Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2ec30ed-974a-43a5-b46e-c1e08243cbdb.roa
File: a2ec30ed-974a-43a5-b46e-c1e08243cbdb.roa (raw, json)
Hash identifier: VjaZ5fQ5p71GltyX38qSRqbpVxJHQoDSj7iXEssWWjs=
Subject key identifier: 3A:2D:31:28:18:16:F2:AE:D1:62:31:16:15:28:E0:9A:F3:97:54:70
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 21E558ACD5213CB74253AE1F28BC5E19FE850F7B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2ec30ed-974a-43a5-b46e-c1e08243cbdb.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.164.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:e5:58:ac:d5:21:3c:b7:42:53:ae:1f:28:bc:5e:19:fe:85:0f:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=937e7ec3990eab83c53b80f4117df2c0706cb17ee54e4adfa680ee15dc957c0a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:55:dd:05:73:5b:3d:88:00:ec:86:62:74:62:
a7:3f:62:1a:a0:ef:1f:5f:27:59:b0:6c:84:d4:d2:
40:6d:ee:3d:f4:6f:a5:21:d2:6e:80:db:6f:b4:47:
b4:1c:5b:86:85:ee:92:53:8b:28:bf:d0:f5:7b:40:
c1:b5:cc:fa:96:68:5e:88:a6:8c:c7:cf:30:8e:52:
0e:ae:a2:2e:f0:3b:41:f2:0c:c0:ae:0f:e7:59:f9:
db:42:75:8d:2e:ef:e7:76:e9:8e:dc:97:00:76:c4:
54:bd:13:fe:a6:ae:50:1c:06:26:d6:d6:1a:cf:89:
4b:65:7e:07:f1:04:61:8d:a2:d6:3f:dc:a1:c5:92:
de:49:8e:9c:27:05:a1:68:2a:91:9d:cc:a0:52:18:
6f:1f:c0:58:82:0e:c9:b2:aa:3a:ba:d3:09:72:7f:
b6:78:0e:6b:9c:66:2f:76:50:94:b3:19:67:8c:05:
da:a4:15:dc:15:71:c9:db:ad:0f:36:a7:ff:73:5b:
0c:f7:c5:ae:ee:84:3a:e9:9f:ee:b2:92:36:12:7f:
d7:20:29:4d:6e:37:00:d0:03:52:ee:f2:37:ac:f4:
e8:7f:29:56:9f:59:9a:cf:52:e0:73:2a:66:41:84:
65:8d:88:20:77:d4:25:9f:c4:aa:a4:09:21:74:f9:
6e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:2D:31:28:18:16:F2:AE:D1:62:31:16:15:28:E0:9A:F3:97:54:70
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2ec30ed-974a-43a5-b46e-c1e08243cbdb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.164.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a3:32:1d:c1:a9:c4:9e:c1:99:fd:87:fa:7e:6c:50:88:57:3c:
7d:bd:dd:59:b6:0f:06:f8:69:bf:02:22:82:b1:32:5d:f0:cd:
31:59:e9:3d:87:da:32:fe:28:57:d1:d6:fe:2d:7b:88:42:0f:
fe:69:61:66:a1:55:2d:98:8e:96:db:44:5f:8f:6a:b4:f2:43:
b8:87:3f:05:4b:0d:29:32:fc:1f:88:3b:53:b3:bb:13:d6:b5:
ef:9e:10:d4:39:d8:2c:fe:43:d2:b3:d2:a8:41:d7:f1:56:96:
09:a6:1d:57:78:99:ce:e4:4b:05:85:46:da:62:22:5e:b6:45:
b0:78:9a:9a:ca:b4:fe:02:21:bb:4d:fb:56:3a:bf:9e:5e:4a:
d2:3e:0b:3c:9c:b5:02:43:0e:08:d1:c4:30:fa:bb:11:20:a8:
13:4b:6f:0a:08:a3:c1:fe:80:82:f4:c9:33:4c:59:f2:55:e7:
d6:b4:97:de:4c:46:d4:30:24:75:77:fd:88:26:b3:36:0f:f8:
66:de:11:15:6b:be:2e:9a:18:b4:4a:76:28:86:5e:fd:e9:f7:
bc:d7:28:29:b4:0b:be:03:4b:33:2b:a4:7e:fb:dd:2a:26:2d:
b9:4e:a4:03:0e:6b:b2:64:70:7f:54:4d:4e:90:8f:6e:5d:bd:
ce:91:23:de
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIeVYrNUhPLdCU64fKLxeGf6FD3swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDkzN2U3ZWMzOTkwZWFiODNjNTNiODBmNDExN2RmMmMwNzA2Y2IxN2VlNTRl
NGFkZmE2ODBlZTE1ZGM5NTdjMGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZV3QVzWz2IAOyGYnRipz9iGqDvH18nWbBshNTSQG3uPfRvpSHSboDbb7RH
tBxbhoXuklOLKL/Q9XtAwbXM+pZoXoimjMfPMI5SDq6iLvA7QfIMwK4P51n520J1
jS7v53bpjtyXAHbEVL0T/qauUBwGJtbWGs+JS2V+B/EEYY2i1j/cocWS3kmOnCcF
oWgqkZ3MoFIYbx/AWIIOybKqOrrTCXJ/tngOa5xmL3ZQlLMZZ4wF2qQV3BVxydut
Dzan/3NbDPfFru6EOumf7rKSNhJ/1yApTW43ANADUu7yN6z06H8pVp9Zms9S4HMq
ZkGEZY2IIHfUJZ/EqqQJIXT5bv0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ6LTEo
GBbyrtFiMRYVKOCa85dUcDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTJlYzMwZWQtOTc0YS00M2E1LWI0NmUtYzFlMDgyNDNjYmRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOkMA0G
CSqGSIb3DQEBCwUAA4IBAQCjMh3BqcSewZn9h/p+bFCIVzx9vd1Ztg8G+Gm/AiKC
sTJd8M0xWek9h9oy/ihX0db+LXuIQg/+aWFmoVUtmI6W20Rfj2q08kO4hz8FSw0p
MvwfiDtTs7sT1rXvnhDUOdgs/kPSs9KoQdfxVpYJph1XeJnO5EsFhUbaYiJetkWw
eJqayrT+AiG7TftWOr+eXkrSPgs8nLUCQw4I0cQw+rsRIKgTS28KCKPB/oCC9Mkz
TFnyVefWtJfeTEbUMCR1d/2IJrM2D/hm3hEVa74umhi0SnYohl796fe81ygptAu+
A0szK6R++90qJi25TqQDDmuyZHB/VE1OkI9uXb3OkSPe
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:30 2024 by rpki-client on console-ams.rpki-client.org