Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5a7af8cb-5cfa-4914-965e-5e6a4b8c16f5.roa
File: 5a7af8cb-5cfa-4914-965e-5e6a4b8c16f5.roa (raw, json)
Hash identifier: gyvrJRGSmSjg6xjte2hg0Yj/xSlXuUJbfD/mxEedR38=
Subject key identifier: 1A:2C:62:49:03:3B:F2:27:CB:E1:46:DF:AB:6E:6D:60:7C:32:76:5A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6366B5EBAD4B136DB0F6771AE33DBBC076670ABE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5a7af8cb-5cfa-4914-965e-5e6a4b8c16f5.roa
Signing time: Wed 06 Nov 2024 00:00:00 +0000
ROA not before: Wed 06 Nov 2024 00:00:00 +0000
ROA not after: Wed 11 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.112.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:66:b5:eb:ad:4b:13:6d:b0:f6:77:1a:e3:3d:bb:c0:76:67:0a:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 6 00:00:00 2024 GMT
Not After : Dec 11 23:59:59 2024 GMT
Subject: serialNumber=8ac320aaecef8919547b04eef8d3a257935d1cb669813305e9776ba8a363338a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:33:9e:bb:14:bd:73:dc:6e:76:cd:44:0f:ac:
5e:73:9a:07:21:88:29:93:62:0c:58:29:c9:df:a4:
10:24:3a:2f:53:6a:1d:a8:23:54:44:9c:01:e2:03:
35:96:74:0f:c9:27:a4:70:9e:29:9b:27:0d:46:36:
31:ed:ae:12:53:dd:26:07:c1:8d:81:6c:b2:e8:29:
c1:e9:34:fb:44:16:54:60:a0:7c:0e:cc:21:a9:d5:
8c:21:a7:15:6f:52:ce:50:b1:35:84:c2:4f:32:9d:
8f:6c:b6:e9:13:c1:f5:b1:67:50:49:77:68:7d:21:
4a:8c:42:c6:c7:a0:30:d9:d9:9a:4b:58:12:70:9f:
d8:d6:af:72:fa:07:5f:f5:d4:51:af:44:73:e2:3b:
84:de:d4:b1:35:21:ef:db:28:0a:74:c5:63:e9:a2:
5f:33:5f:45:0d:67:1c:a1:11:37:12:66:4d:eb:50:
3b:3e:3d:3b:53:80:c8:3b:63:94:93:34:b0:b9:a9:
f9:0c:ab:f7:d9:fd:4a:9a:69:d0:00:8f:93:41:99:
5b:5a:7f:a3:00:e6:4e:d2:39:a8:a5:00:cb:ee:2a:
e5:38:9b:01:6a:4b:39:d7:0d:17:92:24:08:7d:6e:
f1:c1:de:8c:71:3f:08:87:27:49:98:f0:92:0b:28:
5f:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:2C:62:49:03:3B:F2:27:CB:E1:46:DF:AB:6E:6D:60:7C:32:76:5A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5a7af8cb-5cfa-4914-965e-5e6a4b8c16f5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.112.0.0/16
Signature Algorithm: sha256WithRSAEncryption
87:51:42:08:eb:1e:cf:1c:98:b4:1e:42:86:6a:be:a3:b3:e8:
ae:2d:e9:9c:b8:63:ba:c3:cb:7f:26:92:2f:23:6d:1b:8d:ad:
5f:2c:d2:ff:6e:4d:41:3a:fe:8a:3f:7d:2e:8b:43:7a:6c:a7:
37:ea:d7:06:9d:3f:fb:65:77:c3:41:df:01:5a:93:7a:19:94:
80:9e:36:0a:b3:b3:0e:5f:48:ee:59:5a:c9:f0:d1:6e:3d:1b:
81:06:c5:a6:b3:4f:6c:ee:33:6a:6c:24:1c:37:14:3b:22:f3:
7a:1c:44:55:37:c6:fc:a4:9e:c5:a3:a2:aa:aa:20:d0:e1:73:
21:0a:e9:c6:c8:a5:fb:7c:14:ec:a5:37:a4:5d:63:97:41:e2:
71:00:71:3e:d5:8b:4f:fb:ff:25:f8:30:c0:e3:14:c2:7a:fe:
ad:68:da:48:16:d8:aa:aa:cb:65:1e:e1:f0:93:01:ca:6a:27:
b8:1b:47:db:cf:f3:0c:c7:8e:e6:91:40:7f:3b:c8:98:27:8c:
0b:e7:11:bc:b3:a8:0e:a7:f5:d8:07:27:f2:f0:16:06:3e:95:
3f:f7:8b:56:84:53:71:28:3c:ad:6e:b0:3a:10:b0:c8:23:6a:
3d:3d:6d:91:bf:b3:61:16:b4:ef:d0:42:bd:a2:dc:ea:ad:d0:
40:8d:31:64
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUY2a1661LE22w9nca4z27wHZnCr4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDYwMDAwMDBaFw0yNDEyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDhhYzMyMGFhZWNlZjg5MTk1NDdiMDRlZWY4ZDNhMjU3OTM1ZDFjYjY2OTgx
MzMwNWU5Nzc2YmE4YTM2MzMzOGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANAznrsUvXPcbnbNRA+sXnOaByGIKZNiDFgpyd+kECQ6L1NqHagjVEScAeID
NZZ0D8knpHCeKZsnDUY2Me2uElPdJgfBjYFssugpwek0+0QWVGCgfA7MIanVjCGn
FW9SzlCxNYTCTzKdj2y26RPB9bFnUEl3aH0hSoxCxsegMNnZmktYEnCf2NavcvoH
X/XUUa9Ec+I7hN7UsTUh79soCnTFY+miXzNfRQ1nHKERNxJmTetQOz49O1OAyDtj
lJM0sLmp+Qyr99n9Sppp0ACPk0GZW1p/owDmTtI5qKUAy+4q5TibAWpLOdcNF5Ik
CH1u8cHejHE/CIcnSZjwkgsoX3kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQaLGJJ
AzvyJ8vhRt+rbm1gfDJ2WjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWE3YWY4Y2ItNWNmYS00OTE0LTk2NWUtNWU2YTRiOGMxNmY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNwMA0G
CSqGSIb3DQEBCwUAA4IBAQCHUUII6x7PHJi0HkKGar6js+iuLemcuGO6w8t/JpIv
I20bja1fLNL/bk1BOv6KP30ui0N6bKc36tcGnT/7ZXfDQd8BWpN6GZSAnjYKs7MO
X0juWVrJ8NFuPRuBBsWms09s7jNqbCQcNxQ7IvN6HERVN8b8pJ7Fo6KqqiDQ4XMh
CunGyKX7fBTspTekXWOXQeJxAHE+1YtP+/8l+DDA4xTCev6taNpIFtiqqstlHuHw
kwHKaie4G0fbz/MMx47mkUB/O8iYJ4wL5xG8s6gOp/XYByfy8BYGPpU/94tWhFNx
KDytbrA6ELDII2o9PW2Rv7NhFrTv0EK9otzqrdBAjTFk
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org