Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c090963d-9d8d-49a3-960b-b36e1309eb76.roa
File: c090963d-9d8d-49a3-960b-b36e1309eb76.roa (raw, json)
Hash identifier: qaULA/09G1D8PZDUfnq77LLEa57sRJFkwko5LgDuz8A=
Subject key identifier: 5C:5A:95:24:16:E6:D3:EE:3B:A8:36:1A:CE:03:D1:7F:1C:B9:05:38
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 73AA58FF56F6BEEA6932C43E74E4540CED1E7CD8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c090963d-9d8d-49a3-960b-b36e1309eb76.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.32.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:aa:58:ff:56:f6:be:ea:69:32:c4:3e:74:e4:54:0c:ed:1e:7c:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=a64dcf50e6cfe976d744b347ba903bad52b0deba2249f41d88cedcbf53d5f9ce, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:72:d0:ed:36:63:8b:d0:2e:1b:87:82:ff:37:
55:30:e5:a3:7d:27:18:ac:d8:db:ad:7d:5b:ba:49:
17:b7:6f:07:c4:19:d9:a2:0f:42:61:bc:f9:c9:7f:
5f:78:71:f6:0e:52:11:e1:da:ff:26:9c:24:f7:58:
21:9e:3a:50:1f:9b:ab:83:4b:ce:df:0b:9e:5b:d2:
61:4a:39:7d:3f:c8:1c:8c:6c:c6:c9:31:d4:f7:b5:
87:b8:eb:a1:0e:0f:e6:83:2f:b0:eb:96:86:2c:95:
3b:fc:c7:e2:44:73:f8:d0:23:3a:89:9e:e0:50:c2:
89:d5:db:d3:92:cd:2e:86:5b:be:f1:d5:8c:97:0e:
e8:1a:79:c0:aa:da:08:bb:db:30:b6:6e:ec:48:19:
59:1a:89:fd:62:47:6b:83:59:35:52:6a:b0:cc:99:
ef:59:13:b7:11:d8:6f:d2:02:2f:a4:37:af:a0:d8:
fd:4d:10:84:30:ab:09:e2:76:12:ff:d1:57:3f:26:
1f:0c:38:d9:e8:85:02:9b:8b:07:7b:e6:90:6c:99:
82:80:06:a1:2e:35:87:0e:c7:86:44:ec:5a:42:ad:
dd:a3:9a:3b:1d:a0:5c:67:2b:a5:de:53:68:d8:94:
d9:b0:4b:5e:48:1e:96:42:d0:5d:5d:d3:b9:30:ec:
81:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:5A:95:24:16:E6:D3:EE:3B:A8:36:1A:CE:03:D1:7F:1C:B9:05:38
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c090963d-9d8d-49a3-960b-b36e1309eb76.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.32.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9e:e9:0d:42:3e:68:0a:ea:19:ef:ba:2b:7b:65:3f:e3:11:80:
c3:17:c9:72:8b:78:e5:6e:76:f0:d9:77:41:54:b6:bd:5c:1d:
98:96:e2:98:ad:4e:f0:e4:3b:7d:e4:c5:a5:c0:c2:92:74:d3:
63:9c:90:a3:e2:24:4a:61:4c:6b:cb:f0:50:fc:31:19:3b:74:
d0:ac:4b:ce:e7:7c:2f:08:fc:4b:58:aa:db:40:69:a7:7a:4f:
ad:61:cf:20:fd:5f:e9:e6:77:83:65:1d:e5:f5:d3:e1:a9:ec:
52:72:8a:f0:64:cd:3e:3b:6c:e7:eb:16:b2:e4:6a:ef:c6:bf:
7f:2d:cd:e2:72:cc:7b:b7:13:d0:c1:e6:10:b2:f0:e8:94:90:
0c:2e:41:81:00:67:bb:fe:c8:90:1a:c2:ab:7c:c8:25:fb:c0:
6f:72:49:0c:1d:b5:45:62:c7:24:f0:bd:6e:1c:e5:a8:bb:09:
f7:f9:4b:62:40:3f:0c:de:5f:a2:cb:04:e1:f6:af:1e:fb:a1:
93:85:c3:01:40:34:43:73:db:62:f0:6d:8c:c3:c6:24:f0:d2:
ca:47:c2:37:34:b3:53:c1:40:49:2e:e5:b7:9e:18:de:9e:13:
8c:52:66:42:34:7f:ce:9a:01:48:f2:d4:10:64:7e:e9:b8:dd:
f9:82:e0:8f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUc6pY/1b2vuppMsQ+dORUDO0efNgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGE2NGRjZjUwZTZjZmU5NzZkNzQ0YjM0N2JhOTAzYmFkNTJiMGRlYmEyMjQ5
ZjQxZDg4Y2VkY2JmNTNkNWY5Y2UxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANhy0O02Y4vQLhuHgv83VTDlo30nGKzY2619W7pJF7dvB8QZ2aIPQmG8+cl/
X3hx9g5SEeHa/yacJPdYIZ46UB+bq4NLzt8LnlvSYUo5fT/IHIxsxskx1Pe1h7jr
oQ4P5oMvsOuWhiyVO/zH4kRz+NAjOome4FDCidXb05LNLoZbvvHVjJcO6Bp5wKra
CLvbMLZu7EgZWRqJ/WJHa4NZNVJqsMyZ71kTtxHYb9ICL6Q3r6DY/U0QhDCrCeJ2
Ev/RVz8mHww42eiFApuLB3vmkGyZgoAGoS41hw7HhkTsWkKt3aOaOx2gXGcrpd5T
aNiU2bBLXkgelkLQXV3TuTDsgRkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRcWpUk
FubT7juoNhrOA9F/HLkFODAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzA5MDk2M2QtOWQ4ZC00OWEzLTk2MGItYjM2ZTEzMDllYjc2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMgMA0G
CSqGSIb3DQEBCwUAA4IBAQCe6Q1CPmgK6hnvuit7ZT/jEYDDF8lyi3jlbnbw2XdB
VLa9XB2YluKYrU7w5Dt95MWlwMKSdNNjnJCj4iRKYUxry/BQ/DEZO3TQrEvO53wv
CPxLWKrbQGmnek+tYc8g/V/p5neDZR3l9dPhqexScorwZM0+O2zn6xay5Grvxr9/
Lc3icsx7txPQweYQsvDolJAMLkGBAGe7/siQGsKrfMgl+8BvckkMHbVFYsck8L1u
HOWouwn3+UtiQD8M3l+iywTh9q8e+6GThcMBQDRDc9ti8G2Mw8Yk8NLKR8I3NLNT
wUBJLuW3nhjenhOMUmZCNH/OmgFI8tQQZH7puN35guCP
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:31 2024 by rpki-client on console-ams.rpki-client.org