Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ef486c0-6b15-429e-8b56-5fb5bc9490e4.roa
File: 5ef486c0-6b15-429e-8b56-5fb5bc9490e4.roa (raw, json)
Hash identifier: jKKaYhJ+Jc5eQxXoHzo075/I+1LB3IO7oaACpVcxKxw=
Subject key identifier: 0C:53:EB:37:D1:0F:7A:AF:B5:08:12:8D:6A:D2:EC:14:CB:92:4B:39
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3A44D1982C15AF91D8E23920BC17D23F93DADF40
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ef486c0-6b15-429e-8b56-5fb5bc9490e4.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 2a11:47c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:44:d1:98:2c:15:af:91:d8:e2:39:20:bc:17:d2:3f:93:da:df:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=75e836454846e26f17655ba32b06e7a0954e51d4269313c92f08fce82ef0336f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:00:3d:da:9f:20:7d:e8:ac:27:83:ff:d4:b1:
a2:2a:fd:0e:e2:5d:fd:d9:0c:47:df:46:93:6e:d8:
8d:28:6f:80:2a:c3:de:83:f9:4b:a9:d6:d6:e4:46:
9a:51:a2:a0:f6:08:b4:60:ca:12:1a:5f:c1:e4:ee:
38:0d:02:19:25:cb:c4:cf:ba:aa:e4:23:9a:01:c1:
f9:cb:59:fa:3c:4b:c9:e5:a4:25:99:41:3b:f2:b1:
0d:da:3e:70:99:a9:8d:ee:50:ad:2c:2c:cc:12:81:
45:db:db:8d:33:a1:da:e4:21:ef:a0:96:4b:4f:6a:
72:f4:c5:88:86:78:72:df:92:bc:99:90:4c:9d:21:
72:6f:12:e4:9b:d5:a6:91:a1:96:44:b4:7f:ce:c3:
4a:4f:b3:00:23:72:c9:a6:59:a2:8d:86:e3:fe:48:
38:a5:90:1e:56:ce:6b:b0:0f:ef:dd:40:04:48:6b:
c4:d4:1a:0f:a3:d0:10:7d:58:a5:a9:b5:e6:d2:51:
7e:4b:f9:04:0a:3e:62:95:fa:11:87:98:b3:07:4a:
31:c9:f6:e0:73:d3:3d:d2:3e:31:ea:40:9f:5b:b8:
38:de:ab:58:f4:2a:b9:c2:c2:d7:12:94:65:fe:eb:
6a:69:e4:b6:bb:07:44:b6:d5:6e:46:7e:23:7f:e9:
12:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:53:EB:37:D1:0F:7A:AF:B5:08:12:8D:6A:D2:EC:14:CB:92:4B:39
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ef486c0-6b15-429e-8b56-5fb5bc9490e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:47c0::/29
Signature Algorithm: sha256WithRSAEncryption
3c:74:0c:93:b8:3a:10:a7:03:9b:e7:10:9b:8f:58:5a:6f:27:
d5:d0:b5:ae:33:cf:88:de:03:99:87:11:a1:4a:aa:aa:59:52:
7f:b0:b4:e9:1c:b3:06:b6:53:78:a4:2b:ea:88:57:ae:2a:df:
a1:12:b1:22:27:a3:de:d3:b4:0f:3c:0c:a7:50:15:ce:79:c0:
0a:52:25:b6:c5:74:e8:d9:26:04:8d:e5:91:97:21:a1:81:f1:
74:26:17:b4:5c:d4:c1:de:bb:a7:24:e5:6a:70:1d:65:2f:71:
91:32:ca:28:41:4c:3d:33:47:6c:42:cc:31:71:a6:5d:2f:44:
be:5b:4f:b1:a6:69:23:b1:2c:f3:6d:76:c4:64:42:c3:db:4a:
a4:73:3d:f1:fa:b7:39:3e:3c:11:9e:f1:20:e0:b8:88:6e:a9:
73:9b:de:b7:88:f9:e2:c7:43:f5:6a:87:55:35:d4:6b:78:fc:
52:52:6c:74:b1:87:af:34:07:22:e1:97:34:60:b9:dc:dc:f1:
76:f4:b4:ea:6f:8f:c1:da:64:85:2b:c3:21:db:fd:cb:11:a8:
ea:b2:59:cd:ce:c7:ad:32:8d:a8:9a:35:75:d4:60:b9:42:ba:
0c:a0:7f:8e:3f:97:ac:1a:38:38:00:cf:b1:7d:78:66:7a:6f:
8c:7a:4f:1c
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUOkTRmCwVr5HY4jkgvBfSP5Pa30AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDc1ZTgzNjQ1NDg0NmUyNmYxNzY1NWJhMzJiMDZlN2EwOTU0ZTUxZDQyNjkz
MTNjOTJmMDhmY2U4MmVmMDMzNmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMQAPdqfIH3orCeD/9Sxoir9DuJd/dkMR99Gk27YjShvgCrD3oP5S6nW1uRG
mlGioPYItGDKEhpfweTuOA0CGSXLxM+6quQjmgHB+ctZ+jxLyeWkJZlBO/KxDdo+
cJmpje5QrSwszBKBRdvbjTOh2uQh76CWS09qcvTFiIZ4ct+SvJmQTJ0hcm8S5JvV
ppGhlkS0f87DSk+zACNyyaZZoo2G4/5IOKWQHlbOa7AP791ABEhrxNQaD6PQEH1Y
pam15tJRfkv5BAo+YpX6EYeYswdKMcn24HPTPdI+MepAn1u4ON6rWPQqucLC1xKU
Zf7ramnktrsHRLbVbkZ+I3/pEpcCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQMU+s3
0Q96r7UIEo1q0uwUy5JLOTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWVmNDg2YzAtNmIxNS00MjllLThiNTYtNWZiNWJjOTQ5MGU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoRR8Aw
DQYJKoZIhvcNAQELBQADggEBADx0DJO4OhCnA5vnEJuPWFpvJ9XQta4zz4jeA5mH
EaFKqqpZUn+wtOkcswa2U3ikK+qIV64q36ESsSIno97TtA88DKdQFc55wApSJbbF
dOjZJgSN5ZGXIaGB8XQmF7Rc1MHeu6ck5WpwHWUvcZEyyihBTD0zR2xCzDFxpl0v
RL5bT7GmaSOxLPNtdsRkQsPbSqRzPfH6tzk+PBGe8SDguIhuqXOb3reI+eLHQ/Vq
h1U11Gt4/FJSbHSxh680ByLhlzRgudzc8Xb0tOpvj8HaZIUrwyHb/csRqOqyWc3O
x60yjaiaNXXUYLlCugygf44/l6waODgAz7F9eGZ6b4x6Txw=
-----END CERTIFICATE-----
Generated at Sun Nov 24 21:43:50 2024 by rpki-client on console-ams.rpki-client.org