Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bdc2fb04-f12a-485f-b2b6-8b93ed722da5.roa
File: bdc2fb04-f12a-485f-b2b6-8b93ed722da5.roa (raw, json)
Hash identifier: H5HjnkeUAz3hD7UcymSGSAQKzERVPxEUFJyWB40PkWA=
Subject key identifier: F2:CA:56:47:F2:CA:60:37:B3:5B:EE:17:19:6A:CA:5B:D4:1B:9D:FD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4355233BE73FC0B4B8D930CB0788AC69660EFB96
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bdc2fb04-f12a-485f-b2b6-8b93ed722da5.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.150.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:55:23:3b:e7:3f:c0:b4:b8:d9:30:cb:07:88:ac:69:66:0e:fb:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=baac88c9b690e91d74d7b299593e1df4f9c486fa11d4217f9a1c0f66e6efbede, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ce:1d:9a:24:4a:47:30:c1:a5:00:52:a8:7e:
c4:7a:bc:b0:85:b9:d9:ec:ea:44:36:28:b8:bf:25:
76:8b:4b:2e:b0:7f:6a:c1:3a:dd:b0:48:96:84:2d:
64:8a:86:36:f2:77:94:0e:97:2a:3a:c7:04:39:75:
cb:f2:74:b0:25:45:f5:23:be:69:2b:a6:10:e5:a2:
e6:a1:2c:7b:24:3b:5a:c1:f1:71:6d:ab:e5:30:e5:
e6:1c:3f:98:3b:4d:c8:fb:b6:7a:a0:25:3f:46:95:
7a:da:13:b0:33:e1:d7:1f:2d:26:e2:4d:19:b3:a4:
7e:7a:55:5f:55:5c:19:d3:36:14:b6:db:08:5e:71:
81:c5:6b:68:c2:7e:1d:a5:62:f7:8b:6c:d0:46:9b:
ad:27:d3:92:45:69:2d:b9:b6:fb:7b:07:a6:df:f0:
77:d2:af:20:61:a6:c6:67:2f:5c:bf:b9:80:76:fc:
39:00:09:48:cc:34:0e:a3:44:f3:62:ca:d9:eb:39:
aa:58:c3:8f:67:a7:31:98:6f:8a:79:27:d2:66:c5:
48:ac:0c:f4:1e:a8:1c:be:4f:42:fe:9b:38:e2:76:
2e:0b:50:2c:47:e2:d0:de:e5:1a:be:e8:a8:2a:c2:
7a:95:50:6e:8c:f6:99:53:a4:5f:2d:c3:0d:0d:29:
aa:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:CA:56:47:F2:CA:60:37:B3:5B:EE:17:19:6A:CA:5B:D4:1B:9D:FD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bdc2fb04-f12a-485f-b2b6-8b93ed722da5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.150.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0f:e3:99:01:e5:79:6a:b9:34:ee:aa:6c:3e:27:0f:d7:ac:78:
c8:3f:58:d9:07:64:cd:d4:8f:37:c8:c4:5e:94:a4:15:73:e1:
d6:20:4a:81:df:d2:83:23:ad:92:39:51:b2:2e:c9:d8:d1:21:
d0:43:0d:44:a5:5d:47:0c:46:0f:af:8d:6b:68:a3:02:6f:2a:
b5:fb:13:f8:b6:88:aa:7e:a1:fe:24:f6:33:7f:db:f7:7b:47:
e0:2f:7a:b0:36:85:d6:e7:f8:d8:50:f8:c1:ee:31:c3:e8:6c:
f3:77:04:91:46:a7:3e:99:2a:83:33:c4:85:23:01:df:6c:38:
5e:c8:a7:13:e8:e1:95:43:eb:04:f3:4c:77:34:35:3a:63:dc:
33:7f:8f:e8:46:2f:55:ee:3c:52:2d:e6:c8:fc:ce:35:9a:b0:
f8:0c:d0:09:da:18:d6:87:86:6b:f5:7b:94:7d:a9:90:1f:6c:
03:7c:41:12:f3:73:53:f2:d5:68:01:d6:c5:e1:95:fe:53:cc:
ff:7f:0c:da:6f:2b:33:da:8f:80:bd:bf:69:e3:89:b0:3e:60:
93:9e:c2:78:6b:5e:73:4e:29:8f:7d:5f:25:46:d1:a5:05:1b:
35:8a:78:99:88:44:a3:6e:74:cb:5c:c2:84:a2:68:26:b4:83:
f0:0f:ed:03
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQ1UjO+c/wLS42TDLB4isaWYO+5YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGJhYWM4OGM5YjY5MGU5MWQ3NGQ3YjI5OTU5M2UxZGY0ZjljNDg2ZmExMWQ0
MjE3ZjlhMWMwZjY2ZTZlZmJlZGUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKTOHZokSkcwwaUAUqh+xHq8sIW52ezqRDYouL8ldotLLrB/asE63bBIloQt
ZIqGNvJ3lA6XKjrHBDl1y/J0sCVF9SO+aSumEOWi5qEseyQ7WsHxcW2r5TDl5hw/
mDtNyPu2eqAlP0aVetoTsDPh1x8tJuJNGbOkfnpVX1VcGdM2FLbbCF5xgcVraMJ+
HaVi94ts0EabrSfTkkVpLbm2+3sHpt/wd9KvIGGmxmcvXL+5gHb8OQAJSMw0DqNE
82LK2es5qljDj2enMZhvinkn0mbFSKwM9B6oHL5PQv6bOOJ2LgtQLEfi0N7lGr7o
qCrCepVQboz2mVOkXy3DDQ0pqmkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTyylZH
8spgN7Nb7hcZaspb1Bud/TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmRjMmZiMDQtZjEyYS00ODVmLWIyYjYtOGI5M2VkNzIyZGE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOWMA0G
CSqGSIb3DQEBCwUAA4IBAQAP45kB5XlquTTuqmw+Jw/XrHjIP1jZB2TN1I83yMRe
lKQVc+HWIEqB39KDI62SOVGyLsnY0SHQQw1EpV1HDEYPr41raKMCbyq1+xP4toiq
fqH+JPYzf9v3e0fgL3qwNoXW5/jYUPjB7jHD6GzzdwSRRqc+mSqDM8SFIwHfbDhe
yKcT6OGVQ+sE80x3NDU6Y9wzf4/oRi9V7jxSLebI/M41mrD4DNAJ2hjWh4Zr9XuU
famQH2wDfEES83NT8tVoAdbF4ZX+U8z/fwzabysz2o+Avb9p44mwPmCTnsJ4a15z
TimPfV8lRtGlBRs1iniZiESjbnTLXMKEomgmtIPwD+0D
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:30 2024 by rpki-client on console-ams.rpki-client.org