Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6be51680-57c7-4d1d-ba12-3da6cbabf591.roa
File: 6be51680-57c7-4d1d-ba12-3da6cbabf591.roa (raw, json)
Hash identifier: As5Ie7lsV/4jQNcoZS7D9C7S3HEpmEkmImgIkGJqIgw=
Subject key identifier: 13:2E:86:04:5E:35:05:1D:C6:28:C9:F1:09:53:AD:18:1E:E9:6E:C3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 22182980985A883472E3F24362C0EEA1CE015C48
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6be51680-57c7-4d1d-ba12-3da6cbabf591.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.129.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:18:29:80:98:5a:88:34:72:e3:f2:43:62:c0:ee:a1:ce:01:5c:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=f5f2544241ec35e1bf35bc7ca1a0611f07812bf8d56d2cb5e50a7fb68c15f112, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:0b:5f:8a:f8:75:56:f0:50:e6:a6:94:89:cb:
b2:53:3f:08:8b:bd:d7:90:06:a1:66:da:2d:0c:fa:
89:50:cc:a3:60:2d:f0:f1:74:70:3b:5a:28:5b:df:
6b:22:a6:10:44:65:4e:8c:af:02:01:db:78:e8:c1:
77:19:73:14:f0:12:08:97:de:ba:60:02:86:18:66:
0f:3a:71:91:af:85:ab:1a:89:c2:5f:2b:c8:df:f7:
d2:f3:ec:20:6a:1f:f7:eb:62:0a:1a:e0:48:6a:47:
29:e3:10:10:b7:79:1a:f3:3f:24:6b:d3:bb:a2:76:
e3:34:9a:f8:2c:bf:7d:ad:a7:40:30:03:94:aa:05:
e8:d6:e6:36:21:0a:c5:5e:5a:cd:94:c0:54:bc:bc:
3c:08:46:f2:99:c4:29:24:c4:3a:e9:5b:67:7b:df:
43:3f:e1:c2:1f:a9:00:87:c3:16:41:2c:ba:61:c8:
70:6f:49:85:fa:f4:b1:e3:f1:c5:79:04:04:e3:4e:
09:02:52:68:2d:c2:c6:66:d8:6a:73:2e:2c:48:28:
1d:20:74:09:7e:54:5d:d3:e8:8a:0f:25:ac:73:58:
c4:6c:ea:2d:5c:12:6b:05:89:e5:b2:70:b9:6b:05:
23:d0:8f:13:21:6c:9c:88:4e:50:9b:e5:10:93:91:
d1:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:2E:86:04:5E:35:05:1D:C6:28:C9:F1:09:53:AD:18:1E:E9:6E:C3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6be51680-57c7-4d1d-ba12-3da6cbabf591.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3c:5a:8a:be:bf:a3:d2:ab:8a:66:b0:df:e2:07:bd:63:fb:01:
1e:11:f9:27:d8:40:b4:35:a2:d6:af:86:4d:d1:8d:c1:08:dc:
7b:08:49:c5:3d:38:23:3d:9b:13:77:ca:ee:e6:d9:37:22:1b:
6a:ec:16:49:98:ab:fe:43:b2:60:ba:8f:16:ae:2e:10:4c:64:
ab:b2:62:84:1d:6b:bc:3c:c0:10:ed:02:94:65:49:d1:07:64:
10:1e:f0:6b:81:d6:64:21:ad:02:c5:30:35:6e:d1:9f:2f:ac:
5d:a5:e3:43:17:c9:df:30:0d:d7:67:8e:26:40:37:da:05:a6:
65:12:d9:0f:6f:cc:f3:ca:4f:ed:89:1c:68:d8:67:a5:a8:31:
47:c3:8c:db:fb:bd:57:5c:1c:06:e5:cf:ec:6e:1f:7f:99:78:
d5:05:07:82:fa:64:c2:47:44:b0:c2:ba:2a:28:57:88:b8:f3:
95:52:83:d0:a7:97:de:df:36:93:53:f7:43:71:28:5a:ed:d7:
c7:b0:c7:50:40:9b:84:af:2c:a2:46:a7:6a:34:10:2d:cc:13:
81:c1:85:0a:95:f5:e9:a9:d1:53:bd:6d:5a:b0:9c:31:14:03:
b6:03:63:13:21:e7:69:42:4f:cd:3b:cf:be:e1:9c:b7:52:31:
4d:15:18:fd
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIhgpgJhaiDRy4/JDYsDuoc4BXEgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGY1ZjI1NDQyNDFlYzM1ZTFiZjM1YmM3Y2ExYTA2MTFmMDc4MTJiZjhkNTZk
MmNiNWU1MGE3ZmI2OGMxNWYxMTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANQLX4r4dVbwUOamlInLslM/CIu915AGoWbaLQz6iVDMo2At8PF0cDtaKFvf
ayKmEERlToyvAgHbeOjBdxlzFPASCJfeumAChhhmDzpxka+FqxqJwl8ryN/30vPs
IGof9+tiChrgSGpHKeMQELd5GvM/JGvTu6J24zSa+Cy/fa2nQDADlKoF6NbmNiEK
xV5azZTAVLy8PAhG8pnEKSTEOulbZ3vfQz/hwh+pAIfDFkEsumHIcG9Jhfr0sePx
xXkEBONOCQJSaC3CxmbYanMuLEgoHSB0CX5UXdPoig8lrHNYxGzqLVwSawWJ5bJw
uWsFI9CPEyFsnIhOUJvlEJOR0RECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQTLoYE
XjUFHcYoyfEJU60YHuluwzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NmJlNTE2ODAtNTdjNy00ZDFkLWJhMTItM2RhNmNiYWJmNTkxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOBMA0G
CSqGSIb3DQEBCwUAA4IBAQA8Woq+v6PSq4pmsN/iB71j+wEeEfkn2EC0NaLWr4ZN
0Y3BCNx7CEnFPTgjPZsTd8ru5tk3Ihtq7BZJmKv+Q7Jguo8Wri4QTGSrsmKEHWu8
PMAQ7QKUZUnRB2QQHvBrgdZkIa0CxTA1btGfL6xdpeNDF8nfMA3XZ44mQDfaBaZl
EtkPb8zzyk/tiRxo2GelqDFHw4zb+71XXBwG5c/sbh9/mXjVBQeC+mTCR0Swwroq
KFeIuPOVUoPQp5fe3zaTU/dDcSha7dfHsMdQQJuEryyiRqdqNBAtzBOBwYUKlfXp
qdFTvW1asJwxFAO2A2MTIedpQk/NO8++4Zy3UjFNFRj9
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:30 2024 by rpki-client on console-ams.rpki-client.org