Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f93618f-074f-4431-abe6-691e069b191f.roa
File: 7f93618f-074f-4431-abe6-691e069b191f.roa (raw, json)
Hash identifier: ftXCR7I2ruI2CArMUHlHkv2NFJHCUuoHzPxB13yPxpI=
Subject key identifier: B1:C6:36:63:E9:45:EE:7C:2D:69:E1:34:03:A1:4A:9B:EF:12:F4:4C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 56099C32ACCB3D2455521933E2D334FBF29F63D9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f93618f-074f-4431-abe6-691e069b191f.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 212.167.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:09:9c:32:ac:cb:3d:24:55:52:19:33:e2:d3:34:fb:f2:9f:63:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=fe4da1d0fda70d403832b1117725f3a71336c4b10551c700f8e6b2e4e4dbb8bf, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:c1:ec:d0:41:0a:9b:0c:a1:45:c2:c9:29:69:
fb:22:f5:cc:e0:04:4d:01:88:64:bc:a5:ec:9a:b9:
c8:4f:db:31:00:ab:d8:4b:a6:d8:d2:0c:70:49:a3:
77:51:5c:d2:e6:3c:2a:54:38:8c:b6:d6:b2:22:8a:
f2:7d:f2:e9:38:96:f2:17:10:a9:e7:83:a0:16:3f:
94:87:42:4f:54:c4:2b:22:57:14:82:b3:14:ad:2a:
10:51:9f:17:4e:7e:22:3b:bf:b6:b2:91:28:12:90:
c1:b9:48:7c:19:12:3a:a8:79:4e:07:07:d2:38:fa:
bf:3d:c2:92:65:ba:ca:f2:7b:48:59:53:99:56:40:
15:ed:d5:9d:d9:df:71:97:58:3c:6e:7f:4e:c8:07:
ab:17:de:38:44:19:cb:07:4a:11:46:37:3f:00:69:
5e:8f:50:8f:30:a0:3b:ca:53:f8:06:ec:e4:4e:93:
0c:b0:99:a4:c9:5b:f6:0a:92:d3:09:57:a2:bb:33:
df:ca:48:88:54:23:7e:ec:06:85:48:a4:f5:fa:40:
4f:0c:06:82:d5:df:02:4d:37:49:4d:bc:7e:16:86:
da:8c:c0:ae:14:48:01:12:3f:1d:8a:4b:a8:37:18:
d0:c5:a8:62:e4:9f:d5:82:7d:19:b3:4b:8c:61:61:
c6:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:C6:36:63:E9:45:EE:7C:2D:69:E1:34:03:A1:4A:9B:EF:12:F4:4C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f93618f-074f-4431-abe6-691e069b191f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.167.0.0/16
Signature Algorithm: sha256WithRSAEncryption
40:5e:c0:dc:3b:6c:9b:b3:4e:32:6c:e2:62:cb:fb:95:2d:e2:
ca:16:34:b2:4b:2f:ba:62:65:f1:5f:58:1a:a3:e9:d4:a5:c5:
ac:be:54:85:04:ea:cd:34:92:b0:d9:39:dd:20:09:be:95:20:
d0:73:c5:d8:a0:91:26:37:76:79:19:a9:7b:74:ea:a8:bb:36:
65:28:79:9b:8c:14:21:cd:bf:fe:4f:0b:38:67:0d:a6:b0:7f:
ed:6c:40:94:a0:9d:a8:f5:a2:c6:34:f1:93:7b:4c:70:ba:97:
b7:c5:bb:c3:b4:0f:19:08:ca:c2:bf:77:5e:aa:98:0f:d0:e4:
8d:20:e1:e0:66:da:d2:20:80:e8:10:d1:b4:91:47:1c:b7:03:
47:20:5f:2e:82:bf:3a:39:68:a3:a8:7f:34:cc:72:79:b8:d5:
2b:5e:d5:e6:14:73:4a:1c:ae:f1:18:5f:bf:68:44:83:0c:db:
6b:09:a5:05:58:62:30:40:7f:8a:e7:fa:75:60:46:1b:3a:2b:
54:0e:2e:78:9e:cb:54:86:29:8d:d0:c7:93:61:76:fd:70:68:
d7:8c:86:36:e5:5f:bc:85:d2:27:97:dd:8c:a7:68:6c:53:df:
db:f2:4d:99:8c:8e:90:17:28:49:38:09:3f:f1:64:d9:29:30:
a5:1e:24:f3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVgmcMqzLPSRVUhkz4tM0+/KfY9kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGZlNGRhMWQwZmRhNzBkNDAzODMyYjExMTc3MjVmM2E3MTMzNmM0YjEwNTUx
YzcwMGY4ZTZiMmU0ZTRkYmI4YmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJPB7NBBCpsMoUXCySlp+yL1zOAETQGIZLyl7Jq5yE/bMQCr2Eum2NIMcEmj
d1Fc0uY8KlQ4jLbWsiKK8n3y6TiW8hcQqeeDoBY/lIdCT1TEKyJXFIKzFK0qEFGf
F05+Iju/trKRKBKQwblIfBkSOqh5TgcH0jj6vz3CkmW6yvJ7SFlTmVZAFe3Vndnf
cZdYPG5/TsgHqxfeOEQZywdKEUY3PwBpXo9QjzCgO8pT+Abs5E6TDLCZpMlb9gqS
0wlXorsz38pIiFQjfuwGhUik9fpATwwGgtXfAk03SU28fhaG2ozArhRIARI/HYpL
qDcY0MWoYuSf1YJ9GbNLjGFhxqkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSxxjZj
6UXufC1p4TQDoUqb7xL0TDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2Y5MzYxOGYtMDc0Zi00NDMxLWFiZTYtNjkxZTA2OWIxOTFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANSnMA0G
CSqGSIb3DQEBCwUAA4IBAQBAXsDcO2ybs04ybOJiy/uVLeLKFjSySy+6YmXxX1ga
o+nUpcWsvlSFBOrNNJKw2TndIAm+lSDQc8XYoJEmN3Z5Gal7dOqouzZlKHmbjBQh
zb/+Tws4Zw2msH/tbECUoJ2o9aLGNPGTe0xwupe3xbvDtA8ZCMrCv3deqpgP0OSN
IOHgZtrSIIDoENG0kUcctwNHIF8ugr86OWijqH80zHJ5uNUrXtXmFHNKHK7xGF+/
aESDDNtrCaUFWGIwQH+K5/p1YEYbOitUDi54nstUhimN0MeTYXb9cGjXjIY25V+8
hdInl92Mp2hsU9/b8k2ZjI6QFyhJOAk/8WTZKTClHiTz
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:30 2024 by rpki-client on console-ams.rpki-client.org