)
Hash identifier: LKPMw3WQsxE4ZzuDbD2sf27Qz1R+vIYLUpz0TpMGBnw=
Subject key identifier: 51:D0:CC:02:42:58:75:EF:7E:76:EC:E8:79:02:21:B0:CD:BA:7F:62
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6BB032381496B80FE2972BE64FEC204C7747DE7D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4c110694-386d-49d5-9883-bd1723f43820.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.212.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:b0:32:38:14:96:b8:0f:e2:97:2b:e6:4f:ec:20:4c:77:47:de:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=42d02327fd01d73840c0c0740c5346e7580904db3379b847e573d268ef81b5eb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:45:95:1d:92:09:71:12:1c:6c:37:6e:db:56:
25:7b:bb:5a:95:a5:0b:e4:5f:3b:92:8c:c8:52:8a:
44:57:79:3e:b8:0e:8b:3f:eb:c8:84:4d:33:ed:6e:
1e:d3:50:74:b6:23:26:ca:39:4d:c2:4e:4f:32:49:
a3:1c:98:f9:8d:df:2f:12:85:06:a3:ad:da:8f:c2:
ab:57:7f:4b:d8:67:d8:da:06:12:e4:e2:38:cd:3b:
51:4e:e5:54:e8:94:fc:20:ae:92:35:1e:a4:6d:57:
4f:9d:6e:da:cb:75:9b:dc:bb:90:a7:0d:f7:86:3a:
d8:41:5d:d8:ef:5d:d5:e9:c8:45:49:0a:31:05:39:
9c:d3:96:fe:a1:e3:1e:14:8f:71:58:9a:7c:08:05:
ba:37:c9:4c:40:c8:fe:f4:f4:63:04:cf:af:c9:75:
e4:47:52:fe:99:64:c3:a6:34:d9:e4:ae:32:cb:fa:
a1:3d:2e:c7:b5:86:cd:fc:08:8a:3d:33:b6:e4:87:
af:4b:e2:04:65:da:1b:88:8a:ff:d5:f4:0d:2f:5f:
2f:09:e6:35:22:8f:9a:a5:04:9b:3f:af:b2:da:9d:
1c:83:a5:99:ae:f8:2d:ab:78:96:a2:67:60:63:53:
1b:b1:ee:e9:d6:bf:a2:40:b2:9e:e5:3a:05:27:7a:
89:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:D0:CC:02:42:58:75:EF:7E:76:EC:E8:79:02:21:B0:CD:BA:7F:62
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4c110694-386d-49d5-9883-bd1723f43820.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.212.0.0/15
Signature Algorithm: sha256WithRSAEncryption
4b:68:04:74:e9:ce:01:44:5c:d6:21:53:b1:60:54:39:fb:eb:
a3:e4:43:aa:01:a0:9e:be:f2:7a:29:3c:d5:1b:4e:a7:4a:c8:
25:33:2b:f6:26:6d:fb:53:db:5e:86:de:71:b6:5f:51:ab:af:
87:03:8a:48:50:23:6a:b4:d4:74:98:d1:56:86:5a:e8:0b:34:
b8:c9:55:ce:a8:0a:c4:44:7c:d9:46:f4:9d:f2:93:c0:07:52:
4d:47:b2:73:3e:b9:87:82:8a:18:92:c3:8b:33:1e:04:5c:53:
03:30:ef:dd:6b:5f:11:63:77:57:80:c2:01:b5:79:0b:93:38:
24:93:77:0a:e7:d2:19:d4:ae:9e:1a:ff:d3:d2:ec:27:c5:5d:
f5:6f:16:bd:74:be:f6:67:12:c0:a8:91:9b:44:43:77:77:86:
b8:7b:a9:43:8e:79:10:8e:bc:6e:06:ba:07:95:1a:f6:b4:73:
a8:29:b4:04:f7:2f:8f:c1:29:64:85:4d:36:34:59:d6:af:7b:
d7:57:6a:57:28:1f:3e:4f:9b:8d:b4:3d:9e:f9:f6:0d:8c:bc:
ec:94:42:7b:72:76:b6:97:2b:d4:0e:6b:ba:50:c4:dd:95:13:
1f:83:d4:19:42:64:47:42:29:65:f9:df:c1:3f:2e:20:5b:21:
b4:ef:76:4e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUa7AyOBSWuA/ilyvmT+wgTHdH3n0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDQyZDAyMzI3ZmQwMWQ3Mzg0MGMwYzA3NDBjNTM0NmU3NTgwOTA0ZGIzMzc5
Yjg0N2U1NzNkMjY4ZWY4MWI1ZWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ1FlR2SCXESHGw3bttWJXu7WpWlC+RfO5KMyFKKRFd5PrgOiz/ryIRNM+1u
HtNQdLYjJso5TcJOTzJJoxyY+Y3fLxKFBqOt2o/Cq1d/S9hn2NoGEuTiOM07UU7l
VOiU/CCukjUepG1XT51u2st1m9y7kKcN94Y62EFd2O9d1enIRUkKMQU5nNOW/qHj
HhSPcViafAgFujfJTEDI/vT0YwTPr8l15EdS/plkw6Y02eSuMsv6oT0ux7WGzfwI
ij0ztuSHr0viBGXaG4iK/9X0DS9fLwnmNSKPmqUEmz+vstqdHIOlma74Lat4lqJn
YGNTG7Hu6da/okCynuU6BSd6iY0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRR0MwC
Qlh173527Oh5AiGwzbp/YjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGMxMTA2OTQtMzg2ZC00OWQ1LTk4ODMtYmQxNzIzZjQzODIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPUMA0G
CSqGSIb3DQEBCwUAA4IBAQBLaAR06c4BRFzWIVOxYFQ5++uj5EOqAaCevvJ6KTzV
G06nSsglMyv2Jm37U9teht5xtl9Rq6+HA4pIUCNqtNR0mNFWhlroCzS4yVXOqArE
RHzZRvSd8pPAB1JNR7JzPrmHgooYksOLMx4EXFMDMO/da18RY3dXgMIBtXkLkzgk
k3cK59IZ1K6eGv/T0uwnxV31bxa9dL72ZxLAqJGbREN3d4a4e6lDjnkQjrxuBroH
lRr2tHOoKbQE9y+PwSlkhU02NFnWr3vXV2pXKB8+T5uNtD2e+fYNjLzslEJ7cna2
lyvUDmu6UMTdlRMfg9QZQmRHQill+d/BPy4gWyG073ZO
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:28 2024 by rpki-client on console-ams.rpki-client.org