Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7986b90e-a286-4c02-b5e7-b85bd3d860a4.roa
File: 7986b90e-a286-4c02-b5e7-b85bd3d860a4.roa (raw, json)
Hash identifier: alVdm390IxNsmskgo3JamI4Dy+TONIjqh/4FxzRagfs=
Subject key identifier: ED:14:82:2B:3D:C4:2F:71:C0:D7:9F:44:BF:F5:D9:89:0C:A3:F9:EF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 35160C4CAE6F672C2E2B7E6861A4067115FA193C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7986b90e-a286-4c02-b5e7-b85bd3d860a4.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.134.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:16:0c:4c:ae:6f:67:2c:2e:2b:7e:68:61:a4:06:71:15:fa:19:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=228fde5c50fdb1460317f200cd38725f215b04d1bf315c53d020b76a45f9153d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:33:ae:cf:aa:2a:88:dd:39:4a:29:bc:c0:fa:
49:2e:84:4c:89:b6:a1:1e:78:a7:c5:e2:6a:3c:99:
af:b0:f2:44:d3:d4:2b:12:2b:d3:e9:6e:04:8f:57:
36:a4:0a:fa:94:7a:66:06:4c:5b:ab:b7:14:a4:3e:
a5:6b:a6:67:cb:b5:e0:86:9d:85:e8:82:28:38:ef:
fd:f1:d9:9d:c7:5c:4e:57:6a:cc:89:92:ec:70:d9:
a1:58:73:31:3f:37:81:cb:25:ee:a8:23:e2:9a:02:
38:ae:6c:58:b4:fe:06:88:68:61:e2:9e:61:fa:32:
fc:c7:1d:94:cf:0a:06:f3:b2:49:37:ff:8c:7b:16:
11:43:37:99:56:8b:1f:86:9e:95:5a:76:52:d6:3f:
99:ff:83:fc:3a:01:8c:75:f6:47:95:b1:44:75:ab:
d7:1c:e8:9f:c6:38:22:15:30:3a:3b:c7:20:c0:d8:
97:96:85:87:1a:75:8b:22:6f:05:e9:14:0c:15:9e:
3f:8e:69:05:68:cf:e0:02:71:f9:70:39:bb:02:13:
39:45:46:76:f8:22:54:e4:3e:22:05:be:68:57:29:
15:70:94:32:8a:86:12:af:c0:fe:9f:cc:08:94:bd:
75:09:c6:af:33:50:56:ae:62:c1:d6:d1:32:fe:6c:
4c:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:14:82:2B:3D:C4:2F:71:C0:D7:9F:44:BF:F5:D9:89:0C:A3:F9:EF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7986b90e-a286-4c02-b5e7-b85bd3d860a4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.134.0.0/16
Signature Algorithm: sha256WithRSAEncryption
20:9f:df:88:13:2e:6a:14:e7:24:85:42:c9:72:d6:f9:71:17:
ea:e7:db:2a:ee:15:c3:23:10:59:dc:f5:08:80:fc:14:d8:a1:
53:78:16:ff:c8:31:73:13:b1:57:88:e8:cb:0d:32:d7:87:e5:
3b:cc:22:d6:2a:1a:04:9c:fb:9b:03:ec:c8:82:a1:4a:de:35:
09:7b:c4:18:94:99:ee:61:e7:93:cd:1e:88:41:18:ab:08:be:
8a:f3:ce:cc:a8:a1:af:62:33:f7:df:ce:45:da:f8:d8:d5:17:
d7:3e:24:6d:06:be:53:cc:f2:f8:75:d0:6a:59:e0:31:d7:cc:
71:af:1f:09:f4:8a:43:a4:c4:50:e8:8b:4c:f3:d3:5a:f6:dd:
67:43:22:1f:44:ec:15:eb:8f:80:88:a0:5b:e7:15:7a:e8:8a:
1b:be:04:45:ae:b8:85:50:05:1e:3a:da:48:31:5f:f2:f8:6d:
0f:b5:5c:e8:91:2f:61:9e:41:cc:07:a6:8d:d4:f0:44:4f:c4:
b4:b1:81:73:5d:ba:bc:4f:05:2f:30:fa:42:65:73:3c:56:e8:
2f:95:95:c0:dc:dc:22:85:73:f3:ad:18:11:7a:8d:af:1b:db:
e4:70:2b:5e:7a:ae:3a:b7:0f:e4:67:eb:b0:ee:ce:84:74:0f:
1f:07:3e:31
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNRYMTK5vZywuK35oYaQGcRX6GTwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDIyOGZkZTVjNTBmZGIxNDYwMzE3ZjIwMGNkMzg3MjVmMjE1YjA0ZDFiZjMx
NWM1M2QwMjBiNzZhNDVmOTE1M2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMMzrs+qKojdOUopvMD6SS6ETIm2oR54p8XiajyZr7DyRNPUKxIr0+luBI9X
NqQK+pR6ZgZMW6u3FKQ+pWumZ8u14IadheiCKDjv/fHZncdcTldqzImS7HDZoVhz
MT83gcsl7qgj4poCOK5sWLT+BohoYeKeYfoy/McdlM8KBvOySTf/jHsWEUM3mVaL
H4aelVp2UtY/mf+D/DoBjHX2R5WxRHWr1xzon8Y4IhUwOjvHIMDYl5aFhxp1iyJv
BekUDBWeP45pBWjP4AJx+XA5uwITOUVGdvgiVOQ+IgW+aFcpFXCUMoqGEq/A/p/M
CJS9dQnGrzNQVq5iwdbRMv5sTO0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTtFIIr
PcQvccDXn0S/9dmJDKP57zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Nzk4NmI5MGUtYTI4Ni00YzAyLWI1ZTctYjg1YmQzZDg2MGE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOGMA0G
CSqGSIb3DQEBCwUAA4IBAQAgn9+IEy5qFOckhULJctb5cRfq59sq7hXDIxBZ3PUI
gPwU2KFTeBb/yDFzE7FXiOjLDTLXh+U7zCLWKhoEnPubA+zIgqFK3jUJe8QYlJnu
YeeTzR6IQRirCL6K887MqKGvYjP3385F2vjY1RfXPiRtBr5TzPL4ddBqWeAx18xx
rx8J9IpDpMRQ6ItM89Na9t1nQyIfROwV64+AiKBb5xV66IobvgRFrriFUAUeOtpI
MV/y+G0PtVzokS9hnkHMB6aN1PBET8S0sYFzXbq8TwUvMPpCZXM8VugvlZXA3Nwi
hXPzrRgReo2vG9vkcCteeq46tw/kZ+uw7s6EdA8fBz4x
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:30 2024 by rpki-client on console-ams.rpki-client.org