Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d1cb951-0a3b-460a-9669-128180570058.roa
File: 8d1cb951-0a3b-460a-9669-128180570058.roa (raw, json)
Hash identifier: cMDo/tgwYU3GQ3BXRIvQunOdWZL5R5ITzowHYKYKYkY=
Subject key identifier: 7B:60:BB:8E:B7:0A:AC:5A:21:60:8C:69:87:B4:C9:79:1D:CF:9F:67
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5A18EF77F3C236EBCDEF0395BEF82353C5AB5955
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d1cb951-0a3b-460a-9669-128180570058.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.176.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:18:ef:77:f3:c2:36:eb:cd:ef:03:95:be:f8:23:53:c5:ab:59:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=2596e9151da396ae9a3a1d837992c40c916c774b631efd2ea8c2b24e7dbe20b8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:4e:c4:64:38:a9:e7:e4:06:0e:15:f3:6e:9b:
c1:84:1c:a9:df:e6:3d:ed:e8:af:4d:9a:2c:9f:f5:
8e:37:68:ac:da:a1:95:be:c0:7c:a7:47:e4:7c:07:
16:90:e1:ff:10:c4:cd:40:09:0d:64:3a:13:12:69:
39:40:23:a3:5f:79:54:e7:12:b0:cc:c0:e4:33:0c:
a3:05:54:33:c1:19:e0:17:fc:1a:27:d7:eb:c9:08:
a6:77:69:48:01:6c:74:56:77:51:84:b3:2f:09:54:
21:af:16:23:2f:1b:a8:b3:ab:96:21:78:ef:36:1d:
7c:13:00:87:df:a3:62:eb:e6:3d:17:03:17:82:b9:
a1:b0:b2:1f:01:e5:b6:ab:4f:3c:56:50:ed:16:62:
64:b3:8d:43:05:43:bf:b3:c0:91:be:2e:5d:8d:e7:
82:36:64:18:35:20:39:b7:8c:9c:47:55:1c:3e:08:
3a:c1:50:0d:bd:28:f3:87:8f:8a:85:28:1e:04:72:
ee:9f:bd:21:4d:d4:64:d0:77:4a:dd:a3:63:5a:26:
12:a8:a4:57:87:8e:1f:c5:3b:a9:b4:fa:c1:f6:fd:
57:25:ad:ce:7c:c0:5d:7c:67:be:3e:e7:e2:34:1e:
cc:00:78:84:9e:1a:6d:c6:df:a9:7e:32:10:a8:52:
c2:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:60:BB:8E:B7:0A:AC:5A:21:60:8C:69:87:B4:C9:79:1D:CF:9F:67
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d1cb951-0a3b-460a-9669-128180570058.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.176.0.0/15
Signature Algorithm: sha256WithRSAEncryption
ab:85:37:fc:f5:cc:c7:89:f0:12:6a:8a:0e:d6:c6:d6:9a:0c:
95:4d:b9:c4:9d:5d:ba:54:0c:4a:77:9c:cd:0f:a6:12:97:47:
2d:01:d3:16:dc:ca:57:6e:4b:cd:7d:03:a0:96:f0:7b:52:29:
c3:ab:4c:27:78:21:2e:60:d1:5c:64:86:2f:d5:20:08:3f:e9:
13:4e:ed:bf:ef:93:d5:b1:a2:c7:d3:be:59:94:ab:10:00:10:
ef:2a:fe:c8:f4:77:90:19:0f:c0:a6:22:66:80:eb:82:d5:3b:
bd:11:44:52:29:3f:28:5b:b7:d2:fe:6e:b8:e4:d6:4d:70:ca:
59:47:78:8c:97:56:53:52:72:b2:1c:6d:0e:52:c6:43:9f:dd:
84:5e:c7:26:c6:ce:05:3d:b6:07:a8:5c:d9:11:ef:8c:3d:ed:
24:dc:fa:ca:13:7f:10:6f:6b:5d:ae:02:43:02:c7:4c:10:78:
61:f9:f8:0e:c4:7c:73:81:43:35:7d:46:ee:3a:d6:4f:2d:86:
2f:a2:35:60:3f:72:c7:c9:42:93:ba:8d:fb:76:1e:d8:1e:c0:
46:d9:bb:37:45:7c:92:cd:fb:21:9f:62:44:11:b9:15:f2:b8:
65:6d:f9:70:5c:b2:4e:1d:09:b0:70:c4:9a:a7:aa:a1:e4:a8:
06:09:95:0f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUWhjvd/PCNuvN7wOVvvgjU8WrWVUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1OTZlOTE1MWRhMzk2YWU5YTNhMWQ4Mzc5OTJjNDBjOTE2Yzc3NGI2MzFl
ZmQyZWE4YzJiMjRlN2RiZTIwYjgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKZOxGQ4qefkBg4V826bwYQcqd/mPe3or02aLJ/1jjdorNqhlb7AfKdH5HwH
FpDh/xDEzUAJDWQ6ExJpOUAjo195VOcSsMzA5DMMowVUM8EZ4Bf8GifX68kIpndp
SAFsdFZ3UYSzLwlUIa8WIy8bqLOrliF47zYdfBMAh9+jYuvmPRcDF4K5obCyHwHl
tqtPPFZQ7RZiZLONQwVDv7PAkb4uXY3ngjZkGDUgObeMnEdVHD4IOsFQDb0o84eP
ioUoHgRy7p+9IU3UZNB3St2jY1omEqikV4eOH8U7qbT6wfb9VyWtznzAXXxnvj7n
4jQezAB4hJ4abcbfqX4yEKhSwhMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR7YLuO
twqsWiFgjGmHtMl5Hc+fZzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGQxY2I5NTEtMGEzYi00NjBhLTk2NjktMTI4MTgwNTcwMDU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOwMA0G
CSqGSIb3DQEBCwUAA4IBAQCrhTf89czHifASaooO1sbWmgyVTbnEnV26VAxKd5zN
D6YSl0ctAdMW3MpXbkvNfQOglvB7UinDq0wneCEuYNFcZIYv1SAIP+kTTu2/75PV
saLH075ZlKsQABDvKv7I9HeQGQ/ApiJmgOuC1Tu9EURSKT8oW7fS/m645NZNcMpZ
R3iMl1ZTUnKyHG0OUsZDn92EXscmxs4FPbYHqFzZEe+MPe0k3PrKE38Qb2tdrgJD
AsdMEHhh+fgOxHxzgUM1fUbuOtZPLYYvojVgP3LHyUKTuo37dh7YHsBG2bs3RXyS
zfshn2JEEbkV8rhlbflwXLJOHQmwcMSap6qh5KgGCZUP
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:30 2024 by rpki-client on console-ams.rpki-client.org