Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7121a047-d001-4dca-a807-79f5c57d8a70.roa
File: 7121a047-d001-4dca-a807-79f5c57d8a70.roa (raw, json)
Hash identifier: aP3YZYwDQIAEJTEANkjU/Nj5NJDIlh08SF6rqBRGPRc=
Subject key identifier: 5E:E5:D5:A0:9E:0E:74:0C:CB:56:6B:3D:F7:80:B5:E2:33:CE:93:B1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 41D87AABF8965AB390988141E3C666F8575DE13F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7121a047-d001-4dca-a807-79f5c57d8a70.roa
Signing time: Fri 08 Nov 2024 00:00:00 +0000
ROA not before: Fri 08 Nov 2024 00:00:00 +0000
ROA not after: Fri 13 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.240.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:d8:7a:ab:f8:96:5a:b3:90:98:81:41:e3:c6:66:f8:57:5d:e1:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 8 00:00:00 2024 GMT
Not After : Dec 13 23:59:59 2024 GMT
Subject: serialNumber=671103e6cd15e922824eebc1d5f6b5c757e6a5a9a41cd432c61891a78355b6b6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:32:04:ed:c8:98:f5:f8:6b:86:7d:89:34:d9:
f5:5b:eb:a4:b2:b4:b6:19:fb:fc:d1:b0:cf:44:12:
21:b6:74:0e:b0:be:53:19:f6:06:05:13:18:4a:32:
d3:d5:4b:1b:e4:36:1f:8c:89:60:1c:63:88:68:e0:
c7:bc:df:2b:ae:44:d5:8b:b3:2c:ff:64:08:58:ce:
c5:01:ba:d4:e4:f2:7a:68:e2:46:dc:b1:ba:11:a6:
96:ea:fd:12:13:f5:20:de:02:7a:15:69:54:c4:1b:
68:de:69:c2:17:d8:1b:73:9a:b1:c3:1d:41:f2:f6:
2b:15:13:30:45:65:61:34:6d:18:5a:6f:2f:e9:d5:
5f:c5:cd:c0:0c:f5:68:c8:e9:f7:32:74:6a:b0:e8:
ca:74:76:dd:f4:d0:50:d6:1e:01:41:ac:22:c8:7b:
8b:f4:be:3c:64:76:57:ea:b6:37:3e:0d:23:23:f7:
e6:76:ae:fd:c2:3f:25:d6:62:ca:e5:96:09:52:e3:
c3:e8:22:89:79:ad:2a:66:f1:e3:66:8e:d9:d2:d5:
a4:24:ed:74:35:f5:e8:99:5b:b5:b3:a4:c4:da:12:
4a:9e:5d:ae:cf:94:a4:12:c8:0b:27:3f:53:78:2b:
7b:8d:85:22:49:c1:16:ee:fc:21:8c:94:3a:4f:e4:
52:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:E5:D5:A0:9E:0E:74:0C:CB:56:6B:3D:F7:80:B5:E2:33:CE:93:B1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7121a047-d001-4dca-a807-79f5c57d8a70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.240.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d3:69:dc:a0:36:5e:d9:1b:eb:b6:69:83:5d:14:d8:c4:f3:0e:
ef:47:e8:05:b8:6d:59:e4:53:14:f2:ae:5d:ae:f3:40:13:eb:
c8:6c:ec:28:e6:d8:b6:d8:78:89:62:ab:41:dc:a3:2c:06:6f:
9f:4b:60:16:f7:da:76:3f:73:aa:1f:02:78:fd:36:71:9d:f9:
eb:1b:ed:2f:4a:07:6f:0b:61:ea:e1:e1:2c:72:8f:46:07:6e:
19:ff:56:43:9b:cb:c0:5e:04:5e:ad:b1:8d:6b:1b:15:20:9f:
b2:b2:dc:71:dc:6c:72:dc:df:3d:91:ee:69:d7:40:99:16:4d:
85:d3:c4:ae:8a:e5:a6:f7:7e:4e:5d:af:28:0f:13:4f:93:79:
c9:96:16:6e:5c:38:1d:92:b4:ae:91:78:b2:36:f6:0c:f5:0a:
d3:ab:16:20:6a:5f:68:23:16:8d:b7:7d:bc:0f:21:a8:c5:21:
b3:91:fc:46:81:96:17:3c:e3:ea:24:03:f8:53:ea:34:79:72:
a3:a2:13:8b:26:de:7e:02:83:91:86:65:fb:57:62:00:c3:01:
58:8b:ee:69:16:a8:5b:c0:6c:c8:3b:e1:d2:50:b5:e8:0c:fb:
4d:99:37:10:5a:1b:51:ad:4e:18:40:9d:0f:a3:ed:ea:bf:38:
08:a7:50:94
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQdh6q/iWWrOQmIFB48Zm+Fdd4T8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDgwMDAwMDBaFw0yNDEyMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDY3MTEwM2U2Y2QxNWU5MjI4MjRlZWJjMWQ1ZjZiNWM3NTdlNmE1YTlhNDFj
ZDQzMmM2MTg5MWE3ODM1NWI2YjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL8yBO3ImPX4a4Z9iTTZ9VvrpLK0thn7/NGwz0QSIbZ0DrC+Uxn2BgUTGEoy
09VLG+Q2H4yJYBxjiGjgx7zfK65E1YuzLP9kCFjOxQG61OTyemjiRtyxuhGmlur9
EhP1IN4CehVpVMQbaN5pwhfYG3OascMdQfL2KxUTMEVlYTRtGFpvL+nVX8XNwAz1
aMjp9zJ0arDoynR23fTQUNYeAUGsIsh7i/S+PGR2V+q2Nz4NIyP35nau/cI/JdZi
yuWWCVLjw+giiXmtKmbx42aO2dLVpCTtdDX16JlbtbOkxNoSSp5drs+UpBLICyc/
U3gre42FIknBFu78IYyUOk/kUtkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRe5dWg
ng50DMtWaz33gLXiM86TsTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzEyMWEwNDctZDAwMS00ZGNhLWE4MDctNzlmNWM1N2Q4YTcwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADPwMA0G
CSqGSIb3DQEBCwUAA4IBAQDTadygNl7ZG+u2aYNdFNjE8w7vR+gFuG1Z5FMU8q5d
rvNAE+vIbOwo5ti22HiJYqtB3KMsBm+fS2AW99p2P3OqHwJ4/TZxnfnrG+0vSgdv
C2Hq4eEsco9GB24Z/1ZDm8vAXgRerbGNaxsVIJ+ystxx3Gxy3N89ke5p10CZFk2F
08SuiuWm935OXa8oDxNPk3nJlhZuXDgdkrSukXiyNvYM9QrTqxYgal9oIxaNt328
DyGoxSGzkfxGgZYXPOPqJAP4U+o0eXKjohOLJt5+AoORhmX7V2IAwwFYi+5pFqhb
wGzIO+HSULXoDPtNmTcQWhtRrU4YQJ0Po+3qvzgIp1CU
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:30 2024 by rpki-client on console-ams.rpki-client.org