Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e4b516c1-e154-4f18-af17-f71694b6015c.roa
File: e4b516c1-e154-4f18-af17-f71694b6015c.roa (raw, json)
Hash identifier: 6VnW5mvjxhYUlEWkMFgq9SU7HqgvHRikALc2R56ZgC0=
Subject key identifier: BA:6F:83:11:3F:69:96:58:02:B0:8B:4F:85:02:E4:14:5E:BF:64:FE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 120F56FFD0D401A615276EC09D5733396FEAF27F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e4b516c1-e154-4f18-af17-f71694b6015c.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.114.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:0f:56:ff:d0:d4:01:a6:15:27:6e:c0:9d:57:33:39:6f:ea:f2:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=00c41dee459c8e9d674a8b1d82d236e3229feac9041f412a4779e66c161c784f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:29:dc:b6:5e:18:c1:e1:d5:60:0a:48:3a:bb:
66:8d:98:fa:8e:54:04:16:cc:64:e4:2d:71:9d:3b:
fb:04:6d:f2:3b:ea:2a:b1:1f:6e:a6:93:f5:66:46:
5c:f3:71:a4:5a:9f:98:41:fb:b1:9b:4e:62:2c:f5:
22:91:3a:ae:de:8d:5e:84:a2:c0:16:a4:b5:fb:de:
73:f6:98:3a:48:db:04:99:fe:91:19:41:2c:06:3a:
5d:ca:c2:05:73:1e:aa:bb:e5:a4:c3:b6:73:a4:d0:
4f:59:b3:02:c7:fb:c2:04:fe:cf:3c:e6:94:a3:43:
7b:6b:dd:64:4d:47:24:f7:4e:1b:78:30:23:93:a3:
da:32:c7:53:4c:9f:ee:43:10:c6:8a:b1:05:61:97:
e5:eb:de:57:5b:bb:40:35:6d:3f:e2:c6:e6:71:f2:
94:9a:ae:7c:3f:d1:7f:86:ec:4d:d4:b3:e1:01:2b:
66:93:64:52:52:ef:04:52:07:57:33:e5:4e:de:fa:
28:7e:5f:ac:4e:02:40:aa:f0:24:5c:b2:62:35:89:
60:a2:5f:23:36:a4:a1:4d:e2:f6:db:45:71:ae:0e:
ab:14:52:82:44:db:5c:44:9f:6d:af:35:9c:66:97:
20:6a:5a:35:0d:ea:fa:ba:9a:d6:53:2d:02:5c:79:
c1:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:6F:83:11:3F:69:96:58:02:B0:8B:4F:85:02:E4:14:5E:BF:64:FE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e4b516c1-e154-4f18-af17-f71694b6015c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.114.0.0/16
Signature Algorithm: sha256WithRSAEncryption
55:6c:27:c3:21:95:f1:db:e6:ad:0e:22:36:e5:04:22:54:67:
f3:95:06:01:88:21:72:0e:7e:ce:5e:b0:76:b3:b6:7c:4f:38:
b1:b4:e7:20:cb:13:d5:a4:7f:fe:88:8b:22:0f:1c:21:15:bc:
8a:26:e9:da:d6:11:ba:90:6e:41:fd:06:85:da:bf:31:dd:71:
d6:4c:a1:0f:69:99:ea:31:27:34:13:ab:48:be:45:57:65:bb:
c5:eb:6b:7f:6d:87:3e:bc:01:a6:37:20:c6:ea:6a:85:5f:8a:
dd:5d:b0:7a:dd:bf:ef:6d:23:67:d4:1e:89:a4:4e:1b:1b:74:
0d:7f:a9:41:c3:eb:65:b2:a8:16:cc:2f:d5:f9:14:c6:9f:8b:
d7:22:28:5a:5c:f9:26:f9:ec:00:40:bb:a2:5e:2e:51:71:99:
84:15:58:8a:40:94:25:40:80:8d:da:29:6b:40:36:41:69:e8:
4e:70:2a:ef:b7:21:ee:34:2b:ac:fb:81:66:94:be:1d:1e:99:
fa:e5:67:d2:4e:f4:3d:14:fc:f2:90:bd:9c:9a:e7:48:a4:61:
af:46:4b:d0:97:c4:49:db:bd:58:c3:2c:a1:b6:dc:8c:3a:35:
dc:2a:a8:15:59:4f:94:a7:81:ac:00:2f:58:6c:4d:75:57:e7:
dc:d7:65:61
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEg9W/9DUAaYVJ27AnVczOW/q8n8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwYzQxZGVlNDU5YzhlOWQ2NzRhOGIxZDgyZDIzNmUzMjI5ZmVhYzkwNDFm
NDEyYTQ3NzllNjZjMTYxYzc4NGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANgp3LZeGMHh1WAKSDq7Zo2Y+o5UBBbMZOQtcZ07+wRt8jvqKrEfbqaT9WZG
XPNxpFqfmEH7sZtOYiz1IpE6rt6NXoSiwBaktfvec/aYOkjbBJn+kRlBLAY6XcrC
BXMeqrvlpMO2c6TQT1mzAsf7wgT+zzzmlKNDe2vdZE1HJPdOG3gwI5Oj2jLHU0yf
7kMQxoqxBWGX5eveV1u7QDVtP+LG5nHylJqufD/Rf4bsTdSz4QErZpNkUlLvBFIH
VzPlTt76KH5frE4CQKrwJFyyYjWJYKJfIzakoU3i9ttFca4OqxRSgkTbXESfba81
nGaXIGpaNQ3q+rqa1lMtAlx5wSMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS6b4MR
P2mWWAKwi0+FAuQUXr9k/jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTRiNTE2YzEtZTE1NC00ZjE4LWFmMTctZjcxNjk0YjYwMTVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNyMA0G
CSqGSIb3DQEBCwUAA4IBAQBVbCfDIZXx2+atDiI25QQiVGfzlQYBiCFyDn7OXrB2
s7Z8TzixtOcgyxPVpH/+iIsiDxwhFbyKJuna1hG6kG5B/QaF2r8x3XHWTKEPaZnq
MSc0E6tIvkVXZbvF62t/bYc+vAGmNyDG6mqFX4rdXbB63b/vbSNn1B6JpE4bG3QN
f6lBw+tlsqgWzC/V+RTGn4vXIihaXPkm+ewAQLuiXi5RcZmEFViKQJQlQICN2ilr
QDZBaehOcCrvtyHuNCus+4FmlL4dHpn65WfSTvQ9FPzykL2cmudIpGGvRkvQl8RJ
271YwyyhttyMOjXcKqgVWU+Up4GsAC9YbE11V+fc12Vh
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:31 2024 by rpki-client on console-ams.rpki-client.org