Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8a2d5f28-0fcb-419c-a873-3933dd3409d0.roa
File: 8a2d5f28-0fcb-419c-a873-3933dd3409d0.roa (raw, json)
Hash identifier: 79dv+hhwhVMdeyjb95/nmxqxS9ELnnyb8dnAF3NtyKA=
Subject key identifier: D7:13:B8:38:A7:D5:77:13:14:84:5F:24:3C:FD:C8:05:DC:72:BC:03
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 05847EA909FC8B3422FC75235D15F1A1BB5B0A7E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8a2d5f28-0fcb-419c-a873-3933dd3409d0.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.100.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:84:7e:a9:09:fc:8b:34:22:fc:75:23:5d:15:f1:a1:bb:5b:0a:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=87ac8ae65f84110765a3d4b0c07b95c1c37386a9435c126d43cc082b03c8783f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7d:04:89:2d:41:fa:0d:54:96:05:c9:4d:3b:
c6:89:ae:79:ea:05:00:c5:cc:1d:c6:a3:0a:1c:22:
96:0d:1c:dc:dc:81:24:79:8d:6e:15:66:5d:44:9b:
5d:f6:71:be:b0:d8:b7:5a:8a:68:75:d0:22:a3:11:
c3:b9:2a:6a:c9:68:da:bd:87:79:e4:34:6f:16:5e:
91:7a:3f:eb:a5:88:71:fe:2e:91:84:1c:d8:0f:d8:
40:86:83:36:2b:39:23:dc:b4:97:4c:c5:bb:90:71:
9b:65:d4:22:07:62:c5:a5:b4:06:59:86:08:b1:a0:
af:f9:78:0a:b1:b8:3c:aa:a0:d0:2a:12:b8:4e:d4:
a2:8b:46:6c:35:2c:98:74:48:bc:03:39:03:e4:11:
f6:08:fd:65:29:df:30:c8:e6:f4:57:0b:02:f2:23:
e2:37:64:f3:4c:9f:95:a0:55:99:e1:f6:21:10:3b:
9c:bb:4a:cb:f1:3f:78:9f:9d:24:8a:2c:e5:f0:e3:
33:05:73:e3:15:7e:7e:1d:83:17:71:47:ad:32:94:
ff:e7:b0:23:69:12:ea:02:72:b9:92:95:bf:62:dc:
d9:de:ef:67:bb:e2:4a:09:07:b5:51:78:eb:21:55:
91:2f:a5:93:bd:95:ba:23:ab:23:15:65:b9:c3:7a:
91:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:13:B8:38:A7:D5:77:13:14:84:5F:24:3C:FD:C8:05:DC:72:BC:03
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8a2d5f28-0fcb-419c-a873-3933dd3409d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.100.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a4:8f:8f:be:14:14:9a:74:34:ef:b3:5b:4a:cb:be:ba:3f:37:
db:d5:30:4e:11:3f:39:d7:85:c5:10:4d:0d:e5:0f:c7:7e:92:
55:8b:cb:c9:4d:01:9a:6a:00:7a:ea:f4:9d:dc:41:52:04:27:
63:83:7d:a7:87:e4:20:2b:e1:79:83:df:f5:6a:a8:0c:19:fe:
6f:2a:1c:78:18:c0:d3:08:8b:54:7c:dd:03:6c:7a:52:0e:0f:
82:63:c3:e1:5c:21:9a:15:5b:f3:17:ec:7a:d6:fb:3b:13:a8:
3e:8a:80:88:e8:a1:18:eb:65:01:95:99:df:78:a2:f5:12:33:
33:08:92:1c:a9:4a:cf:8d:3d:ea:58:49:0d:c6:dd:56:93:99:
be:da:40:32:c1:68:1c:5a:b3:29:a0:62:dc:3e:3d:15:15:31:
47:c5:8c:1e:7e:a2:3e:5a:76:37:d3:a3:75:d7:a3:ce:41:d3:
77:13:c5:ca:2a:42:f0:4e:a2:bb:0e:07:a0:03:56:bf:6c:8c:
ca:60:46:4a:72:db:0c:83:a7:3a:74:f8:5b:b2:78:e0:c1:95:
a0:51:e8:c6:12:dd:4f:b0:17:2e:8f:58:c8:b0:dc:58:7e:77:
c7:92:74:e2:47:6c:6a:14:54:1f:92:b5:44:75:b6:5a:7c:39:
f9:40:0e:7e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBYR+qQn8izQi/HUjXRXxobtbCn4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDg3YWM4YWU2NWY4NDExMDc2NWEzZDRiMGMwN2I5NWMxYzM3Mzg2YTk0MzVj
MTI2ZDQzY2MwODJiMDNjODc4M2YxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZ9BIktQfoNVJYFyU07xomueeoFAMXMHcajChwilg0c3NyBJHmNbhVmXUSb
XfZxvrDYt1qKaHXQIqMRw7kqaslo2r2HeeQ0bxZekXo/66WIcf4ukYQc2A/YQIaD
Nis5I9y0l0zFu5Bxm2XUIgdixaW0BlmGCLGgr/l4CrG4PKqg0CoSuE7UootGbDUs
mHRIvAM5A+QR9gj9ZSnfMMjm9FcLAvIj4jdk80yflaBVmeH2IRA7nLtKy/E/eJ+d
JIos5fDjMwVz4xV+fh2DF3FHrTKU/+ewI2kS6gJyuZKVv2Lc2d7vZ7viSgkHtVF4
6yFVkS+lk72VuiOrIxVlucN6kR8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTXE7g4
p9V3ExSEXyQ8/cgF3HK8AzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGEyZDVmMjgtMGZjYi00MTljLWE4NzMtMzkzM2RkMzQwOWQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNkMA0G
CSqGSIb3DQEBCwUAA4IBAQCkj4++FBSadDTvs1tKy766Pzfb1TBOET8514XFEE0N
5Q/HfpJVi8vJTQGaagB66vSd3EFSBCdjg32nh+QgK+F5g9/1aqgMGf5vKhx4GMDT
CItUfN0DbHpSDg+CY8PhXCGaFVvzF+x61vs7E6g+ioCI6KEY62UBlZnfeKL1EjMz
CJIcqUrPjT3qWEkNxt1Wk5m+2kAywWgcWrMpoGLcPj0VFTFHxYwefqI+WnY306N1
16POQdN3E8XKKkLwTqK7DgegA1a/bIzKYEZKctsMg6c6dPhbsnjgwZWgUejGEt1P
sBcuj1jIsNxYfnfHknTiR2xqFFQfkrVEdbZafDn5QA5+
-----END CERTIFICATE-----
Generated at Sun Nov 24 21:43:50 2024 by rpki-client on console-ams.rpki-client.org