Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6b8f6f39-f637-434c-84f1-a8371e897703.roa
File: 6b8f6f39-f637-434c-84f1-a8371e897703.roa (raw, json)
Hash identifier: v36TqWHXLCqSOaohAgiY4CTjsxZ1437E5BhhaCd8t18=
Subject key identifier: CA:C4:94:40:41:BD:B0:3E:AF:F0:84:1B:8E:6E:41:7B:A1:BB:30:6C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 68E24FA03A22A658CE1B40EFE1C9A32A19BAD766
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6b8f6f39-f637-434c-84f1-a8371e897703.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.129.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:e2:4f:a0:3a:22:a6:58:ce:1b:40:ef:e1:c9:a3:2a:19:ba:d7:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=fc9d54b1aedd6f7c9a01f747f5f483117704f5f59779df166dff038e7606e803, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:bd:77:a6:22:c0:f9:09:83:14:28:61:c6:0a:
53:64:7e:93:a5:82:44:90:2a:2d:d0:7f:cc:5a:a9:
fd:27:f6:82:b9:90:8a:c7:10:bc:36:56:5b:94:fb:
33:cd:fb:9b:56:ae:ff:5d:33:75:b0:b6:f8:38:6b:
a5:30:c8:b0:be:f9:5f:68:13:05:39:da:0b:24:2b:
0b:94:45:3f:b3:4d:18:69:c9:ca:70:40:07:68:dc:
bc:e0:50:ce:ab:8c:f5:8e:7b:f8:e0:1e:37:e5:46:
dd:e2:c8:af:57:1f:4d:95:3d:13:1d:a2:99:90:3c:
fb:a0:72:a3:aa:11:9d:29:e6:9f:b2:96:80:0b:dd:
2f:ea:b6:f1:b4:43:4b:d1:23:f1:e1:03:9e:4a:0d:
af:e5:a8:0d:69:8b:54:72:8d:69:35:18:3c:92:2f:
21:2d:c7:ca:8b:91:48:5a:9f:55:27:03:51:63:b7:
06:06:6e:4c:ad:e9:7c:ce:32:3f:7c:3c:92:d3:09:
6d:cf:11:91:78:9c:5d:98:43:d1:88:17:49:1f:4e:
d9:ed:42:66:9d:0e:0d:cf:aa:15:97:43:7d:90:23:
2b:ba:d1:fd:e8:32:5e:1c:cb:b7:9f:24:0f:19:2f:
36:9f:20:ce:e9:f2:04:a1:56:16:a1:20:a2:b4:34:
40:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:C4:94:40:41:BD:B0:3E:AF:F0:84:1B:8E:6E:41:7B:A1:BB:30:6C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6b8f6f39-f637-434c-84f1-a8371e897703.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c7:e1:b0:09:37:90:27:4e:5a:bf:ca:3f:c6:b1:58:1f:8a:1f:
55:c8:c2:95:e2:dc:6e:41:ce:ef:a7:d6:81:11:9f:d8:7c:57:
f9:25:98:9a:4f:1a:3f:be:ae:7a:87:8e:53:5b:6e:dc:eb:5a:
8f:ad:34:ce:7c:67:52:22:90:ce:87:ec:82:09:1d:1e:0e:d4:
f1:39:2e:31:7c:b6:ff:94:29:5c:b6:ee:30:bd:53:c9:0b:80:
1e:87:c3:12:bb:4b:0a:d0:15:91:22:03:48:53:09:68:31:51:
ed:15:62:38:73:e7:ab:8a:9e:3d:13:cc:7e:6a:0e:2b:46:f2:
dc:eb:dd:b8:c1:f2:96:b4:75:53:1b:c2:6a:0c:35:23:c5:e9:
21:9a:59:ed:53:48:f5:6f:2f:e1:bd:13:26:57:0b:93:c7:87:
c0:b8:31:83:e7:aa:14:e9:ae:80:32:22:21:04:b0:12:20:b6:
13:8f:66:d2:f4:06:f3:ab:a6:04:cf:63:54:1c:3d:b0:08:ae:
a8:63:df:53:e2:b9:d1:7f:ac:ae:d8:7a:64:1f:88:b4:cb:56:
86:bb:0e:71:cb:c6:dd:5f:f4:a5:02:51:11:7c:46:3b:40:b5:
20:2c:b2:5e:1c:ec:c2:ec:98:ff:ac:e4:c3:a9:a7:b8:b8:c2:
06:6b:4f:fa
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUaOJPoDoipljOG0Dv4cmjKhm612YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjOWQ1NGIxYWVkZDZmN2M5YTAxZjc0N2Y1ZjQ4MzExNzcwNGY1ZjU5Nzc5
ZGYxNjZkZmYwMzhlNzYwNmU4MDMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKG9d6YiwPkJgxQoYcYKU2R+k6WCRJAqLdB/zFqp/Sf2grmQiscQvDZWW5T7
M837m1au/10zdbC2+DhrpTDIsL75X2gTBTnaCyQrC5RFP7NNGGnJynBAB2jcvOBQ
zquM9Y57+OAeN+VG3eLIr1cfTZU9Ex2imZA8+6Byo6oRnSnmn7KWgAvdL+q28bRD
S9Ej8eEDnkoNr+WoDWmLVHKNaTUYPJIvIS3HyouRSFqfVScDUWO3BgZuTK3pfM4y
P3w8ktMJbc8RkXicXZhD0YgXSR9O2e1CZp0ODc+qFZdDfZAjK7rR/egyXhzLt58k
DxkvNp8gzunyBKFWFqEgorQ0QJMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTKxJRA
Qb2wPq/whBuObkF7obswbDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NmI4ZjZmMzktZjYzNy00MzRjLTg0ZjEtYTgzNzFlODk3NzAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOBMA0G
CSqGSIb3DQEBCwUAA4IBAQDH4bAJN5AnTlq/yj/GsVgfih9VyMKV4txuQc7vp9aB
EZ/YfFf5JZiaTxo/vq56h45TW27c61qPrTTOfGdSIpDOh+yCCR0eDtTxOS4xfLb/
lClctu4wvVPJC4Aeh8MSu0sK0BWRIgNIUwloMVHtFWI4c+erip49E8x+ag4rRvLc
6924wfKWtHVTG8JqDDUjxekhmlntU0j1by/hvRMmVwuTx4fAuDGD56oU6a6AMiIh
BLASILYTj2bS9Abzq6YEz2NUHD2wCK6oY99T4rnRf6yu2HpkH4i0y1aGuw5xy8bd
X/SlAlERfEY7QLUgLLJeHOzC7Jj/rOTDqae4uMIGa0/6
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:30 2024 by rpki-client on console-ams.rpki-client.org