Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e18380f1-6ccd-4170-b605-ff97745298e0.roa
File: e18380f1-6ccd-4170-b605-ff97745298e0.roa (raw, json)
Hash identifier: 1eNuAPE8uXjk2mkUkv6qO+VWNuoQqhId+PlAOIbgL24=
Subject key identifier: 3D:24:23:38:C7:2F:B4:F0:EA:3B:B0:D8:D1:B0:1D:E0:29:4E:EF:88
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3961D1FF5CAEDB6D32F28C8221826D6ACE410323
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e18380f1-6ccd-4170-b605-ff97745298e0.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.78.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:61:d1:ff:5c:ae:db:6d:32:f2:8c:82:21:82:6d:6a:ce:41:03:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=31ee7a3d593839554bbd7f6ddceb20d1db6d77bc5b41d82713b595fc0c170081, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c7:5c:e0:ee:63:af:35:09:25:d6:25:83:93:
1d:91:d4:9e:a3:7a:6c:39:d0:ea:57:d8:7a:76:0c:
46:fe:e0:83:68:3a:0c:20:5a:49:ce:1d:c5:ff:7e:
0c:62:e0:0d:77:d4:69:0c:38:8e:d6:31:a5:2c:f5:
59:67:d8:8e:e2:0f:69:60:16:d0:7c:ba:eb:34:09:
35:78:85:02:a0:db:42:db:67:06:64:28:0b:c5:9f:
27:f2:11:43:7c:07:d1:2c:b4:a7:3c:29:f7:27:fe:
fb:63:d2:44:9b:8d:1a:43:c7:42:a1:8f:66:53:46:
9f:5e:80:84:5a:c9:0a:a6:7b:f4:e9:2a:ba:f1:e1:
e8:41:4e:ac:16:d3:02:3c:e8:2c:da:74:d8:46:df:
e6:85:dc:a3:e1:b6:f4:1e:95:e6:7f:c1:e3:a4:99:
35:ec:cf:82:d2:4e:16:61:c5:99:d7:bf:34:a0:7d:
95:ce:72:b6:2b:4b:7f:b0:3d:af:a0:eb:9d:d6:e7:
46:fb:29:85:87:fd:a6:95:2f:71:e8:f8:5d:46:fa:
13:ef:eb:29:14:c2:e7:49:c2:59:c8:0d:4b:41:a2:
e4:b8:80:65:13:9e:2a:9f:1f:95:5b:8e:af:f5:d8:
ac:54:ab:38:66:2e:9b:81:93:1c:85:9d:59:74:46:
8d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:24:23:38:C7:2F:B4:F0:EA:3B:B0:D8:D1:B0:1D:E0:29:4E:EF:88
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e18380f1-6ccd-4170-b605-ff97745298e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.78.0.0/16
Signature Algorithm: sha256WithRSAEncryption
35:fd:cd:cd:60:d7:d0:7e:64:95:66:98:8e:69:29:ab:45:ce:
71:81:22:6d:46:cd:86:b4:2e:10:56:93:48:00:7a:f6:03:e5:
8b:e6:cb:5c:77:f7:24:8e:48:ef:ca:29:e4:3d:42:80:bf:2a:
da:a8:a4:d6:26:ca:9b:b4:10:c6:6a:76:c5:ea:29:ff:ad:d1:
06:39:2f:6b:3f:a6:28:36:4f:8b:1c:0d:00:83:8c:1a:a1:48:
56:99:9d:e5:f6:52:7d:0b:bb:ee:24:0a:89:f2:f5:e6:cd:a1:
1e:8a:1a:72:cb:35:56:fc:d5:a8:18:f5:7e:7f:27:3a:79:4d:
7c:af:e3:d7:97:95:a5:2f:1f:d2:61:93:34:33:86:3a:21:1b:
d6:24:69:93:ba:21:38:3c:26:e0:09:6a:46:10:75:55:85:63:
8f:ad:a6:24:c8:70:0c:c1:f5:85:42:6b:55:8f:18:c2:06:05:
24:b2:0e:84:2d:d1:ef:6c:c6:67:af:02:26:a9:f7:b2:4d:d9:
b6:97:97:63:13:f9:18:38:ef:83:6f:4a:96:fa:b0:21:c9:b7:
17:9d:53:e0:f0:04:14:fd:fd:d1:e2:f2:41:e2:18:96:7c:51:
64:bb:72:62:9b:96:30:9d:3e:70:96:e4:bd:8f:a4:06:da:fa:
0a:fe:df:47
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOWHR/1yu220y8oyCIYJtas5BAyMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxZWU3YTNkNTkzODM5NTU0YmJkN2Y2ZGRjZWIyMGQxZGI2ZDc3YmM1YjQx
ZDgyNzEzYjU5NWZjMGMxNzAwODExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKTHXODuY681CSXWJYOTHZHUnqN6bDnQ6lfYenYMRv7gg2g6DCBaSc4dxf9+
DGLgDXfUaQw4jtYxpSz1WWfYjuIPaWAW0Hy66zQJNXiFAqDbQttnBmQoC8WfJ/IR
Q3wH0Sy0pzwp9yf++2PSRJuNGkPHQqGPZlNGn16AhFrJCqZ79OkquvHh6EFOrBbT
AjzoLNp02Ebf5oXco+G29B6V5n/B46SZNezPgtJOFmHFmde/NKB9lc5ytitLf7A9
r6DrndbnRvsphYf9ppUvcej4XUb6E+/rKRTC50nCWcgNS0Gi5LiAZROeKp8flVuO
r/XYrFSrOGYum4GTHIWdWXRGjfMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ9JCM4
xy+08Oo7sNjRsB3gKU7viDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTE4MzgwZjEtNmNjZC00MTcwLWI2MDUtZmY5Nzc0NTI5OGUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNOMA0G
CSqGSIb3DQEBCwUAA4IBAQA1/c3NYNfQfmSVZpiOaSmrRc5xgSJtRs2GtC4QVpNI
AHr2A+WL5stcd/ckjkjvyinkPUKAvyraqKTWJsqbtBDGanbF6in/rdEGOS9rP6Yo
Nk+LHA0Ag4waoUhWmZ3l9lJ9C7vuJAqJ8vXmzaEeihpyyzVW/NWoGPV+fyc6eU18
r+PXl5WlLx/SYZM0M4Y6IRvWJGmTuiE4PCbgCWpGEHVVhWOPraYkyHAMwfWFQmtV
jxjCBgUksg6ELdHvbMZnrwImqfeyTdm2l5djE/kYOO+Db0qW+rAhybcXnVPg8AQU
/f3R4vJB4hiWfFFku3Jim5YwnT5wluS9j6QG2voK/t9H
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:31 2024 by rpki-client on console-ams.rpki-client.org