Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cd3318b5-2879-4be5-ab89-dd65461ef6fe.roa
File: cd3318b5-2879-4be5-ab89-dd65461ef6fe.roa (raw, json)
Hash identifier: nTppaaTC7C2omHvn1VnQ7xVEjUAKQcJh6K8JohYOAEs=
Subject key identifier: A0:07:78:62:C5:9F:29:02:C7:C9:6F:F7:3A:6B:34:14:70:6A:8F:B9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 58840E6FD4D0F49FDCF89859D04184FCB13C076D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cd3318b5-2879-4be5-ab89-dd65461ef6fe.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.204.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:84:0e:6f:d4:d0:f4:9f:dc:f8:98:59:d0:41:84:fc:b1:3c:07:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=f840b23a6591a17a00bb572fe28bc6ca722fda084d828cc9c6d2f860b3a369d2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:13:09:33:f3:de:7d:45:c4:bf:6a:7b:b2:b2:
34:65:f3:54:0e:8b:df:ed:c6:5b:a3:25:59:97:65:
af:45:9b:85:4e:8d:f9:40:dc:d5:4d:47:44:1c:0a:
3d:c3:a3:86:fa:8b:7e:ef:60:f8:26:99:51:78:81:
c5:e7:e4:75:2c:e9:ac:c1:95:25:93:f0:11:09:ac:
87:1d:77:d1:59:9c:c0:2c:55:34:c3:60:e3:6c:85:
4c:dc:55:eb:c2:02:e6:ab:3b:71:6d:ea:94:ce:93:
ac:50:d7:19:0b:75:02:85:d5:b9:8e:63:73:a7:5e:
8b:90:e3:e4:89:f1:f3:ba:c3:85:27:6d:a1:1a:19:
55:a3:0d:df:2e:f2:1c:c4:72:63:9b:a3:a6:41:67:
70:2c:6a:44:2c:b3:5a:45:49:83:26:cd:46:c8:25:
b8:42:48:32:9f:25:c2:8b:04:47:78:be:43:07:7e:
34:2d:e9:2b:a2:0c:ae:32:a6:e3:b2:a1:11:94:d8:
a0:63:6d:9c:8e:2d:23:50:58:bb:98:ad:49:ba:fe:
44:8e:ec:6a:22:f1:c6:99:41:ea:64:a9:c6:ae:80:
ef:11:e2:2d:78:4c:7e:04:cc:88:61:20:88:aa:ca:
2f:5b:96:64:ef:16:59:1c:80:ac:3b:48:f1:a8:91:
68:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:07:78:62:C5:9F:29:02:C7:C9:6F:F7:3A:6B:34:14:70:6A:8F:B9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cd3318b5-2879-4be5-ab89-dd65461ef6fe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.204.0.0/15
Signature Algorithm: sha256WithRSAEncryption
0b:9e:09:75:4b:89:96:7e:68:17:ee:85:4f:08:39:01:ad:ea:
69:bf:22:55:e3:3a:46:21:f2:d2:43:12:81:95:ef:6f:23:05:
ea:2d:0b:94:e4:5a:30:45:96:e6:f9:3f:3d:d4:92:58:e7:ef:
a9:ee:80:ff:29:10:9c:3d:ff:c7:b3:ee:b7:89:80:43:13:d6:
86:4c:82:62:4b:3c:57:1c:83:bc:ff:16:5f:a0:1e:36:49:a6:
22:ef:5d:43:48:10:5e:1c:99:de:38:52:4d:2d:c2:b3:a2:39:
3d:55:42:1b:34:f2:43:df:0c:b8:ac:b3:80:80:32:7f:9f:f2:
b7:fe:c4:e5:8d:36:77:24:c8:01:0d:7c:10:9e:e9:da:36:de:
c4:dd:67:a8:63:39:c5:a4:4d:71:09:30:06:09:9f:b7:ea:98:
fc:02:28:05:b4:00:6a:22:cc:90:a5:47:ed:fe:4b:69:78:c8:
11:da:24:58:b6:0e:07:20:44:3b:25:60:55:15:8f:14:19:d6:
e8:3d:d5:f8:20:a0:b5:20:2a:19:41:11:5b:2d:3e:81:81:8a:
1d:54:43:0d:e6:39:92:36:7c:82:da:44:c0:27:6a:64:1a:9a:
7c:c9:d4:86:94:a3:f0:bb:62:01:55:40:3b:94:d7:41:78:51:
19:33:56:0e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUWIQOb9TQ9J/c+JhZ0EGE/LE8B20wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGY4NDBiMjNhNjU5MWExN2EwMGJiNTcyZmUyOGJjNmNhNzIyZmRhMDg0ZDgy
OGNjOWM2ZDJmODYwYjNhMzY5ZDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMsTCTPz3n1FxL9qe7KyNGXzVA6L3+3GW6MlWZdlr0WbhU6N+UDc1U1HRBwK
PcOjhvqLfu9g+CaZUXiBxefkdSzprMGVJZPwEQmshx130VmcwCxVNMNg42yFTNxV
68IC5qs7cW3qlM6TrFDXGQt1AoXVuY5jc6dei5Dj5Inx87rDhSdtoRoZVaMN3y7y
HMRyY5ujpkFncCxqRCyzWkVJgybNRsgluEJIMp8lwosER3i+Qwd+NC3pK6IMrjKm
47KhEZTYoGNtnI4tI1BYu5itSbr+RI7saiLxxplB6mSpxq6A7xHiLXhMfgTMiGEg
iKrKL1uWZO8WWRyArDtI8aiRaGUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSgB3hi
xZ8pAsfJb/c6azQUcGqPuTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2QzMzE4YjUtMjg3OS00YmU1LWFiODktZGQ2NTQ2MWVmNmZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPMMA0G
CSqGSIb3DQEBCwUAA4IBAQALngl1S4mWfmgX7oVPCDkBreppvyJV4zpGIfLSQxKB
le9vIwXqLQuU5FowRZbm+T891JJY5++p7oD/KRCcPf/Hs+63iYBDE9aGTIJiSzxX
HIO8/xZfoB42SaYi711DSBBeHJneOFJNLcKzojk9VUIbNPJD3wy4rLOAgDJ/n/K3
/sTljTZ3JMgBDXwQnunaNt7E3WeoYznFpE1xCTAGCZ+36pj8AigFtABqIsyQpUft
/ktpeMgR2iRYtg4HIEQ7JWBVFY8UGdboPdX4IKC1ICoZQRFbLT6BgYodVEMN5jmS
NnyC2kTAJ2pkGpp8ydSGlKPwu2IBVUA7lNdBeFEZM1YO
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:31 2024 by rpki-client on console-ams.rpki-client.org