Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/88f52aa4-587a-4c53-908e-056e9d4b7bca.roa
File: 88f52aa4-587a-4c53-908e-056e9d4b7bca.roa (raw, json)
Hash identifier: nquYvqWhbd+nVlek61oPLOxj98oVazsPshx4OxKERKU=
Subject key identifier: 35:C5:CC:BA:C6:68:10:11:77:62:0D:D8:53:C8:03:D5:4E:81:04:F2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 67D33DB0FEBF4FC0B7584E28F33B01B372A28076
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/88f52aa4-587a-4c53-908e-056e9d4b7bca.roa
Signing time: Fri 08 Nov 2024 00:00:00 +0000
ROA not before: Fri 08 Nov 2024 00:00:00 +0000
ROA not after: Fri 13 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.232.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:d3:3d:b0:fe:bf:4f:c0:b7:58:4e:28:f3:3b:01:b3:72:a2:80:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 8 00:00:00 2024 GMT
Not After : Dec 13 23:59:59 2024 GMT
Subject: serialNumber=8f16403fbe7fa6968e779192d845e70e4ff8686383606d20c7fdbcb699e2514b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f4:7f:d0:1c:c4:30:90:51:70:51:5d:52:04:
32:96:9e:c9:55:ad:9f:43:ad:72:49:d7:2f:3e:a8:
6e:46:1e:52:79:be:ff:ca:5c:ee:e3:51:5c:74:98:
d2:cc:30:cf:8e:72:61:b9:90:01:b0:c7:40:94:80:
9a:ca:d3:e2:dc:20:02:f7:2d:70:b4:59:1f:97:e8:
91:5d:d9:e3:72:fd:04:d5:62:60:8e:f3:23:96:ec:
3b:15:c3:7b:0e:ac:b1:bc:9e:22:4e:d7:ca:52:91:
93:ea:3d:e2:06:b4:31:8e:d1:b5:40:88:1f:44:fb:
75:91:2f:f4:3b:10:ab:d5:80:be:c3:33:2d:44:4a:
30:c9:f6:fb:3a:6c:78:68:04:f0:df:0f:2f:85:24:
cf:92:a0:4f:5f:0c:66:3f:2b:2e:ca:19:d0:6c:af:
80:50:5c:e9:55:9c:fd:1e:2d:63:4e:d9:fc:0e:65:
b7:5e:c1:45:c0:84:1b:7a:54:52:e0:cf:06:8f:cc:
fe:4d:9d:bd:00:07:e7:9a:41:9b:56:23:7c:a5:3d:
84:63:a2:aa:b4:18:d6:91:c2:d7:82:dc:fd:dc:dc:
4f:bc:25:3a:6e:fe:40:cc:90:2d:b9:34:94:f0:02:
bd:d6:75:97:43:2d:bc:d3:89:50:4a:fd:0d:b9:01:
e7:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:C5:CC:BA:C6:68:10:11:77:62:0D:D8:53:C8:03:D5:4E:81:04:F2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/88f52aa4-587a-4c53-908e-056e9d4b7bca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.232.0.0/15
Signature Algorithm: sha256WithRSAEncryption
5a:2f:b9:5b:3b:84:2a:83:08:20:b8:22:0e:f1:06:b4:c0:52:
f9:59:02:bf:ce:e0:31:b7:eb:2a:f3:5a:27:be:15:9d:22:8d:
b6:37:0e:78:02:db:85:ab:c8:16:8c:d4:21:9d:19:f9:94:14:
78:80:13:f0:e8:e5:95:98:0f:8b:36:30:80:e4:d2:22:65:42:
3b:3e:01:81:f9:fc:51:a8:e0:bb:5b:0a:97:21:30:9e:08:fb:
fd:b6:7b:10:3d:f5:60:22:7b:81:a3:68:e8:ca:d6:31:ba:45:
66:a7:05:6d:81:ce:6c:aa:e6:e7:a5:84:81:8e:34:90:62:fb:
e4:26:cc:95:4a:fb:83:23:a5:c6:b4:0c:99:e6:17:db:cd:7b:
e1:3b:9c:24:17:00:21:7e:21:11:f9:5b:31:26:09:02:82:d5:
82:72:2b:73:7b:52:f0:e4:4e:ed:10:0d:12:41:d6:63:68:b8:
a8:70:35:f8:b7:bd:14:07:51:3f:ee:77:dc:90:8e:a3:b5:52:
9c:92:2d:9a:22:e8:8a:9f:35:e3:42:da:31:46:25:b3:34:2f:
b8:17:32:2a:5a:1b:4d:a7:38:50:7d:d4:70:93:3f:28:8a:c7:
e7:14:d2:25:1f:4e:62:bf:fb:4c:db:1e:35:b5:b8:37:30:99:
6e:fe:46:7b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZ9M9sP6/T8C3WE4o8zsBs3KigHYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDgwMDAwMDBaFw0yNDEyMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDhmMTY0MDNmYmU3ZmE2OTY4ZTc3OTE5MmQ4NDVlNzBlNGZmODY4NjM4MzYw
NmQyMGM3ZmRiY2I2OTllMjUxNGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMj0f9AcxDCQUXBRXVIEMpaeyVWtn0OtcknXLz6obkYeUnm+/8pc7uNRXHSY
0swwz45yYbmQAbDHQJSAmsrT4twgAvctcLRZH5fokV3Z43L9BNViYI7zI5bsOxXD
ew6ssbyeIk7XylKRk+o94ga0MY7RtUCIH0T7dZEv9DsQq9WAvsMzLURKMMn2+zps
eGgE8N8PL4Ukz5KgT18MZj8rLsoZ0GyvgFBc6VWc/R4tY07Z/A5lt17BRcCEG3pU
UuDPBo/M/k2dvQAH55pBm1YjfKU9hGOiqrQY1pHC14Lc/dzcT7wlOm7+QMyQLbk0
lPACvdZ1l0MtvNOJUEr9DbkB51UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ1xcy6
xmgQEXdiDdhTyAPVToEE8jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODhmNTJhYTQtNTg3YS00YzUzLTkwOGUtMDU2ZTlkNGI3YmNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPoMA0G
CSqGSIb3DQEBCwUAA4IBAQBaL7lbO4QqgwgguCIO8Qa0wFL5WQK/zuAxt+sq81on
vhWdIo22Nw54AtuFq8gWjNQhnRn5lBR4gBPw6OWVmA+LNjCA5NIiZUI7PgGB+fxR
qOC7WwqXITCeCPv9tnsQPfVgInuBo2joytYxukVmpwVtgc5squbnpYSBjjSQYvvk
JsyVSvuDI6XGtAyZ5hfbzXvhO5wkFwAhfiER+VsxJgkCgtWCcitze1Lw5E7tEA0S
QdZjaLiocDX4t70UB1E/7nfckI6jtVKcki2aIuiKnzXjQtoxRiWzNC+4FzIqWhtN
pzhQfdRwkz8oisfnFNIlH05iv/tM2x41tbg3MJlu/kZ7
-----END CERTIFICATE-----
Generated at Sun Nov 24 21:43:50 2024 by rpki-client on console-ams.rpki-client.org