Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/92aa3163-803c-4865-acea-681184356c4d.roa
File: 92aa3163-803c-4865-acea-681184356c4d.roa (raw, json)
Hash identifier: N39lpi5wPUfSvboIKZLTdk8KlYUCUM02HWM3Rq4g/jE=
Subject key identifier: 9B:3C:8E:B0:ED:55:A7:6F:FA:67:2F:4A:85:88:BC:78:95:C8:C5:B4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6F44DFA7B20623018C2C7474481B9213D6ECD7A9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/92aa3163-803c-4865-acea-681184356c4d.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.226.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:44:df:a7:b2:06:23:01:8c:2c:74:74:48:1b:92:13:d6:ec:d7:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=6d222533e3b2e9879a7673113c951e953592682a2acba27cee715a11ee95929d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:41:08:3c:d8:2f:06:84:c6:44:bb:f4:f4:0d:
b2:3e:92:f6:c3:80:30:e9:9f:5b:cb:96:af:2b:29:
42:50:26:9e:17:f6:c8:3d:0e:9d:c4:45:9f:28:34:
c8:cb:bb:97:25:e1:c8:e8:8b:cf:41:23:e2:16:10:
84:f6:96:e0:af:43:45:ce:c0:dc:b7:e4:9c:f6:85:
b2:c3:f4:2b:95:e4:e9:f8:88:88:1c:d8:47:8c:6d:
2b:8e:f6:f3:fc:8c:e9:4e:eb:59:36:9d:29:c7:b0:
e2:15:a8:0c:75:04:6d:d1:28:56:ae:e2:7d:69:00:
12:91:ed:c0:fb:1f:2d:0d:e0:c0:56:93:dd:cb:33:
4b:61:5e:97:5d:94:80:8d:77:2b:df:1b:6d:e6:3c:
02:43:64:3c:91:57:e7:a1:1b:b2:2a:52:b7:72:34:
67:b6:94:9e:1a:25:c2:bc:3c:40:d3:b0:fb:f8:e5:
dd:1c:db:da:ed:65:ee:6f:b2:6a:f0:af:26:4b:9e:
9a:7d:a7:40:ce:fc:3e:f1:df:1b:0a:68:a4:83:f4:
a3:4f:d2:19:55:99:29:b2:7a:fd:a9:45:0e:88:b3:
2f:6d:51:60:92:6e:08:0c:dc:62:cf:2b:07:40:6a:
74:b9:6d:58:c6:99:65:c1:a3:99:0a:7b:28:2d:ab:
59:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:3C:8E:B0:ED:55:A7:6F:FA:67:2F:4A:85:88:BC:78:95:C8:C5:B4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/92aa3163-803c-4865-acea-681184356c4d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.226.0.0/15
Signature Algorithm: sha256WithRSAEncryption
7b:ca:14:6f:2b:03:0d:fc:14:fe:3c:13:02:d0:d4:81:d0:ff:
ed:db:0c:cf:7a:d3:e9:b9:2d:83:19:ec:38:d1:b1:c4:9d:81:
a4:9e:d2:2d:ae:1b:b7:dd:23:b5:b5:4c:1f:64:b4:3b:77:01:
26:35:21:69:01:6e:1b:29:db:60:5e:9e:85:ea:f6:80:4e:7c:
d8:e6:62:6d:14:4e:b8:b1:6b:ad:39:bc:fb:a6:e6:9a:a8:a5:
66:3d:5a:8d:8b:0e:54:51:cd:17:f2:a7:76:98:71:30:e8:51:
d9:9a:a5:67:da:95:de:46:8b:54:65:ee:72:96:60:f0:79:21:
02:a6:94:33:5f:83:46:99:a5:b0:ac:13:47:58:17:7f:b4:7e:
e8:4b:54:d8:6d:11:e8:c4:82:43:75:89:2e:cf:cc:11:09:8a:
31:bc:15:97:31:57:aa:ef:cd:13:b4:76:f0:a4:b8:7b:58:5b:
82:94:c1:74:63:5a:bb:31:42:a1:22:d9:a8:89:46:77:31:c9:
50:f0:69:4b:07:a8:ae:d5:07:44:21:b2:e5:25:c4:ab:f2:90:
1a:23:e6:1e:8b:9d:d5:f9:8d:61:e9:f3:9f:92:7f:45:d2:d6:
d2:47:00:f6:11:0c:68:88:90:c1:f7:49:cf:a7:fb:ec:2b:c9:
b4:66:71:69
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUb0Tfp7IGIwGMLHR0SBuSE9bs16kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDZkMjIyNTMzZTNiMmU5ODc5YTc2NzMxMTNjOTUxZTk1MzU5MjY4MmEyYWNi
YTI3Y2VlNzE1YTExZWU5NTkyOWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMpBCDzYLwaExkS79PQNsj6S9sOAMOmfW8uWryspQlAmnhf2yD0OncRFnyg0
yMu7lyXhyOiLz0Ej4hYQhPaW4K9DRc7A3LfknPaFssP0K5Xk6fiIiBzYR4xtK472
8/yM6U7rWTadKcew4hWoDHUEbdEoVq7ifWkAEpHtwPsfLQ3gwFaT3cszS2Fel12U
gI13K98bbeY8AkNkPJFX56EbsipSt3I0Z7aUnholwrw8QNOw+/jl3Rzb2u1l7m+y
avCvJkuemn2nQM78PvHfGwpopIP0o0/SGVWZKbJ6/alFDoizL21RYJJuCAzcYs8r
B0BqdLltWMaZZcGjmQp7KC2rWWMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSbPI6w
7VWnb/pnL0qFiLx4lcjFtDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTJhYTMxNjMtODAzYy00ODY1LWFjZWEtNjgxMTg0MzU2YzRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPiMA0G
CSqGSIb3DQEBCwUAA4IBAQB7yhRvKwMN/BT+PBMC0NSB0P/t2wzPetPpuS2DGew4
0bHEnYGkntItrhu33SO1tUwfZLQ7dwEmNSFpAW4bKdtgXp6F6vaATnzY5mJtFE64
sWutObz7puaaqKVmPVqNiw5UUc0X8qd2mHEw6FHZmqVn2pXeRotUZe5ylmDweSEC
ppQzX4NGmaWwrBNHWBd/tH7oS1TYbRHoxIJDdYkuz8wRCYoxvBWXMVeq780TtHbw
pLh7WFuClMF0Y1q7MUKhItmoiUZ3MclQ8GlLB6iu1QdEIbLlJcSr8pAaI+Yei53V
+Y1h6fOfkn9F0tbSRwD2EQxoiJDB90nPp/vsK8m0ZnFp
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:30 2024 by rpki-client on console-ams.rpki-client.org