Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4f5ffdac-d36c-4a69-b456-6de77be3057a.roa
File: 4f5ffdac-d36c-4a69-b456-6de77be3057a.roa (raw, json)
Hash identifier: 4kl5AbwAL8PbR7zYy+zGeCkB7ATDKI6rxAgZyssIT8w=
Subject key identifier: AF:4A:80:17:5C:11:29:C4:8B:7A:41:2E:73:BE:03:46:9D:FD:90:5A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0F5FA6A8596A9DB4CAD3518F7188EAE8FF226AFF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4f5ffdac-d36c-4a69-b456-6de77be3057a.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.228.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:5f:a6:a8:59:6a:9d:b4:ca:d3:51:8f:71:88:ea:e8:ff:22:6a:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=419982884b0bdfddf758165e1fa3ddd4e850e72520b8150dffc0ca055c8b1398, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d8:60:56:40:1a:e9:9d:ed:0a:88:81:fa:66:
17:bb:9c:88:4e:ac:81:61:d1:73:f4:d0:e9:e4:1c:
99:31:fc:23:df:cd:4f:6f:60:a7:7a:b5:1b:20:4d:
5b:53:71:08:29:14:1d:30:b6:b4:6a:5f:db:d6:d1:
3b:55:8a:a1:15:ac:04:a2:bf:d0:57:39:53:1e:b3:
1a:59:b8:12:37:ab:8a:da:2b:28:58:46:bc:35:4a:
29:6a:25:ee:76:80:6e:e3:92:2b:3c:02:78:a9:5d:
ad:90:a7:55:b8:ee:4c:56:ad:c6:e6:b3:a5:d5:66:
ca:62:23:e4:4e:58:f3:46:31:83:11:d0:af:a6:c8:
31:5d:a7:df:1e:4e:1a:78:22:3b:f0:bf:a6:49:f1:
09:10:7b:79:a1:66:2d:9f:c3:45:6d:76:dd:5f:7f:
42:b8:cb:c1:40:84:cd:22:b3:e5:5c:62:27:d4:4b:
fe:ad:3a:54:56:07:b9:06:3b:69:d4:ca:0a:33:3b:
16:a2:d2:35:a0:ce:62:75:ca:41:1c:dd:8c:7f:76:
58:6a:39:74:c8:b3:c4:9f:89:78:96:10:46:3e:02:
53:ea:a6:b9:02:ea:a2:2b:a7:7b:80:e3:97:99:27:
71:d2:38:ba:25:77:61:66:9c:75:72:fb:38:23:85:
aa:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:4A:80:17:5C:11:29:C4:8B:7A:41:2E:73:BE:03:46:9D:FD:90:5A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4f5ffdac-d36c-4a69-b456-6de77be3057a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.228.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b1:b5:74:63:61:b3:00:fe:14:e1:a6:dc:34:70:6e:2b:0d:40:
fa:d3:4c:9a:8e:62:25:97:61:ca:e6:cd:d3:ad:cd:90:b4:fc:
5f:04:d5:56:3c:64:c6:b6:db:0f:b7:c9:7a:1f:e0:94:8e:24:
4a:31:59:f7:d6:8f:a3:15:3f:5f:d2:51:13:06:bd:ff:3e:76:
16:78:6c:1a:bf:d5:1a:e5:95:82:c7:78:cc:34:6f:79:be:60:
e6:f9:e2:2d:88:a0:b1:74:7a:69:26:32:24:ee:1f:64:80:be:
74:cd:bf:07:76:2f:39:1e:26:1c:68:a5:77:b0:67:bf:39:f9:
6c:0d:8c:88:3c:ad:1d:b5:44:7b:00:9d:3a:6b:47:a6:b5:58:
dc:84:fd:44:98:c9:8c:96:b5:ba:54:45:47:56:1f:bb:02:64:
35:c6:63:93:b5:24:e8:08:62:1d:93:68:cc:4a:14:4a:7e:03:
5e:5b:50:21:2f:9b:67:f3:68:2a:2e:a4:27:19:74:ac:33:e3:
6e:d7:ba:0e:ae:61:15:ab:51:35:24:db:7e:55:8b:73:7e:9c:
9a:53:bc:a7:e1:3f:01:38:91:d9:1b:42:34:af:93:dc:67:ea:
91:d8:c0:18:fc:e5:56:10:6b:05:f4:ad:e7:07:79:8f:f7:d8:
91:7c:f1:ca
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUD1+mqFlqnbTK01GPcYjq6P8iav8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDQxOTk4Mjg4NGIwYmRmZGRmNzU4MTY1ZTFmYTNkZGQ0ZTg1MGU3MjUyMGI4
MTUwZGZmYzBjYTA1NWM4YjEzOTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKjYYFZAGumd7QqIgfpmF7uciE6sgWHRc/TQ6eQcmTH8I9/NT29gp3q1GyBN
W1NxCCkUHTC2tGpf29bRO1WKoRWsBKK/0Fc5Ux6zGlm4EjeritorKFhGvDVKKWol
7naAbuOSKzwCeKldrZCnVbjuTFatxuazpdVmymIj5E5Y80YxgxHQr6bIMV2n3x5O
GngiO/C/pknxCRB7eaFmLZ/DRW123V9/QrjLwUCEzSKz5VxiJ9RL/q06VFYHuQY7
adTKCjM7FqLSNaDOYnXKQRzdjH92WGo5dMizxJ+JeJYQRj4CU+qmuQLqoiune4Dj
l5kncdI4uiV3YWacdXL7OCOFqnMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSvSoAX
XBEpxIt6QS5zvgNGnf2QWjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGY1ZmZkYWMtZDM2Yy00YTY5LWI0NTYtNmRlNzdiZTMwNTdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPkMA0G
CSqGSIb3DQEBCwUAA4IBAQCxtXRjYbMA/hThptw0cG4rDUD600yajmIll2HK5s3T
rc2QtPxfBNVWPGTGttsPt8l6H+CUjiRKMVn31o+jFT9f0lETBr3/PnYWeGwav9Ua
5ZWCx3jMNG95vmDm+eItiKCxdHppJjIk7h9kgL50zb8Hdi85HiYcaKV3sGe/Ofls
DYyIPK0dtUR7AJ06a0emtVjchP1EmMmMlrW6VEVHVh+7AmQ1xmOTtSToCGIdk2jM
ShRKfgNeW1AhL5tn82gqLqQnGXSsM+Nu17oOrmEVq1E1JNt+VYtzfpyaU7yn4T8B
OJHZG0I0r5PcZ+qR2MAY/OVWEGsF9K3nB3mP99iRfPHK
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:28 2024 by rpki-client on console-ams.rpki-client.org