Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6df8accc-a525-49ec-ad13-7401de62f775.roa
File: 6df8accc-a525-49ec-ad13-7401de62f775.roa (raw, json)
Hash identifier: VJ0lFr/Sn68Zw5jEkrNZP1RuGi/BNzPlY1+dd2fk86c=
Subject key identifier: 1F:94:8A:A2:26:4C:FC:F0:7E:50:EE:5E:05:C4:5F:88:91:C0:B0:25
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 62850AA201C0606B31E70EC47A4C17EDE5AE57FB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6df8accc-a525-49ec-ad13-7401de62f775.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 159.109.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:85:0a:a2:01:c0:60:6b:31:e7:0e:c4:7a:4c:17:ed:e5:ae:57:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=a8feb57d4b5cdcdb0c5681ca851198fa20b3540a1dc76a12544e4ec58b14fc9c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:88:95:30:89:9f:e2:08:c9:16:cd:ac:c7:f0:
9d:7a:f3:86:e2:fc:6f:dd:e2:2f:73:78:a7:50:d0:
b4:b9:30:59:68:5e:8a:7b:1c:b6:bb:02:9f:81:d9:
b2:4b:20:ac:77:50:98:2d:30:1d:66:ff:16:97:b0:
a1:1d:a0:60:8d:19:3d:d1:63:62:90:c9:96:92:46:
f4:86:80:6c:cd:ac:96:68:8a:52:ef:99:ab:5e:38:
f8:b6:bd:f0:5b:98:cb:fc:2d:d9:0e:6d:95:1c:3e:
ec:94:4e:93:ee:cf:ed:b4:12:f3:9a:30:9d:c4:8a:
3f:f9:4e:b3:85:b9:2f:97:1d:ea:fb:75:db:08:3b:
18:6a:4c:61:bb:b9:b3:29:e5:a7:24:54:44:e7:23:
1e:11:50:09:f9:4c:62:77:7f:5e:a0:af:8d:3c:d8:
a5:0e:1a:54:d2:8d:b8:bd:2d:94:7a:83:3a:c5:59:
85:40:af:70:dd:df:87:17:e6:9e:ea:18:fe:46:ca:
ac:29:f4:36:20:fb:46:56:1f:1a:c9:47:e8:f3:52:
a5:f2:bc:9a:5d:f8:6f:b9:a5:ce:e7:b0:3e:ae:56:
8b:0f:81:64:5f:43:48:be:e4:9a:a6:db:fd:83:18:
62:e5:c2:e2:e4:d2:5f:26:a0:5b:ae:f1:10:72:e2:
18:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:94:8A:A2:26:4C:FC:F0:7E:50:EE:5E:05:C4:5F:88:91:C0:B0:25
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6df8accc-a525-49ec-ad13-7401de62f775.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.109.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ae:3c:09:ae:a2:ea:16:b9:d8:39:53:67:c7:50:74:1f:b6:39:
0d:ef:0b:5b:06:cc:77:27:c3:8e:38:35:dd:06:66:5f:b0:09:
9b:d1:34:e9:13:b9:aa:8c:02:49:87:a6:6b:8d:7a:73:f9:f4:
ef:4b:bc:e0:8f:47:91:57:3d:22:ba:50:45:e6:87:da:1a:d6:
49:ba:d4:0a:47:c5:fd:a0:85:9f:fa:98:06:bc:ae:1f:5d:25:
06:f0:5e:81:c4:37:01:57:3b:af:8f:69:5f:e8:b8:8e:f3:ca:
d4:3a:aa:c0:8e:2d:cf:3a:98:01:a5:51:d0:59:fb:f1:f1:04:
f8:f8:16:48:72:ce:2f:ac:6e:e9:b3:70:59:07:71:fb:c3:06:
a3:1e:07:06:dc:bb:60:c9:f1:a8:0e:47:53:1f:73:d2:c1:b9:
42:65:5c:3b:be:4a:65:b6:44:ef:e4:b2:b8:3d:35:78:5e:7d:
81:97:37:e1:50:79:69:f7:d3:e8:be:f8:92:18:71:02:a1:07:
ff:10:0b:52:99:b4:3e:32:d2:e7:ce:00:a2:39:80:54:d8:f7:
93:7c:8c:67:89:f7:22:40:84:84:61:79:d3:15:c3:ce:58:00:
cd:97:48:0c:3d:ae:5c:a7:6e:a2:c8:1c:aa:e9:08:07:12:f6:
c0:bf:08:9b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYoUKogHAYGsx5w7EekwX7eWuV/swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4ZmViNTdkNGI1Y2RjZGIwYzU2ODFjYTg1MTE5OGZhMjBiMzU0MGExZGM3
NmExMjU0NGU0ZWM1OGIxNGZjOWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKaIlTCJn+IIyRbNrMfwnXrzhuL8b93iL3N4p1DQtLkwWWheinsctrsCn4HZ
sksgrHdQmC0wHWb/FpewoR2gYI0ZPdFjYpDJlpJG9IaAbM2slmiKUu+Zq144+La9
8FuYy/wt2Q5tlRw+7JROk+7P7bQS85owncSKP/lOs4W5L5cd6vt12wg7GGpMYbu5
synlpyRUROcjHhFQCflMYnd/XqCvjTzYpQ4aVNKNuL0tlHqDOsVZhUCvcN3fhxfm
nuoY/kbKrCn0NiD7RlYfGslH6PNSpfK8ml34b7mlzuewPq5Wiw+BZF9DSL7kmqbb
/YMYYuXC4uTSXyagW67xEHLiGBkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQflIqi
Jkz88H5Q7l4FxF+IkcCwJTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NmRmOGFjY2MtYTUyNS00OWVjLWFkMTMtNzQwMWRlNjJmNzc1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ9tMA0G
CSqGSIb3DQEBCwUAA4IBAQCuPAmuouoWudg5U2fHUHQftjkN7wtbBsx3J8OOODXd
BmZfsAmb0TTpE7mqjAJJh6ZrjXpz+fTvS7zgj0eRVz0iulBF5ofaGtZJutQKR8X9
oIWf+pgGvK4fXSUG8F6BxDcBVzuvj2lf6LiO88rUOqrAji3POpgBpVHQWfvx8QT4
+BZIcs4vrG7ps3BZB3H7wwajHgcG3LtgyfGoDkdTH3PSwblCZVw7vkpltkTv5LK4
PTV4Xn2BlzfhUHlp99PovviSGHECoQf/EAtSmbQ+MtLnzgCiOYBU2PeTfIxnifci
QISEYXnTFcPOWADNl0gMPa5cp26iyByq6QgHEvbAvwib
-----END CERTIFICATE-----
Generated at Sun Nov 24 21:43:50 2024 by rpki-client on console-ams.rpki-client.org