Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa
File: af8582f5-d209-4e12-aacf-31186289c430.roa (raw, json)
Hash identifier: +1IMWjhIH4eS3Kn8BnMIEIibeLHZX63RyYaVFzqnUXQ=
Subject key identifier: 6A:CB:EC:62:71:62:12:CD:D5:8A:F0:48:F3:B8:C4:7C:BC:6D:4B:47
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1D39F830C3B87C2B046CAA1CD9A8B32ACF157264
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.216.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:39:f8:30:c3:b8:7c:2b:04:6c:aa:1c:d9:a8:b3:2a:cf:15:72:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=6d617b2d5c1c5b360516b5c9e619070f036168dcf30acb11d2d338eb7fa1db77, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:0e:2c:2f:0f:76:32:b1:7f:0c:7a:4e:34:fa:
7d:d5:92:f4:2f:6a:f0:ba:a8:25:d1:05:08:3b:88:
62:7a:5a:c2:30:40:e2:94:e1:16:82:e8:97:c2:14:
a1:55:a1:f4:a1:b3:07:f3:dd:30:49:84:ab:91:cb:
67:1a:2e:cd:fd:7a:52:b9:92:4c:33:1f:b5:90:08:
9e:22:4d:1f:62:a4:b0:fa:ed:53:88:3f:ad:6e:5c:
89:8e:1f:73:49:f8:f9:20:dc:f1:13:13:d7:25:96:
11:58:28:24:c8:7d:8c:dd:94:47:8e:c1:ea:a9:b5:
22:b8:22:35:28:63:8f:3c:f3:47:52:00:c1:43:3e:
ec:c2:33:28:37:2b:2c:d1:dd:b6:82:e4:b5:9c:2f:
f3:02:b9:20:4b:4b:a0:dc:a1:fc:59:30:79:08:b1:
e0:43:eb:9b:80:f0:bc:7c:ac:f8:23:ba:08:6a:bf:
6c:da:04:15:ff:45:42:00:ca:97:43:fd:71:e1:e9:
dd:bf:22:4f:2b:ba:f1:30:76:8f:9a:c5:0d:43:8d:
ea:16:e3:dd:6f:5d:c6:3b:95:a7:9a:80:81:0e:73:
0f:1d:37:27:83:4d:90:f2:9e:ab:8d:d6:f1:8d:6d:
27:ca:12:83:94:19:cd:7c:73:1d:04:36:99:a9:3e:
f8:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:CB:EC:62:71:62:12:CD:D5:8A:F0:48:F3:B8:C4:7C:BC:6D:4B:47
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.216.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c6:3f:45:55:7a:bb:c0:20:04:c9:2a:44:f0:d8:e5:89:20:c9:
8d:21:8b:0d:54:47:00:92:8b:1f:6b:19:58:29:ef:26:c6:66:
b2:84:1f:f7:73:b2:d4:66:ba:6b:79:a7:d6:4f:4e:f0:ef:f1:
2c:2e:ff:ac:16:60:e5:76:8c:e8:61:f9:23:15:f0:9c:25:be:
2b:53:e2:48:48:23:3b:ef:2d:a5:a4:92:bd:0c:d1:77:30:44:
35:20:47:40:20:ad:00:6d:40:e9:f3:59:68:6f:90:13:ab:28:
70:16:71:c6:ca:23:9e:66:a2:e8:98:b8:ed:6a:89:c6:77:12:
10:db:43:06:87:8d:3b:17:2b:ab:78:35:81:92:e5:2c:ec:e9:
80:80:86:8b:20:c4:76:91:3e:3b:e8:26:d7:01:0c:8c:38:10:
d7:9e:81:22:1d:bc:60:21:74:90:67:d1:fa:c9:d9:45:6e:7e:
f6:3b:41:0f:d4:68:2e:d3:90:d1:ba:81:24:df:d8:a3:9a:71:
9e:b1:35:a3:de:ca:6e:28:fc:f6:e5:3c:9e:58:b3:98:22:17:
2e:5f:4d:e1:a0:a9:90:d6:6b:6d:aa:37:63:71:93:6e:05:59:
87:cf:bf:61:d5:bd:d3:6c:2b:62:ca:58:67:f5:3f:1c:e5:6b:
95:98:5f:4b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHTn4MMO4fCsEbKoc2aizKs8VcmQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDZkNjE3YjJkNWMxYzViMzYwNTE2YjVjOWU2MTkwNzBmMDM2MTY4ZGNmMzBh
Y2IxMWQyZDMzOGViN2ZhMWRiNzcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMEOLC8PdjKxfwx6TjT6fdWS9C9q8LqoJdEFCDuIYnpawjBA4pThFoLol8IU
oVWh9KGzB/PdMEmEq5HLZxouzf16UrmSTDMftZAIniJNH2KksPrtU4g/rW5ciY4f
c0n4+SDc8RMT1yWWEVgoJMh9jN2UR47B6qm1IrgiNShjjzzzR1IAwUM+7MIzKDcr
LNHdtoLktZwv8wK5IEtLoNyh/FkweQix4EPrm4DwvHys+CO6CGq/bNoEFf9FQgDK
l0P9ceHp3b8iTyu68TB2j5rFDUON6hbj3W9dxjuVp5qAgQ5zDx03J4NNkPKeq43W
8Y1tJ8oSg5QZzXxzHQQ2mak++A8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRqy+xi
cWISzdWK8EjzuMR8vG1LRzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWY4NTgyZjUtZDIwOS00ZTEyLWFhY2YtMzExODYyODljNDMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPYMA0G
CSqGSIb3DQEBCwUAA4IBAQDGP0VVervAIATJKkTw2OWJIMmNIYsNVEcAkosfaxlY
Ke8mxmayhB/3c7LUZrpreafWT07w7/EsLv+sFmDldozoYfkjFfCcJb4rU+JISCM7
7y2lpJK9DNF3MEQ1IEdAIK0AbUDp81lob5ATqyhwFnHGyiOeZqLomLjtaonGdxIQ
20MGh407FyureDWBkuUs7OmAgIaLIMR2kT476CbXAQyMOBDXnoEiHbxgIXSQZ9H6
ydlFbn72O0EP1Ggu05DRuoEk39ijmnGesTWj3spuKPz25TyeWLOYIhcuX03hoKmQ
1mttqjdjcZNuBVmHz79h1b3TbCtiylhn9T8c5WuVmF9L
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:30 2024 by rpki-client on console-ams.rpki-client.org