Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f09232b8-719a-44e7-87fb-14733ec6c6e8.roa
File: f09232b8-719a-44e7-87fb-14733ec6c6e8.roa (raw, json)
Hash identifier: pBfLGN9pePBQHK6IyE0LrFNa6i9UeUxeg1WINWlu1Dk=
Subject key identifier: BC:FB:A8:4C:9E:B0:12:05:5E:EC:A9:5C:AF:D1:DA:6A:41:C0:12:D6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0A999FD4BEE24005024A718FAC2404DB28AD63C0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f09232b8-719a-44e7-87fb-14733ec6c6e8.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.34.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:99:9f:d4:be:e2:40:05:02:4a:71:8f:ac:24:04:db:28:ad:63:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=893443bc8fd7727445f1657dd112be58df44526afdb95704c8c4d23f1a5c514f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:20:bc:f5:cd:e3:8f:d7:ed:48:1f:3a:20:59:
1f:5f:67:bb:12:53:86:48:0a:c8:4c:0b:b8:41:6a:
30:53:d3:14:e8:43:da:9e:ef:76:d9:1f:49:aa:6d:
46:81:a2:6e:1b:a6:cf:6c:32:7b:2c:d5:b0:87:dd:
f1:29:0b:be:58:78:e2:d4:ea:6c:61:fa:36:0b:0e:
ed:d6:07:37:09:60:02:b9:ed:48:97:a9:c4:c0:0e:
6c:33:6b:a2:fc:e4:a7:26:1f:02:11:c6:4a:f8:e9:
b5:4e:9f:e1:f2:e5:e3:89:ce:5a:55:c2:fc:61:9a:
5a:bb:1c:b9:fa:67:6f:d4:3e:1a:2c:25:a1:0f:fd:
b9:d8:73:a6:d8:cf:9e:60:28:2a:3d:cf:76:d0:3c:
d3:37:3c:81:89:47:90:bc:c5:09:ed:b2:05:bf:7b:
67:99:17:fc:ac:fa:c3:8c:7d:15:a3:c2:b0:ec:48:
74:19:d3:d9:03:46:ab:59:da:6c:3c:30:bd:97:71:
fe:0f:1e:34:c2:1c:7d:9c:ec:3a:09:4b:c4:86:51:
36:5f:da:b5:0c:cc:d0:10:a7:8c:30:60:b5:71:b6:
c4:26:cf:e3:79:d1:e2:a3:81:86:02:80:43:7a:7f:
ca:32:84:87:f7:38:16:92:31:20:c5:7e:39:98:9f:
5a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:FB:A8:4C:9E:B0:12:05:5E:EC:A9:5C:AF:D1:DA:6A:41:C0:12:D6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f09232b8-719a-44e7-87fb-14733ec6c6e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.34.0.0/15
Signature Algorithm: sha256WithRSAEncryption
8f:8e:fe:0e:48:dd:e4:11:5b:62:d6:ae:fc:fe:d2:1f:8b:ad:
b5:ac:57:71:60:8c:3d:20:11:89:99:31:32:4b:f6:51:58:9b:
4c:1d:22:d8:93:37:4a:af:da:8e:5b:db:76:aa:7c:6d:bb:82:
c3:56:d9:d5:c0:f2:0e:5e:c0:fc:a9:a0:c9:8c:34:42:05:91:
96:b0:51:1d:71:dc:54:0d:08:f1:65:0d:c4:47:80:0b:ea:d9:
24:96:45:9d:6c:8d:8c:27:e2:3b:27:7a:81:01:0b:5a:f8:c2:
af:13:6b:13:62:31:07:9f:80:76:a1:5d:0c:8b:13:e5:69:f3:
80:b9:15:ec:46:30:7f:e3:39:61:af:28:aa:63:54:b3:90:01:
7c:bc:0f:fe:87:5d:84:e4:ab:99:e5:dc:cd:e3:c7:c7:4d:09:
92:2e:f0:57:35:aa:96:0a:9e:dc:36:f2:26:a8:9f:e9:7e:c1:
55:41:f5:70:5a:22:f8:96:9f:24:84:47:c1:4c:2b:8a:7d:cc:
38:29:97:a5:09:01:8b:69:aa:79:bc:d1:78:26:b3:a1:92:6d:
f0:f4:84:59:1f:14:cb:26:15:5c:c9:75:3d:b7:e1:c2:ca:f1:
3f:30:29:bf:3f:98:9f:fd:03:f6:44:12:4a:ec:26:98:ac:71:
81:1d:54:f9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCpmf1L7iQAUCSnGPrCQE2yitY8AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5MzQ0M2JjOGZkNzcyNzQ0NWYxNjU3ZGQxMTJiZTU4ZGY0NDUyNmFmZGI5
NTcwNGM4YzRkMjNmMWE1YzUxNGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJYgvPXN44/X7UgfOiBZH19nuxJThkgKyEwLuEFqMFPTFOhD2p7vdtkfSapt
RoGibhumz2wyeyzVsIfd8SkLvlh44tTqbGH6NgsO7dYHNwlgArntSJepxMAObDNr
ovzkpyYfAhHGSvjptU6f4fLl44nOWlXC/GGaWrscufpnb9Q+GiwloQ/9udhzptjP
nmAoKj3PdtA80zc8gYlHkLzFCe2yBb97Z5kX/Kz6w4x9FaPCsOxIdBnT2QNGq1na
bDwwvZdx/g8eNMIcfZzsOglLxIZRNl/atQzM0BCnjDBgtXG2xCbP43nR4qOBhgKA
Q3p/yjKEh/c4FpIxIMV+OZifWh8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS8+6hM
nrASBV7sqVyv0dpqQcAS1jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjA5MjMyYjgtNzE5YS00NGU3LTg3ZmItMTQ3MzNlYzZjNmU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMiMA0G
CSqGSIb3DQEBCwUAA4IBAQCPjv4OSN3kEVti1q78/tIfi621rFdxYIw9IBGJmTEy
S/ZRWJtMHSLYkzdKr9qOW9t2qnxtu4LDVtnVwPIOXsD8qaDJjDRCBZGWsFEdcdxU
DQjxZQ3ER4AL6tkklkWdbI2MJ+I7J3qBAQta+MKvE2sTYjEHn4B2oV0MixPlafOA
uRXsRjB/4zlhryiqY1SzkAF8vA/+h12E5KuZ5dzN48fHTQmSLvBXNaqWCp7cNvIm
qJ/pfsFVQfVwWiL4lp8khEfBTCuKfcw4KZelCQGLaap5vNF4JrOhkm3w9IRZHxTL
JhVcyXU9t+HCyvE/MCm/P5if/QP2RBJK7CaYrHGBHVT5
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:31 2024 by rpki-client on console-ams.rpki-client.org