Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a4d0611b-6ace-49c7-bbb6-ff031993f658.roa
File: a4d0611b-6ace-49c7-bbb6-ff031993f658.roa (raw, json)
Hash identifier: wPFlp77nEpkDcPxGTJfH11c322bUjz4VTrdzwQUXqqU=
Subject key identifier: 94:53:1C:F0:C9:56:1F:6D:E2:E9:63:DC:48:39:6D:48:E8:B0:C4:C2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 320700FF3178AA65A301FB902B76C9935FAC6FED
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a4d0611b-6ace-49c7-bbb6-ff031993f658.roa
Signing time: Wed 06 Nov 2024 00:00:00 +0000
ROA not before: Wed 06 Nov 2024 00:00:00 +0000
ROA not after: Wed 11 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.112.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:07:00:ff:31:78:aa:65:a3:01:fb:90:2b:76:c9:93:5f:ac:6f:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 6 00:00:00 2024 GMT
Not After : Dec 11 23:59:59 2024 GMT
Subject: serialNumber=24df27af25ab01c754d06e62c5bf24529d67f85652a62bc889e5bda4153030b1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:9a:14:52:72:35:32:d6:1b:a7:f0:2e:5b:1b:
d8:40:d5:f5:b7:bd:01:90:98:2d:f8:ca:32:f4:94:
1a:71:eb:e5:3c:c4:fb:5f:73:c9:8f:44:27:1c:db:
92:ef:00:73:f1:d8:c0:3d:61:97:72:f2:c9:d3:e2:
12:25:e2:05:a5:f7:ba:98:c3:d3:a4:40:cd:c8:e0:
b6:0d:f8:48:e4:50:f8:d4:4a:94:0a:26:81:8d:b7:
5c:7b:51:d3:b3:23:24:fa:15:e4:9d:98:47:bb:23:
4f:d6:c7:c4:f0:e2:e7:e6:74:b7:15:44:1d:6e:9f:
6e:21:eb:5e:74:30:1e:ec:20:68:fe:15:07:13:cf:
1b:36:d1:80:15:72:08:85:c1:0d:7f:b4:7f:37:ae:
3c:f1:4f:d0:97:70:0a:f9:bf:f5:9d:25:9b:9b:d5:
8b:b5:ab:e4:8d:62:f5:a0:56:8c:43:07:6a:73:c1:
08:f4:8a:b4:f4:b4:97:89:91:b0:f7:e5:e0:8d:ce:
a5:2c:8c:4c:ff:8c:da:f9:b7:92:6f:55:51:e2:5e:
5c:2e:e9:c9:bd:ec:ee:ed:16:d3:a6:16:0a:29:f7:
e1:cf:44:8e:3a:c0:a4:84:e4:f0:a4:25:c8:a2:27:
cc:12:e8:c1:98:38:2c:76:e2:c7:eb:35:cc:50:af:
7d:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:53:1C:F0:C9:56:1F:6D:E2:E9:63:DC:48:39:6D:48:E8:B0:C4:C2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a4d0611b-6ace-49c7-bbb6-ff031993f658.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.112.0.0/15
Signature Algorithm: sha256WithRSAEncryption
55:19:47:c8:12:0f:b1:9a:41:d0:e1:14:cc:69:26:03:93:57:
77:d1:1f:e4:1b:b4:44:33:17:06:98:7e:17:78:82:5e:52:e7:
61:7e:46:22:12:43:bd:90:21:02:35:a4:9e:09:52:9c:bd:19:
40:f2:5e:4b:68:b7:25:15:c5:12:2f:48:f3:4f:55:ff:6c:71:
ac:ea:cb:4f:44:c2:2d:5c:d4:89:eb:06:b5:0c:56:5c:30:c8:
10:ea:e7:54:41:35:cc:e7:e2:ff:34:de:77:ef:fe:cb:06:6d:
b6:cd:a6:a8:e5:46:ca:e6:c7:4a:38:ac:ae:64:43:19:b7:3f:
f3:7d:6c:f9:ef:25:ee:99:da:7c:15:ce:32:69:83:77:95:59:
56:a8:45:74:e0:60:24:95:fb:9c:26:66:43:8f:f2:b1:45:3b:
f6:50:4b:bf:14:17:81:96:18:94:8f:01:0f:05:73:cd:63:ac:
cb:32:ee:6f:9e:78:f2:1c:8b:86:a0:11:49:82:b4:5e:0c:e2:
1b:5f:41:75:31:8c:e9:a4:96:5b:eb:0a:f0:a0:e3:d5:96:46:
6a:be:40:af:06:66:e1:4d:ec:23:db:51:fe:ce:14:67:80:7d:
3e:05:96:e1:ac:b4:2d:70:74:e5:9a:25:35:c1:6b:39:c6:ba:
c1:a0:64:c4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMgcA/zF4qmWjAfuQK3bJk1+sb+0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDYwMDAwMDBaFw0yNDEyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDI0ZGYyN2FmMjVhYjAxYzc1NGQwNmU2MmM1YmYyNDUyOWQ2N2Y4NTY1MmE2
MmJjODg5ZTViZGE0MTUzMDMwYjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMeaFFJyNTLWG6fwLlsb2EDV9be9AZCYLfjKMvSUGnHr5TzE+19zyY9EJxzb
ku8Ac/HYwD1hl3LyydPiEiXiBaX3upjD06RAzcjgtg34SORQ+NRKlAomgY23XHtR
07MjJPoV5J2YR7sjT9bHxPDi5+Z0txVEHW6fbiHrXnQwHuwgaP4VBxPPGzbRgBVy
CIXBDX+0fzeuPPFP0JdwCvm/9Z0lm5vVi7Wr5I1i9aBWjEMHanPBCPSKtPS0l4mR
sPfl4I3OpSyMTP+M2vm3km9VUeJeXC7pyb3s7u0W06YWCin34c9EjjrApITk8KQl
yKInzBLowZg4LHbix+s1zFCvfVkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSUUxzw
yVYfbeLpY9xIOW1I6LDEwjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTRkMDYxMWItNmFjZS00OWM3LWJiYjYtZmYwMzE5OTNmNjU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNwMA0G
CSqGSIb3DQEBCwUAA4IBAQBVGUfIEg+xmkHQ4RTMaSYDk1d30R/kG7REMxcGmH4X
eIJeUudhfkYiEkO9kCECNaSeCVKcvRlA8l5LaLclFcUSL0jzT1X/bHGs6stPRMIt
XNSJ6wa1DFZcMMgQ6udUQTXM5+L/NN537/7LBm22zaao5UbK5sdKOKyuZEMZtz/z
fWz57yXumdp8Fc4yaYN3lVlWqEV04GAklfucJmZDj/KxRTv2UEu/FBeBlhiUjwEP
BXPNY6zLMu5vnnjyHIuGoBFJgrReDOIbX0F1MYzppJZb6wrwoOPVlkZqvkCvBmbh
Tewj21H+zhRngH0+BZbhrLQtcHTlmiU1wWs5xrrBoGTE
-----END CERTIFICATE-----
Generated at Sun Nov 24 21:43:50 2024 by rpki-client on console-ams.rpki-client.org