Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c63a942e-d503-44eb-93c8-2fd6f249002f.roa
File: c63a942e-d503-44eb-93c8-2fd6f249002f.roa (raw, json)
Hash identifier: zwKoW6gMd+Oo0WWGKo0dNJv5aJIU0iHXURqg9PjzIhg=
Subject key identifier: E1:E6:FE:18:DD:C4:83:B5:B0:D7:DD:53:49:E1:BF:84:85:EE:17:1D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 75CA2636438416AFDBB22E74D3500E82E3857935
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c63a942e-d503-44eb-93c8-2fd6f249002f.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.100.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:ca:26:36:43:84:16:af:db:b2:2e:74:d3:50:0e:82:e3:85:79:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=502a5c60dc878e530a127dcf3407af529678ee2ec631219f43c803001741c69d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c8:ee:e8:7a:ba:db:28:0b:ee:19:86:c3:b8:
48:39:84:92:b8:b9:1f:7d:53:ef:07:dc:98:60:b0:
cf:d1:1f:e5:b3:3b:19:36:9b:16:02:d9:62:ed:ff:
37:ea:48:c3:08:5b:eb:3c:27:0f:88:ad:db:f8:c1:
f8:41:59:95:79:3d:79:17:95:fa:fa:5c:b3:f0:da:
b0:b3:d9:86:52:05:4e:70:4f:ce:15:3d:3c:26:b9:
36:4a:c3:a0:00:4d:57:11:fd:b2:ae:30:0b:05:37:
46:5c:ba:bc:e3:04:db:07:d2:dc:a2:fe:cf:fe:a8:
8f:85:5f:33:09:b7:46:8f:da:30:2f:df:2f:31:24:
de:a4:cb:cc:27:35:d4:e7:63:7e:5f:08:28:ab:92:
78:95:1d:34:87:43:a8:e7:99:cd:6e:33:cd:5d:15:
e2:81:af:e2:a8:11:20:9e:5a:43:1c:e2:f9:b5:4f:
d9:a3:42:af:2f:e9:af:c2:0c:cf:4f:a5:f5:1c:2f:
0f:fe:23:da:94:5c:d4:e5:12:55:67:0c:83:ef:89:
83:d7:29:f7:ba:11:64:4b:71:65:33:c7:9f:83:1a:
2a:1b:32:b4:1d:f3:56:e0:32:e0:c3:c1:87:e4:8d:
90:95:d3:ba:4d:19:3c:b7:9f:17:69:97:68:41:55:
15:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:E6:FE:18:DD:C4:83:B5:B0:D7:DD:53:49:E1:BF:84:85:EE:17:1D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c63a942e-d503-44eb-93c8-2fd6f249002f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.100.0.0/15
Signature Algorithm: sha256WithRSAEncryption
66:24:48:f8:35:ea:1f:91:9d:9b:7e:47:e1:e4:38:bf:a1:25:
28:e3:b9:89:6c:89:e7:3c:f0:9f:45:44:9f:e6:90:5c:14:dd:
af:7e:de:a5:4e:ed:63:9c:1b:ae:31:a2:36:9c:c3:de:9d:59:
f7:0e:22:61:4b:37:f1:ea:f5:1c:cb:bf:0d:49:45:13:9e:00:
f5:d5:38:18:81:dd:70:24:39:13:ed:dc:1f:74:ae:8a:e7:a9:
27:66:80:9a:61:1c:5e:e6:2d:24:4e:5a:92:4b:59:74:96:7b:
d5:6a:45:13:23:53:74:dc:8b:3f:c5:56:8e:63:c7:52:90:c5:
45:e5:a0:95:a9:1b:25:94:b8:9e:e4:81:69:a2:7c:c7:77:0f:
bb:f7:18:c0:1c:6a:3d:a8:77:e0:51:be:a3:04:41:0e:26:51:
10:7c:3c:37:dd:05:35:33:21:de:e7:5c:78:08:0f:36:38:86:
49:e1:5e:85:b8:b6:a3:33:6e:0c:01:1b:4d:b2:7d:df:db:53:
e4:7d:d5:a5:62:a3:b4:26:1c:a9:38:6d:d0:78:6b:3d:a6:14:
bd:fa:40:61:f6:52:0a:d2:7d:a2:80:7a:68:7b:22:9f:af:f1:
46:a6:59:65:71:1f:26:72:47:f7:ea:38:14:56:19:ec:2f:3d:
5d:40:9a:72
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdcomNkOEFq/bsi5001AOguOFeTUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwMmE1YzYwZGM4NzhlNTMwYTEyN2RjZjM0MDdhZjUyOTY3OGVlMmVjNjMx
MjE5ZjQzYzgwMzAwMTc0MWM2OWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK3I7uh6utsoC+4ZhsO4SDmEkri5H31T7wfcmGCwz9Ef5bM7GTabFgLZYu3/
N+pIwwhb6zwnD4it2/jB+EFZlXk9eReV+vpcs/DasLPZhlIFTnBPzhU9PCa5NkrD
oABNVxH9sq4wCwU3Rly6vOME2wfS3KL+z/6oj4VfMwm3Ro/aMC/fLzEk3qTLzCc1
1Odjfl8IKKuSeJUdNIdDqOeZzW4zzV0V4oGv4qgRIJ5aQxzi+bVP2aNCry/pr8IM
z0+l9RwvD/4j2pRc1OUSVWcMg++Jg9cp97oRZEtxZTPHn4MaKhsytB3zVuAy4MPB
h+SNkJXTuk0ZPLefF2mXaEFVFeECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTh5v4Y
3cSDtbDX3VNJ4b+Ehe4XHTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzYzYTk0MmUtZDUwMy00NGViLTkzYzgtMmZkNmYyNDkwMDJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNkMA0G
CSqGSIb3DQEBCwUAA4IBAQBmJEj4NeofkZ2bfkfh5Di/oSUo47mJbInnPPCfRUSf
5pBcFN2vft6lTu1jnBuuMaI2nMPenVn3DiJhSzfx6vUcy78NSUUTngD11TgYgd1w
JDkT7dwfdK6K56knZoCaYRxe5i0kTlqSS1l0lnvVakUTI1N03Is/xVaOY8dSkMVF
5aCVqRsllLie5IFponzHdw+79xjAHGo9qHfgUb6jBEEOJlEQfDw33QU1MyHe51x4
CA82OIZJ4V6FuLajM24MARtNsn3f21PkfdWlYqO0JhypOG3QeGs9phS9+kBh9lIK
0n2igHpoeyKfr/FGplllcR8mckf36jgUVhnsLz1dQJpy
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:31 2024 by rpki-client on console-ams.rpki-client.org