Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e5dcc27-9bc3-4b82-8be2-a41315c61b33.roa
File: 8e5dcc27-9bc3-4b82-8be2-a41315c61b33.roa (raw, json)
Hash identifier: xMQmHuMvMa2phhFxfUkn++tQLHO6Zdw9ucEzPbmKPes=
Subject key identifier: 9B:8E:68:64:7C:43:E2:6E:63:C2:51:14:59:6C:C8:58:23:91:E1:D3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 396E5083D788F293ABBA1E0CABCCFFD5C3D6DA76
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e5dcc27-9bc3-4b82-8be2-a41315c61b33.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.160.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:6e:50:83:d7:88:f2:93:ab:ba:1e:0c:ab:cc:ff:d5:c3:d6:da:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=1771aa59376659bf7f2a9286c69149c4c3c5b916e2d4b0adcefff5c7579e706a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:cb:d8:4e:9b:6a:e6:ff:c2:0f:25:b2:ea:26:
b6:93:f1:6f:b7:2e:80:83:ad:9a:c2:81:62:ff:40:
37:40:87:2e:71:e2:85:7c:63:e4:b0:fa:65:0f:bb:
36:cf:fb:6f:c1:03:9e:b4:02:52:c7:91:e9:46:b2:
f5:3e:e9:04:a5:aa:17:5e:58:79:e0:22:b6:fd:a7:
b3:99:83:6f:ff:6d:8a:45:15:40:2d:b8:ae:d5:79:
ee:8e:49:ee:e6:bd:ce:3a:ba:b8:80:a2:ef:65:a1:
08:92:ab:5a:35:84:4b:03:5e:eb:f6:1b:6e:c9:c2:
87:b0:1e:db:0b:be:a3:fa:c8:61:88:fc:9a:33:e8:
dc:1f:78:45:42:25:b4:60:bf:77:64:d8:de:d0:0f:
ef:fe:66:f7:71:7a:37:a1:b0:07:ca:7b:14:ad:54:
e6:99:e9:ed:22:73:3c:90:a9:2c:1b:72:3b:47:0f:
77:96:05:4c:37:43:eb:f1:09:12:34:5c:84:78:26:
8f:ae:04:3e:ed:ec:f8:7e:5c:4b:56:fe:08:f7:fb:
56:75:e0:01:18:0b:66:cc:99:5a:5d:ab:ce:a8:0e:
05:c2:ff:83:6e:81:9c:07:13:21:3d:76:a7:5a:67:
62:68:85:35:de:c0:8a:0b:b2:e6:0e:f5:74:e1:f3:
9a:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:8E:68:64:7C:43:E2:6E:63:C2:51:14:59:6C:C8:58:23:91:E1:D3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e5dcc27-9bc3-4b82-8be2-a41315c61b33.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.160.0.0/16
Signature Algorithm: sha256WithRSAEncryption
88:d6:53:a0:4d:2a:8a:6c:f6:e9:15:6d:1f:48:bb:30:13:4c:
fe:c7:43:36:08:a7:6d:be:4b:8d:8e:9f:38:2f:e6:9a:62:9a:
95:44:18:c2:67:ab:c3:aa:18:3d:a5:1a:38:99:c4:c3:54:db:
85:fe:53:6d:d4:6e:f6:26:48:2e:0c:cc:ed:69:60:45:de:9d:
74:f0:c1:98:73:53:93:95:49:93:54:a8:f3:56:f3:a5:fc:cd:
b5:60:70:78:00:82:4c:be:1f:50:12:eb:48:16:4d:c0:dc:40:
79:7f:3e:12:e7:1d:4c:3b:19:fb:9b:9c:58:90:99:56:6a:91:
d4:04:6e:8f:67:48:78:e5:d0:04:78:33:51:99:58:94:f3:3a:
af:e3:f1:e8:aa:21:75:2c:e9:44:7a:cc:e8:d7:68:30:1b:52:
55:21:66:db:4c:fc:97:38:a3:b9:e3:b9:22:5b:10:8c:fb:6d:
e7:4b:ac:4a:77:53:94:8c:6d:9e:8e:bf:15:84:06:a5:f9:98:
9f:b5:72:37:d2:2c:64:4c:65:7e:3f:5a:8e:62:b8:79:97:de:
bb:2a:5f:3a:b9:ca:3e:77:80:7f:b4:33:2e:5a:75:15:5e:f0:
04:b2:3c:c7:bf:44:87:b3:1c:1e:67:ed:4b:b8:c6:a2:dc:fe:
f7:e2:48:57
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOW5Qg9eI8pOruh4Mq8z/1cPW2nYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3NzFhYTU5Mzc2NjU5YmY3ZjJhOTI4NmM2OTE0OWM0YzNjNWI5MTZlMmQ0
YjBhZGNlZmZmNWM3NTc5ZTcwNmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANrL2E6baub/wg8lsuomtpPxb7cugIOtmsKBYv9AN0CHLnHihXxj5LD6ZQ+7
Ns/7b8EDnrQCUseR6Uay9T7pBKWqF15YeeAitv2ns5mDb/9tikUVQC24rtV57o5J
7ua9zjq6uICi72WhCJKrWjWESwNe6/YbbsnCh7Ae2wu+o/rIYYj8mjPo3B94RUIl
tGC/d2TY3tAP7/5m93F6N6GwB8p7FK1U5pnp7SJzPJCpLBtyO0cPd5YFTDdD6/EJ
EjRchHgmj64EPu3s+H5cS1b+CPf7VnXgARgLZsyZWl2rzqgOBcL/g26BnAcTIT12
p1pnYmiFNd7Aiguy5g71dOHzmksCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSbjmhk
fEPibmPCURRZbMhYI5Hh0zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGU1ZGNjMjctOWJjMy00YjgyLThiZTItYTQxMzE1YzYxYjMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOgMA0G
CSqGSIb3DQEBCwUAA4IBAQCI1lOgTSqKbPbpFW0fSLswE0z+x0M2CKdtvkuNjp84
L+aaYpqVRBjCZ6vDqhg9pRo4mcTDVNuF/lNt1G72JkguDMztaWBF3p108MGYc1OT
lUmTVKjzVvOl/M21YHB4AIJMvh9QEutIFk3A3EB5fz4S5x1MOxn7m5xYkJlWapHU
BG6PZ0h45dAEeDNRmViU8zqv4/HoqiF1LOlEeszo12gwG1JVIWbbTPyXOKO547ki
WxCM+23nS6xKd1OUjG2ejr8VhAal+ZiftXI30ixkTGV+P1qOYrh5l967Kl86uco+
d4B/tDMuWnUVXvAEsjzHv0SHsxweZ+1LuMai3P734khX
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:30 2024 by rpki-client on console-ams.rpki-client.org