Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
File: 9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa (raw, json)
Hash identifier: Rer3uccNNWuM0qhITeQak9TtAOhdVOMjeE1m2TnraUI=
Subject key identifier: E8:08:AD:D9:B6:3E:45:00:1F:46:D7:74:61:BF:E3:02:A4:F3:CD:EE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 37306650378E227DC6DC766F75837138BA5426C5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.50.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:30:66:50:37:8e:22:7d:c6:dc:76:6f:75:83:71:38:ba:54:26:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=7dab5d849c9520ed4ab50b0084768a96b23aa6e5170cb3d58879b5c67f7acef1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d2:d7:af:0d:78:c5:93:1c:70:74:3b:9f:59:
85:b2:28:7a:73:6c:fc:f4:a3:37:02:c6:98:e1:10:
d3:ce:d8:2a:59:57:71:e2:20:b5:36:e9:86:b6:cf:
85:04:b3:94:88:63:90:bb:ae:4a:8e:f9:91:35:2b:
67:6b:16:07:95:42:7c:43:64:a9:8d:4d:6d:4f:d0:
8c:7a:b2:8f:78:f3:6e:3d:f2:c8:e2:38:f2:3f:da:
96:b2:23:b0:06:59:9c:0e:70:26:51:51:b2:16:36:
05:69:99:92:4a:5d:bc:0b:2e:66:13:9b:09:bf:73:
d2:7f:8a:c8:dd:5c:43:ca:29:24:3d:de:07:71:86:
a8:c4:a9:61:07:61:df:62:24:14:d9:26:fa:ee:58:
68:e3:43:8d:25:f2:8d:29:c0:9c:bb:55:2b:63:d8:
26:39:47:19:5a:e6:01:d4:73:a0:cc:ad:af:dd:07:
b5:5b:e6:95:b1:3c:af:9c:39:a3:cb:c5:4d:f2:a8:
35:b5:da:35:cf:d9:78:f2:46:bb:b8:53:f9:7a:39:
45:4e:89:1c:9a:09:25:8a:2f:23:f4:5b:07:bb:8b:
dd:12:0c:66:7d:c8:ab:8a:32:8c:6d:1e:ca:3a:57:
3a:77:59:66:8e:09:c5:c9:58:28:c0:6e:49:43:96:
7b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:08:AD:D9:B6:3E:45:00:1F:46:D7:74:61:BF:E3:02:A4:F3:CD:EE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.50.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2f:f0:ec:9b:f2:fc:3f:dc:c8:9b:e9:b5:8b:51:06:17:5b:40:
01:6e:4d:50:c5:30:69:ca:3d:08:bb:f5:0e:46:43:84:8d:7a:
f4:6d:88:ca:e7:95:cc:c1:c8:d2:c1:4a:a0:6c:eb:05:dc:c1:
3a:84:25:23:6d:cb:bf:86:b0:a5:6f:8f:f0:0c:56:eb:e1:5d:
96:0c:88:9b:1b:67:42:c2:83:76:55:d2:76:e0:2e:af:3d:c7:
b2:77:61:43:4c:cb:31:b5:06:76:83:39:ad:8c:22:d3:64:f5:
29:3b:66:70:82:1c:14:19:bf:bf:f3:63:fd:c8:27:6a:3b:38:
ec:a7:c8:a9:a2:c2:82:cb:74:fc:85:7d:0d:ea:14:2a:f1:3a:
16:df:06:51:ae:4a:97:ab:24:26:1d:b7:cf:8a:2f:bb:90:6b:
14:b1:1a:84:9a:26:1f:1f:c1:b6:fd:d9:54:23:2e:b0:73:26:
3f:22:ac:ed:c3:11:b0:31:3e:fd:4d:fd:e9:4f:8a:aa:11:38:
a9:11:40:4a:2b:e0:fc:e5:28:f8:4f:85:eb:a6:87:50:e6:ab:
f4:ec:e6:59:54:15:47:a5:85:55:b3:12:24:6d:85:c1:13:e7:
c6:91:9a:bf:85:78:70:e8:92:72:94:72:25:1b:89:b3:3b:af:
06:b2:76:f2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNzBmUDeOIn3G3HZvdYNxOLpUJsUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDdkYWI1ZDg0OWM5NTIwZWQ0YWI1MGIwMDg0NzY4YTk2YjIzYWE2ZTUxNzBj
YjNkNTg4NzliNWM2N2Y3YWNlZjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKfS168NeMWTHHB0O59ZhbIoenNs/PSjNwLGmOEQ087YKllXceIgtTbphrbP
hQSzlIhjkLuuSo75kTUrZ2sWB5VCfENkqY1NbU/QjHqyj3jzbj3yyOI48j/alrIj
sAZZnA5wJlFRshY2BWmZkkpdvAsuZhObCb9z0n+KyN1cQ8opJD3eB3GGqMSpYQdh
32IkFNkm+u5YaONDjSXyjSnAnLtVK2PYJjlHGVrmAdRzoMytr90HtVvmlbE8r5w5
o8vFTfKoNbXaNc/ZePJGu7hT+Xo5RU6JHJoJJYovI/RbB7uL3RIMZn3Iq4oyjG0e
yjpXOndZZo4JxclYKMBuSUOWewcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBToCK3Z
tj5FAB9G13Rhv+MCpPPN7jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWViN2RmYjMtNWNiMy00ODRhLWI1NTAtNDE4ZmM1NDBlYTI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMyMA0G
CSqGSIb3DQEBCwUAA4IBAQAv8Oyb8vw/3Mib6bWLUQYXW0ABbk1QxTBpyj0Iu/UO
RkOEjXr0bYjK55XMwcjSwUqgbOsF3ME6hCUjbcu/hrClb4/wDFbr4V2WDIibG2dC
woN2VdJ24C6vPceyd2FDTMsxtQZ2gzmtjCLTZPUpO2ZwghwUGb+/82P9yCdqOzjs
p8iposKCy3T8hX0N6hQq8ToW3wZRrkqXqyQmHbfPii+7kGsUsRqEmiYfH8G2/dlU
Iy6wcyY/IqztwxGwMT79Tf3pT4qqETipEUBKK+D85Sj4T4XrpodQ5qv07OZZVBVH
pYVVsxIkbYXBE+fGkZq/hXhw6JJylHIlG4mzO68Gsnby
-----END CERTIFICATE-----
Generated at Sun Nov 24 21:43:50 2024 by rpki-client on console-ams.rpki-client.org