Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a461a201-5dfd-4f29-b790-759ae6e51a1f.roa
File: a461a201-5dfd-4f29-b790-759ae6e51a1f.roa (raw, json)
Hash identifier: Y8LyQ3B6wKqHx520wUxhzzDB/MfbXAzzUSjbekJOmJc=
Subject key identifier: 4E:62:60:6F:15:71:ED:29:E2:38:28:32:E7:3C:28:0C:77:1E:D2:7D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 156AD9261D395C242DF50C395176B074ED0742C6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a461a201-5dfd-4f29-b790-759ae6e51a1f.roa
Signing time: Mon 04 Nov 2024 00:00:00 +0000
ROA not before: Mon 04 Nov 2024 00:00:00 +0000
ROA not after: Mon 09 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.104.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:6a:d9:26:1d:39:5c:24:2d:f5:0c:39:51:76:b0:74:ed:07:42:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 4 00:00:00 2024 GMT
Not After : Dec 9 23:59:59 2024 GMT
Subject: serialNumber=e36805b24930f1d4219113daa0f7fd7321e517668a2fd7a63c3c008b24237746, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ff:d4:46:64:da:3f:3a:94:ff:eb:3b:26:50:
06:b5:fd:62:7a:43:3d:e4:ba:1a:fd:1f:3d:40:06:
38:e5:a4:67:71:41:02:10:6b:26:17:d7:48:c5:82:
f3:da:9b:ce:b4:b7:27:f2:85:df:c3:c0:c4:90:29:
5c:5a:f8:78:b7:51:e9:94:16:c1:f0:95:39:cc:03:
d6:c2:41:dd:62:1f:d9:b9:1d:34:bf:c0:ed:8c:16:
c1:89:69:e5:69:8d:11:44:79:0d:ab:17:d0:26:5a:
33:75:05:95:22:7a:ba:ac:12:ce:da:c0:f1:7b:bc:
d1:71:64:fa:e4:fc:89:84:b5:ce:9b:86:e6:63:09:
9d:5f:8d:16:62:fc:2c:6f:e1:ab:2f:9b:13:7d:e7:
6a:d5:b2:1c:33:08:4c:13:89:36:4e:40:62:36:61:
97:36:59:1d:da:0e:99:f0:41:30:05:c6:56:a1:65:
84:cf:6a:82:4b:f9:1d:6c:ed:b6:2c:7d:a2:35:ca:
b3:9e:47:fa:b8:da:c7:d2:1c:1a:50:52:6d:29:27:
a3:af:76:dd:de:57:46:a2:cf:e6:b0:ff:42:97:22:
f1:2b:d1:06:27:33:b5:ba:c4:65:1d:8f:6b:dd:01:
e4:2f:41:69:4a:de:38:05:0e:31:38:07:4f:f0:40:
18:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:62:60:6F:15:71:ED:29:E2:38:28:32:E7:3C:28:0C:77:1E:D2:7D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a461a201-5dfd-4f29-b790-759ae6e51a1f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.104.0/21
Signature Algorithm: sha256WithRSAEncryption
20:53:18:f2:f0:34:8e:2d:4a:46:0c:4c:6b:8a:36:b4:d4:e4:
ee:54:ac:a6:33:a3:ad:d8:f3:6b:ed:a9:91:ed:e1:90:ec:e6:
86:1e:07:1c:e3:5a:85:f5:e6:10:52:8c:66:71:e8:17:ad:26:
4f:52:ef:cf:bd:69:f8:88:f8:35:0f:ae:0a:82:cd:58:0a:66:
91:20:ba:0c:43:43:8b:3e:70:53:23:dd:4a:8e:ce:76:bb:2a:
c9:2d:22:42:c4:75:5a:a2:0d:c3:07:4b:ce:5c:2c:d5:cd:35:
a3:6f:c6:93:3c:7b:71:7f:b0:da:3f:3f:6b:a1:ef:f5:db:0b:
ac:b4:72:64:09:16:fc:c9:5d:26:a5:01:11:94:cb:2e:29:bd:
2c:8f:60:02:85:41:ee:dc:f2:a8:da:3f:f5:5f:a1:aa:8f:5f:
37:3b:58:31:5a:f7:c6:d7:64:17:de:e3:64:22:fc:52:47:bf:
7c:1d:4a:e4:fd:71:bb:11:fc:c2:14:73:1c:fe:27:01:56:b8:
db:a4:49:b1:b1:b5:b7:d0:2f:53:74:8c:e5:2c:86:98:89:85:
ee:b2:54:ef:59:b4:75:06:30:c1:87:73:cf:d1:60:cc:02:b0:
60:0c:e0:cf:fc:6d:e5:a0:24:63:3d:3b:ab:d3:ec:21:40:10:
5d:a0:61:b5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUFWrZJh05XCQt9Qw5UXawdO0HQsYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDQwMDAwMDBaFw0yNDEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzNjgwNWIyNDkzMGYxZDQyMTkxMTNkYWEwZjdmZDczMjFlNTE3NjY4YTJm
ZDdhNjNjM2MwMDhiMjQyMzc3NDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJz/1EZk2j86lP/rOyZQBrX9YnpDPeS6Gv0fPUAGOOWkZ3FBAhBrJhfXSMWC
89qbzrS3J/KF38PAxJApXFr4eLdR6ZQWwfCVOcwD1sJB3WIf2bkdNL/A7YwWwYlp
5WmNEUR5DasX0CZaM3UFlSJ6uqwSztrA8Xu80XFk+uT8iYS1zpuG5mMJnV+NFmL8
LG/hqy+bE33natWyHDMITBOJNk5AYjZhlzZZHdoOmfBBMAXGVqFlhM9qgkv5HWzt
tix9ojXKs55H+rjax9IcGlBSbSkno6923d5XRqLP5rD/Qpci8SvRBicztbrEZR2P
a90B5C9BaUreOAUOMTgHT/BAGIkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBROYmBv
FXHtKeI4KDLnPCgMdx7SfTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTQ2MWEyMDEtNWRmZC00ZjI5LWI3OTAtNzU5YWU2ZTUxYTFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAaDAN
BgkqhkiG9w0BAQsFAAOCAQEAIFMY8vA0ji1KRgxMa4o2tNTk7lSspjOjrdjza+2p
ke3hkOzmhh4HHONahfXmEFKMZnHoF60mT1Lvz71p+Ij4NQ+uCoLNWApmkSC6DEND
iz5wUyPdSo7OdrsqyS0iQsR1WqINwwdLzlws1c01o2/Gkzx7cX+w2j8/a6Hv9dsL
rLRyZAkW/MldJqUBEZTLLim9LI9gAoVB7tzyqNo/9V+hqo9fNztYMVr3xtdkF97j
ZCL8Uke/fB1K5P1xuxH8whRzHP4nAVa426RJsbG1t9AvU3SM5SyGmImF7rJU71m0
dQYwwYdzz9FgzAKwYAzgz/xt5aAkYz07q9PsIUAQXaBhtQ==
-----END CERTIFICATE-----
Generated at Sun Nov 24 21:43:50 2024 by rpki-client on console-ams.rpki-client.org