Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
File: 83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa (raw, json)
Hash identifier: M06QZ3L5iFp8D1ysTEdGtrCA//TrPL8MYFGK0L13UYM=
Subject key identifier: D3:46:B9:03:BF:A4:9B:7A:CE:DA:39:DC:8E:4D:B8:94:40:8C:5C:52
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 535830C1513E81362F10A256F12D8CCFF66EDD06
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.150.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:58:30:c1:51:3e:81:36:2f:10:a2:56:f1:2d:8c:cf:f6:6e:dd:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=8e0455e6e689807746ceab80bcf3ec8e7edea1ea48bca4c8f11ab1d249690c7e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:20:51:0f:f2:b5:dc:51:71:2f:dc:6b:50:fd:
a7:96:16:f3:99:84:6b:c6:fc:98:a3:4f:f3:12:8f:
f5:22:35:89:dc:bc:a8:22:9c:8c:ab:8f:88:65:d0:
2b:a0:b8:73:d9:e2:14:a6:12:f2:17:ba:1c:d5:42:
8b:ba:a5:59:7d:bf:cc:d4:9d:76:8a:bb:1d:88:14:
50:a9:c9:fc:02:83:8a:cf:c4:d1:b2:78:f8:7d:71:
78:18:10:6a:78:d7:7e:b3:f5:d4:f5:6a:dd:e1:76:
40:24:d7:da:29:dc:7e:36:51:c7:78:a0:48:9f:da:
a3:4c:7a:21:38:b5:90:48:96:bb:fb:b6:3e:7f:e1:
ed:54:9e:fc:25:82:0a:44:c7:3e:26:f3:e8:88:4c:
37:42:fd:91:27:62:15:cc:5e:25:1b:19:ce:39:63:
8a:10:b0:56:5a:44:9c:2d:a9:42:e8:53:d1:1c:9f:
09:0d:c0:87:08:69:20:1b:71:66:58:31:c7:b8:df:
8b:1a:0c:d0:87:ab:62:79:d3:dc:c9:f7:25:46:08:
b4:d5:05:3b:4d:7c:47:0d:01:3b:8b:5e:db:88:1b:
a8:4b:23:11:2f:30:be:1d:5b:5a:64:1f:44:51:10:
eb:fb:92:33:cc:1d:fb:9d:08:45:26:92:b1:71:27:
11:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:46:B9:03:BF:A4:9B:7A:CE:DA:39:DC:8E:4D:B8:94:40:8C:5C:52
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.150.0.0/16
Signature Algorithm: sha256WithRSAEncryption
52:4d:9b:0d:6b:83:45:29:8f:f1:74:b2:0d:a5:0e:35:2a:3d:
5d:cf:33:1f:45:9a:9f:ce:bd:ef:be:93:78:d9:00:e5:8b:db:
d0:a4:d5:b0:09:73:2f:b9:59:f8:bf:1d:85:b9:a4:a5:39:6f:
8c:5e:68:2f:ed:1a:ea:df:f6:83:c0:e4:ae:73:c4:94:d0:84:
c0:fa:3c:38:37:04:93:f0:fe:94:97:4a:8e:ff:31:3e:64:ec:
6d:06:ef:9d:d5:71:d7:c9:f9:e9:f1:a7:b7:7c:42:14:e8:3b:
28:d6:ec:82:de:e4:33:3f:d6:a1:a0:84:24:af:6c:cf:cc:4c:
f3:98:94:ff:90:86:6d:2e:c4:ba:0a:81:d5:c7:30:99:8f:81:
6c:e4:b1:da:7d:20:4e:f3:25:b5:cb:e2:ed:2b:60:4e:6c:66:
9c:ac:41:4a:6f:00:ef:77:ba:88:c0:bd:66:f9:b7:61:d2:f2:
3e:1d:d3:bf:75:39:98:ad:40:20:d2:ed:c5:ff:08:8e:11:8a:
a8:d0:9f:ca:7d:ef:4c:81:35:e7:9e:b8:e0:e9:33:54:2a:65:
15:f9:e8:ff:9f:d6:76:ce:02:32:5c:e3:a6:db:c5:97:22:ac:
26:18:c3:a3:7a:36:0f:12:2b:7d:92:e4:03:33:e0:f8:2b:b4:
40:c1:6e:7e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUU1gwwVE+gTYvEKJW8S2Mz/Zu3QYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlMDQ1NWU2ZTY4OTgwNzc0NmNlYWI4MGJjZjNlYzhlN2VkZWExZWE0OGJj
YTRjOGYxMWFiMWQyNDk2OTBjN2UxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJwgUQ/ytdxRcS/ca1D9p5YW85mEa8b8mKNP8xKP9SI1idy8qCKcjKuPiGXQ
K6C4c9niFKYS8he6HNVCi7qlWX2/zNSddoq7HYgUUKnJ/AKDis/E0bJ4+H1xeBgQ
anjXfrP11PVq3eF2QCTX2incfjZRx3igSJ/ao0x6ITi1kEiWu/u2Pn/h7VSe/CWC
CkTHPibz6IhMN0L9kSdiFcxeJRsZzjljihCwVlpEnC2pQuhT0RyfCQ3AhwhpIBtx
Zlgxx7jfixoM0IerYnnT3Mn3JUYItNUFO018Rw0BO4te24gbqEsjES8wvh1bWmQf
RFEQ6/uSM8wd+50IRSaSsXEnEb0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTTRrkD
v6Sbes7aOdyOTbiUQIxcUjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNjOWY5YzQtMzlhMi00ZjVmLTkxODgtMWE5ZTBkY2NmMjA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOWMA0G
CSqGSIb3DQEBCwUAA4IBAQBSTZsNa4NFKY/xdLINpQ41Kj1dzzMfRZqfzr3vvpN4
2QDli9vQpNWwCXMvuVn4vx2FuaSlOW+MXmgv7Rrq3/aDwOSuc8SU0ITA+jw4NwST
8P6Ul0qO/zE+ZOxtBu+d1XHXyfnp8ae3fEIU6Dso1uyC3uQzP9ahoIQkr2zPzEzz
mJT/kIZtLsS6CoHVxzCZj4Fs5LHafSBO8yW1y+LtK2BObGacrEFKbwDvd7qIwL1m
+bdh0vI+HdO/dTmYrUAg0u3F/wiOEYqo0J/Kfe9MgTXnnrjg6TNUKmUV+ej/n9Z2
zgIyXOOm28WXIqwmGMOjejYPEit9kuQDM+D4K7RAwW5+
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:30 2024 by rpki-client on console-ams.rpki-client.org