Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
File: c5b27928-f79b-49c0-80c5-88852eab11e3.roa (raw, json)
Hash identifier: unzvC8BzJnzpQVyQhaDkqzqGU7IRycYcT0epG5xjgbQ=
Subject key identifier: CF:C8:D6:26:36:B4:55:7D:BB:37:4F:F1:CC:74:58:27:F3:72:97:1C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3C16CA4CA767DE4EA295150CB59308107815885A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.182.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:16:ca:4c:a7:67:de:4e:a2:95:15:0c:b5:93:08:10:78:15:88:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=fed969ba88ba007562b6ae7eecb7d4b58efcf5eb975886b0946d4629afeba108, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:9f:22:96:d4:9d:64:4e:7d:a5:10:48:33:5a:
35:d9:e3:b2:a0:ad:17:8e:d3:08:b3:f7:32:3f:14:
05:4d:5e:c8:44:1c:36:8a:fe:b4:97:df:fe:54:56:
a1:e4:01:b2:ea:f7:e4:f7:17:0c:2a:60:4a:86:a8:
95:23:b9:3d:e2:90:ab:c8:be:b0:ea:a1:65:c5:8c:
a1:00:39:e1:20:46:20:91:25:d4:cf:f9:f2:46:f0:
aa:18:10:90:0c:12:54:27:6f:79:2d:f8:ac:d7:f8:
0e:73:8e:d6:64:80:fb:fe:09:8a:0c:05:2f:eb:ec:
64:63:6d:0b:78:6c:a2:c5:a8:1b:e3:11:99:58:e7:
09:38:8a:28:7e:cd:79:d1:e3:27:dd:5c:a9:2a:22:
2a:ea:5a:0e:7d:88:32:cb:8d:b3:a6:42:ae:09:e8:
b8:60:66:49:79:48:92:22:12:83:43:63:1f:f3:20:
74:d4:5a:39:df:5d:76:d5:16:b0:90:93:8b:75:13:
73:7e:24:e0:e6:bb:f0:01:bb:5b:98:c8:4a:9d:a9:
bc:5c:51:c7:3d:20:91:0e:90:6d:cf:f1:89:55:4c:
e5:4d:28:6b:d3:b0:ed:c0:48:b6:60:b1:72:92:ff:
0b:63:b7:c3:9e:09:f9:5f:f3:32:0f:7c:42:93:12:
1c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:C8:D6:26:36:B4:55:7D:BB:37:4F:F1:CC:74:58:27:F3:72:97:1C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.182.0/23
Signature Algorithm: sha256WithRSAEncryption
16:ed:5d:96:79:ee:21:94:7c:54:18:d8:4f:91:5a:de:a7:11:
5e:2d:33:84:f2:2a:5b:5d:88:86:70:9a:03:6e:f9:fd:d5:fd:
2c:80:4f:47:6e:64:bf:2d:34:e5:e4:fe:c5:be:b9:5a:85:a0:
e3:6d:da:0c:1c:79:b5:14:7a:93:c5:b3:53:88:d5:14:6a:69:
c7:1a:5c:16:3d:8b:f6:b9:63:65:02:ec:00:58:5f:27:e5:ec:
3c:ca:60:e6:b1:87:df:10:50:84:c3:b5:d4:d1:48:a4:a1:64:
71:b4:f3:8f:c1:6b:b1:f2:a4:25:06:be:af:ed:92:70:2f:3a:
e1:76:21:d3:a3:e9:1c:25:39:04:4d:d6:81:b8:a1:18:95:3a:
ec:20:63:bc:ba:90:2f:43:0a:82:22:38:d2:d5:7f:99:1e:b7:
9a:03:f0:e4:df:3d:88:4b:78:b9:be:56:50:4b:ff:0b:54:a6:
b0:a4:f5:1a:33:d9:9a:ed:16:86:10:2c:65:b1:8a:1b:cf:01:
69:4d:a2:96:d2:b8:c8:60:2e:bd:7b:06:d5:6c:e7:67:6c:f7:
d9:ef:ee:4c:47:f3:b7:0a:d2:e4:8e:b9:29:0f:83:95:1b:ce:
4e:98:33:dc:f3:ed:c6:b8:d4:73:39:40:5d:a0:2a:68:29:05:
cd:56:18:b3
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUPBbKTKdn3k6ilRUMtZMIEHgViFowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGZlZDk2OWJhODhiYTAwNzU2MmI2YWU3ZWVjYjdkNGI1OGVmY2Y1ZWI5NzU4
ODZiMDk0NmQ0NjI5YWZlYmExMDgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALWfIpbUnWROfaUQSDNaNdnjsqCtF47TCLP3Mj8UBU1eyEQcNor+tJff/lRW
oeQBsur35PcXDCpgSoaolSO5PeKQq8i+sOqhZcWMoQA54SBGIJEl1M/58kbwqhgQ
kAwSVCdveS34rNf4DnOO1mSA+/4JigwFL+vsZGNtC3hsosWoG+MRmVjnCTiKKH7N
edHjJ91cqSoiKupaDn2IMsuNs6ZCrgnouGBmSXlIkiISg0NjH/MgdNRaOd9ddtUW
sJCTi3UTc34k4Oa78AG7W5jISp2pvFxRxz0gkQ6Qbc/xiVVM5U0oa9Ow7cBItmCx
cpL/C2O3w54J+V/zMg98QpMSHOcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTPyNYm
NrRVfbs3T/HMdFgn83KXHDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzViMjc5MjgtZjc5Yi00OWMwLTgwYzUtODg4NTJlYWIxMWUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5tjAN
BgkqhkiG9w0BAQsFAAOCAQEAFu1dlnnuIZR8VBjYT5Fa3qcRXi0zhPIqW12IhnCa
A275/dX9LIBPR25kvy005eT+xb65WoWg423aDBx5tRR6k8WzU4jVFGppxxpcFj2L
9rljZQLsAFhfJ+XsPMpg5rGH3xBQhMO11NFIpKFkcbTzj8FrsfKkJQa+r+2ScC86
4XYh06PpHCU5BE3WgbihGJU67CBjvLqQL0MKgiI40tV/mR63mgPw5N89iEt4ub5W
UEv/C1SmsKT1GjPZmu0WhhAsZbGKG88BaU2iltK4yGAuvXsG1WznZ2z32e/uTEfz
twrS5I65KQ+DlRvOTpgz3PPtxrjUczlAXaAqaCkFzVYYsw==
-----END CERTIFICATE-----
Generated at Sun Nov 24 21:43:50 2024 by rpki-client on console-ams.rpki-client.org