Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
File: d51a4935-8601-4ebd-a099-1d61b0a661b3.roa (raw, json)
Hash identifier: GpW2TG3MS+w4snTS0Ma+wqdfRIVBlN6YF+MQYVcdloc=
Subject key identifier: 2F:51:B1:AE:A8:FC:B8:A2:D2:8B:53:CD:DA:86:2A:B5:81:C3:52:3D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3D1DC2CB99278D8428407708D9C9E6169F19D756
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.228.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:1d:c2:cb:99:27:8d:84:28:40:77:08:d9:c9:e6:16:9f:19:d7:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=f94cf2c04cdbdaabeda1ffc8763bcf45cbd8d7909f2dafeac524c611752cf939, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:79:d8:3d:4b:87:65:6a:90:54:db:d4:b4:2c:
b0:34:54:0f:be:30:34:87:59:1d:79:2f:e6:40:fb:
34:01:f7:56:68:32:61:47:61:86:0a:6c:ae:32:04:
83:36:25:67:a4:18:5b:ee:d3:04:03:89:dc:b3:c1:
59:e8:ae:0e:ce:d3:87:f1:7a:7d:5e:c4:15:aa:10:
54:be:74:ce:2c:73:76:ab:b9:97:68:31:9c:1b:0a:
eb:b5:40:e0:5d:d0:bf:28:ee:3c:22:b6:51:a3:3b:
aa:be:e9:af:dc:99:f7:ea:50:12:04:66:81:93:53:
4e:14:47:af:da:98:f6:b2:a5:04:ca:76:f9:44:a8:
96:78:93:31:50:2f:e4:84:4c:0f:1b:6c:70:f7:ee:
72:06:f5:c6:d7:71:cb:84:3d:a4:27:05:b1:5b:b4:
20:93:9e:d7:d1:cd:56:28:77:4b:73:e2:11:3a:88:
fa:39:b8:34:81:5f:16:fd:a7:3c:97:bf:97:f7:4d:
f5:fb:0f:c8:28:1f:94:51:89:a5:7e:64:ba:5c:f8:
bd:ae:12:45:b3:e9:b3:90:b0:93:e0:05:df:2c:87:
b0:db:18:83:39:2b:f9:81:b9:b7:e9:3b:0b:18:d6:
6f:ce:e3:48:35:26:1d:56:e8:15:6f:d1:46:b8:8c:
00:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:51:B1:AE:A8:FC:B8:A2:D2:8B:53:CD:DA:86:2A:B5:81:C3:52:3D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.228.0.0/15
Signature Algorithm: sha256WithRSAEncryption
65:71:02:8c:c5:50:51:53:94:16:13:a7:5b:5e:df:ca:b8:31:
46:cc:db:f3:71:d3:35:4b:46:85:1d:3a:1c:25:2f:dc:50:bd:
40:8d:51:99:3b:6b:d5:5f:9b:68:40:f6:fc:b7:45:80:9c:6f:
fa:a2:57:fc:63:cf:34:89:49:8a:d7:76:b3:32:77:11:1f:05:
39:95:40:8a:76:77:9a:d8:cc:21:6c:19:2e:1d:68:ab:2c:7a:
44:50:01:b3:50:90:47:59:4f:1a:41:3d:59:9f:56:ee:1b:ad:
1d:50:3b:6d:86:03:e7:78:63:10:6b:dd:ac:e9:9c:f1:40:60:
e3:e5:7c:1c:ae:d0:00:97:cd:83:3b:d7:c4:51:29:07:20:36:
16:33:00:e0:47:a5:ad:74:71:fc:45:bd:80:26:37:b1:5b:19:
65:74:1c:37:1b:33:79:42:0c:56:61:8c:af:09:f5:e9:a3:46:
af:52:9e:ae:13:a4:c9:98:10:58:8e:94:33:80:7a:16:95:f0:
4a:14:97:7a:3b:2f:a8:e4:b2:1e:9a:e7:ef:eb:2c:b9:39:a5:
88:87:34:0d:38:16:d5:55:16:63:a2:a7:47:6f:ec:38:5d:4a:
85:84:4d:85:33:43:4f:b4:8d:35:d8:18:94:4a:d2:4f:cb:0e:
57:df:94:8b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPR3Cy5knjYQoQHcI2cnmFp8Z11YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5NGNmMmMwNGNkYmRhYWJlZGExZmZjODc2M2JjZjQ1Y2JkOGQ3OTA5ZjJk
YWZlYWM1MjRjNjExNzUyY2Y5MzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKZ52D1Lh2VqkFTb1LQssDRUD74wNIdZHXkv5kD7NAH3VmgyYUdhhgpsrjIE
gzYlZ6QYW+7TBAOJ3LPBWeiuDs7Th/F6fV7EFaoQVL50zixzdqu5l2gxnBsK67VA
4F3QvyjuPCK2UaM7qr7pr9yZ9+pQEgRmgZNTThRHr9qY9rKlBMp2+USolniTMVAv
5IRMDxtscPfucgb1xtdxy4Q9pCcFsVu0IJOe19HNVih3S3PiETqI+jm4NIFfFv2n
PJe/l/dN9fsPyCgflFGJpX5kulz4va4SRbPps5Cwk+AF3yyHsNsYgzkr+YG5t+k7
CxjWb87jSDUmHVboFW/RRriMAC0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQvUbGu
qPy4otKLU83ahiq1gcNSPTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDUxYTQ5MzUtODYwMS00ZWJkLWEwOTktMWQ2MWIwYTY2MWIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPkMA0G
CSqGSIb3DQEBCwUAA4IBAQBlcQKMxVBRU5QWE6dbXt/KuDFGzNvzcdM1S0aFHToc
JS/cUL1AjVGZO2vVX5toQPb8t0WAnG/6olf8Y880iUmK13azMncRHwU5lUCKdnea
2MwhbBkuHWirLHpEUAGzUJBHWU8aQT1Zn1buG60dUDtthgPneGMQa92s6ZzxQGDj
5XwcrtAAl82DO9fEUSkHIDYWMwDgR6WtdHH8Rb2AJjexWxlldBw3GzN5QgxWYYyv
CfXpo0avUp6uE6TJmBBYjpQzgHoWlfBKFJd6Oy+o5LIemufv6yy5OaWIhzQNOBbV
VRZjoqdHb+w4XUqFhE2FM0NPtI012BiUStJPyw5X35SL
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:31 2024 by rpki-client on console-ams.rpki-client.org