Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
File: 4eb66819-e335-446d-8ca8-7436f3cd196d.roa (raw, json)
Hash identifier: MboclgghYT7QyCs6msGaGpoaI37GmLHHbZIsZnn5Ot0=
Subject key identifier: EA:8A:FA:F2:AD:01:1E:33:20:E6:D5:35:08:95:9A:DB:A7:14:AE:D8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 076C9B2640F160E325D64706BF1EFF5DC2DDBCAF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 143.65.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:6c:9b:26:40:f1:60:e3:25:d6:47:06:bf:1e:ff:5d:c2:dd:bc:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=af524a733959485a9bb88916f941e4dbd4a40c6da526da8d30a7dee5f9995a6e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:e0:5a:3e:a4:ad:ce:3e:52:b9:79:71:29:af:
f4:a7:24:7e:38:95:ca:2b:89:88:1b:33:6f:0a:4c:
0b:9a:61:b7:0d:7d:7b:38:d6:2c:db:36:73:ee:43:
77:97:40:f0:68:81:69:10:1b:8e:3f:74:82:a3:9e:
9d:de:b6:c8:e0:e4:ec:93:ed:e7:b1:28:2f:dd:42:
11:8f:f6:a8:a3:b0:0a:81:50:67:17:22:67:e4:e2:
58:6a:11:36:fa:56:7b:00:14:73:25:09:ab:94:73:
de:dd:58:57:29:4d:4f:61:ff:a7:92:dc:ca:f7:ce:
09:f5:67:f6:ad:df:21:7e:a5:df:15:c0:36:a9:81:
8c:70:3a:53:64:a2:2d:cd:5a:e1:9f:09:62:c1:7d:
37:f5:ed:7a:57:02:92:44:95:1b:9a:c6:f5:e9:b8:
1d:0c:ca:fc:59:a7:5b:c1:a7:67:e1:3f:91:8f:d7:
39:bd:e4:84:f2:8f:96:66:23:5a:4e:ca:11:cc:05:
74:04:52:ca:42:c1:d3:b9:43:8d:1a:ef:a0:56:d0:
8f:72:09:93:32:3b:a8:85:0b:2f:29:c5:10:18:13:
44:68:32:4f:2e:c7:c6:45:ea:8a:38:86:bb:35:12:
96:56:d0:1e:d5:b2:6a:9d:91:7c:c9:f4:1d:33:9e:
53:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:8A:FA:F2:AD:01:1E:33:20:E6:D5:35:08:95:9A:DB:A7:14:AE:D8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.128.0/18
Signature Algorithm: sha256WithRSAEncryption
80:b6:d2:1d:61:7e:ec:10:2e:79:69:5e:5e:ce:60:b4:27:09:
c6:0d:4a:7b:75:20:b1:a5:d0:53:97:60:79:41:d6:d8:92:8a:
83:ce:60:cf:58:36:ec:90:0e:0a:8f:f4:45:e6:e1:07:91:a6:
0c:94:60:ef:41:d2:83:da:db:0e:f5:4b:59:c0:97:d5:38:09:
13:d1:1b:ca:cb:6c:bf:7e:1a:77:35:ef:6e:af:c6:84:2f:75:
4b:00:7f:33:d4:44:12:69:79:05:32:d6:00:22:13:c7:19:4a:
96:b1:8c:e2:b5:5d:06:79:48:2f:fc:9f:0d:dc:cd:4c:41:ca:
27:80:8b:8d:e5:99:5e:6c:07:9f:39:28:6c:b2:d7:fd:dc:27:
c5:d5:cb:cd:09:57:f2:13:88:06:ce:75:dd:4f:a2:97:d5:30:
e4:26:30:11:9d:53:16:7a:6b:eb:84:a1:5f:f5:85:bc:fa:16:
06:24:3e:dd:bf:6c:83:03:d0:81:a7:ad:6c:c2:0d:f5:07:e5:
71:6d:1c:5b:10:6f:1d:92:18:9a:7e:f6:83:e2:72:14:38:34:
93:bd:6a:5c:65:75:62:75:03:2e:47:6d:9a:c1:b1:23:a7:56:
e2:3f:0f:dc:19:62:e4:cc:4e:3d:e1:06:ec:7d:c0:cc:1d:ec:
b1:53:04:a7
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUB2ybJkDxYOMl1kcGvx7/XcLdvK8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmNTI0YTczMzk1OTQ4NWE5YmI4ODkxNmY5NDFlNGRiZDRhNDBjNmRhNTI2
ZGE4ZDMwYTdkZWU1Zjk5OTVhNmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAODgWj6krc4+Url5cSmv9KckfjiVyiuJiBszbwpMC5phtw19ezjWLNs2c+5D
d5dA8GiBaRAbjj90gqOend62yODk7JPt57EoL91CEY/2qKOwCoFQZxciZ+TiWGoR
NvpWewAUcyUJq5Rz3t1YVylNT2H/p5LcyvfOCfVn9q3fIX6l3xXANqmBjHA6U2Si
Lc1a4Z8JYsF9N/XtelcCkkSVG5rG9em4HQzK/FmnW8GnZ+E/kY/XOb3khPKPlmYj
Wk7KEcwFdARSykLB07lDjRrvoFbQj3IJkzI7qIULLynFEBgTRGgyTy7HxkXqijiG
uzUSllbQHtWyap2RfMn0HTOeU5sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTqivry
rQEeMyDm1TUIlZrbpxSu2DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGViNjY4MTktZTMzNS00NDZkLThjYTgtNzQzNmYzY2QxOTZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBo9BgDAN
BgkqhkiG9w0BAQsFAAOCAQEAgLbSHWF+7BAueWleXs5gtCcJxg1Ke3UgsaXQU5dg
eUHW2JKKg85gz1g27JAOCo/0RebhB5GmDJRg70HSg9rbDvVLWcCX1TgJE9Ebysts
v34adzXvbq/GhC91SwB/M9REEml5BTLWACITxxlKlrGM4rVdBnlIL/yfDdzNTEHK
J4CLjeWZXmwHnzkobLLX/dwnxdXLzQlX8hOIBs513U+il9Uw5CYwEZ1TFnpr64Sh
X/WFvPoWBiQ+3b9sgwPQgaetbMIN9QflcW0cWxBvHZIYmn72g+JyFDg0k71qXGV1
YnUDLkdtmsGxI6dW4j8P3Bli5MxOPeEG7H3AzB3ssVMEpw==
-----END CERTIFICATE-----
Generated at Sun Nov 24 21:43:49 2024 by rpki-client on console-ams.rpki-client.org