Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/582a854d-4985-4bca-ae2a-4cc422726702.roa
File: 582a854d-4985-4bca-ae2a-4cc422726702.roa (raw, json)
Hash identifier: Xw8kSd6ecJsJ67pDCSSE6/IvVFWMobmb/rQWM2ZNWzs=
Subject key identifier: CC:B0:F7:0B:6A:55:DF:F3:C4:56:65:FC:54:31:6C:82:03:DF:01:95
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4657F33CC046BD1DB6813B16A06D0761CEB57068
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/582a854d-4985-4bca-ae2a-4cc422726702.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.40.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:57:f3:3c:c0:46:bd:1d:b6:81:3b:16:a0:6d:07:61:ce:b5:70:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=594f766bfc6e65e1e83119775c85e2ecb372bd3e6045d8e5bee4fdd25d70513d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:08:11:bb:66:71:ac:4f:e4:c2:63:9b:cf:7f:
e7:9e:cc:98:23:ca:b8:41:45:21:b1:c5:47:2e:b2:
da:bd:bb:62:56:5b:ee:a1:1a:7f:9c:57:3f:4a:3a:
38:e8:85:7f:5b:f6:35:f7:6f:0d:d1:0d:15:1a:8a:
0a:88:1e:6f:ec:b8:64:ff:2f:3c:fa:ab:3f:df:91:
04:dd:c0:d3:74:a9:63:bd:69:22:d1:88:42:50:22:
4c:be:28:8f:97:b2:cf:4f:03:3e:63:b8:83:cc:6f:
61:cc:d3:ee:7a:f8:b7:6a:9f:d5:32:31:fc:db:c8:
a7:07:74:30:8e:13:17:e2:5c:48:b8:2c:6f:6a:10:
37:51:ca:74:63:b9:fe:af:1e:4a:9d:51:0d:c4:4f:
e0:fa:01:8f:19:15:92:6c:ae:96:9e:43:fd:ee:de:
42:6f:ac:fe:6f:0a:cd:f1:c2:c0:51:46:02:a1:0d:
2b:60:52:ad:96:9f:3c:2d:d6:23:dc:bc:8e:3a:43:
bd:eb:9b:cf:32:b1:77:0c:40:e9:a2:a5:0a:4f:16:
84:bb:0e:f1:fa:e3:e4:a6:ea:ad:15:56:34:f5:32:
3c:ee:ad:f8:fa:81:c8:a4:01:18:68:92:37:bb:cc:
c2:b1:75:05:6f:ce:73:90:e0:3f:d3:ad:7c:69:ac:
aa:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:B0:F7:0B:6A:55:DF:F3:C4:56:65:FC:54:31:6C:82:03:DF:01:95
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/582a854d-4985-4bca-ae2a-4cc422726702.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.40.0.0/16
Signature Algorithm: sha256WithRSAEncryption
83:8c:7b:c1:66:91:0a:28:0a:ef:98:31:ca:7b:99:2c:b7:38:
d8:fe:00:6e:ca:da:e2:52:48:a3:68:fa:bb:47:ad:b9:96:5d:
59:b7:ee:15:e9:71:da:7a:fc:c9:68:80:c6:38:dd:1f:6a:83:
5a:ea:3e:01:58:23:31:ce:6c:5b:4b:08:c9:b4:c6:69:fb:fb:
20:62:5d:de:28:e7:28:48:cf:ce:55:6d:f1:27:1f:cf:20:41:
09:a5:1a:be:c4:ce:5e:44:c5:5a:de:62:48:d0:21:0e:15:97:
a5:a6:48:f9:ea:5a:9b:32:5e:df:9b:06:64:14:2e:65:e4:8b:
69:09:ec:de:71:75:36:8a:91:0e:37:d6:e3:27:3f:12:b7:82:
6f:e7:22:9e:18:2f:86:ff:4c:4d:58:9b:8a:cd:b3:33:23:a8:
88:0f:8b:ce:ff:b0:49:4f:25:eb:81:0a:2d:21:69:e4:59:ad:
07:cc:da:be:3f:55:c1:60:26:42:a0:3f:b5:99:c6:2c:43:68:
12:64:2c:cc:c5:79:58:93:8f:a5:2c:d2:b1:f6:40:17:f8:9a:
0c:99:67:63:bd:73:35:71:f9:e8:cd:cc:48:75:db:a6:92:63:
d6:a6:11:07:55:df:46:e7:f0:ab:83:68:80:31:c4:90:16:dc:
4b:d1:7f:05
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIURlfzPMBGvR22gTsWoG0HYc61cGgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5NGY3NjZiZmM2ZTY1ZTFlODMxMTk3NzVjODVlMmVjYjM3MmJkM2U2MDQ1
ZDhlNWJlZTRmZGQyNWQ3MDUxM2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJkIEbtmcaxP5MJjm89/557MmCPKuEFFIbHFRy6y2r27YlZb7qEaf5xXP0o6
OOiFf1v2NfdvDdENFRqKCogeb+y4ZP8vPPqrP9+RBN3A03SpY71pItGIQlAiTL4o
j5eyz08DPmO4g8xvYczT7nr4t2qf1TIx/NvIpwd0MI4TF+JcSLgsb2oQN1HKdGO5
/q8eSp1RDcRP4PoBjxkVkmyulp5D/e7eQm+s/m8KzfHCwFFGAqENK2BSrZafPC3W
I9y8jjpDveubzzKxdwxA6aKlCk8WhLsO8frj5KbqrRVWNPUyPO6t+PqByKQBGGiS
N7vMwrF1BW/Oc5DgP9OtfGmsqm0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTMsPcL
alXf88RWZfxUMWyCA98BlTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTgyYTg1NGQtNDk4NS00YmNhLWFlMmEtNGNjNDIyNzI2NzAyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMoMA0G
CSqGSIb3DQEBCwUAA4IBAQCDjHvBZpEKKArvmDHKe5kstzjY/gBuytriUkijaPq7
R625ll1Zt+4V6XHaevzJaIDGON0faoNa6j4BWCMxzmxbSwjJtMZp+/sgYl3eKOco
SM/OVW3xJx/PIEEJpRq+xM5eRMVa3mJI0CEOFZelpkj56lqbMl7fmwZkFC5l5Itp
CezecXU2ipEON9bjJz8St4Jv5yKeGC+G/0xNWJuKzbMzI6iID4vO/7BJTyXrgQot
IWnkWa0HzNq+P1XBYCZCoD+1mcYsQ2gSZCzMxXlYk4+lLNKx9kAX+JoMmWdjvXM1
cfnozcxIddumkmPWphEHVd9G5/Crg2iAMcSQFtxL0X8F
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:30 2024 by rpki-client on console-ams.rpki-client.org