Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f09fd926-3f61-4391-9843-738e03da5e6a.roa
File: f09fd926-3f61-4391-9843-738e03da5e6a.roa (raw, json)
Hash identifier: olPtEW/+H/hT4V19bJr9vNTRd7YiFWZ8RLLlCfExHvc=
Subject key identifier: B6:19:D6:8C:41:0D:7A:4D:18:2A:7C:E5:D3:1C:82:3F:15:C5:46:F7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2B52AEDF6CE2D65D47567A6CDAA3FA4013282708
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f09fd926-3f61-4391-9843-738e03da5e6a.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 200.197.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:52:ae:df:6c:e2:d6:5d:47:56:7a:6c:da:a3:fa:40:13:28:27:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=b8145b0a2f80d178ceba18b1573891a2b8844948dc18418791fae3128a525db3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:83:fc:fa:c5:7a:54:3f:ce:d7:31:34:0e:ba:
19:a4:b6:29:ff:e4:07:80:90:2b:21:92:ca:98:2e:
3e:4f:00:21:26:5a:29:b3:6d:36:dc:84:10:a0:26:
c4:a0:f1:36:86:20:92:0a:4e:15:70:d6:1d:f4:aa:
f1:c3:3f:25:1c:c1:ec:1b:36:13:e5:76:ad:68:43:
cb:3b:d2:e4:4a:db:24:a6:83:b3:5d:a5:6e:55:fb:
25:d5:a9:22:2d:2a:37:39:d1:e4:c5:70:b5:b0:31:
c9:1a:16:fb:78:91:25:5a:9d:38:73:dc:32:8a:e4:
03:9a:5e:cb:8e:f4:06:42:46:51:81:45:af:fc:19:
89:b1:97:44:6a:60:67:20:c4:bc:b6:f3:ee:f8:81:
fe:bd:b7:e5:a9:05:15:89:c7:37:e5:80:7e:6d:b1:
9e:a4:25:de:49:d6:ab:77:e0:1d:46:d9:84:9f:ad:
39:30:1e:64:c3:d0:72:9a:c8:7a:02:fa:ed:63:e9:
17:61:2c:79:73:e1:9a:f3:81:98:52:2b:3b:7e:ea:
90:53:63:88:dc:ee:77:c0:b8:f8:9f:ca:b9:84:6c:
e0:e1:1d:e6:52:3d:ff:af:ee:c1:f9:db:4e:83:35:
49:29:36:5c:73:6a:1c:a5:fb:52:fa:b9:af:8d:a6:
cd:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:19:D6:8C:41:0D:7A:4D:18:2A:7C:E5:D3:1C:82:3F:15:C5:46:F7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f09fd926-3f61-4391-9843-738e03da5e6a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.197.0.0/16
Signature Algorithm: sha256WithRSAEncryption
17:eb:ae:5f:3d:78:7d:78:70:16:e5:5b:68:5e:d3:86:57:7a:
fa:3e:10:f7:db:96:13:7d:2d:70:ae:ad:53:d2:e0:d1:fb:f6:
0e:b5:66:07:c1:bd:b3:3a:b8:cc:1b:36:75:f8:bb:74:38:cf:
7d:17:42:d4:f0:17:4c:3d:50:52:6c:50:0e:24:77:4f:4e:4f:
9d:b1:ac:35:a1:0f:e1:95:d9:3d:97:d9:18:4a:4f:28:c0:f8:
63:fc:f9:11:94:40:09:43:88:ef:c1:00:cf:4e:39:01:b2:a4:
aa:02:b9:c6:71:23:a9:cc:79:21:6f:d2:4e:25:84:c9:69:d6:
85:06:c4:c9:84:2e:3a:e5:f5:47:8b:d4:40:d6:8d:77:5a:b4:
51:df:9c:89:cf:f4:59:ef:49:c2:cb:7b:50:db:02:bb:e7:64:
76:20:94:70:42:c5:0d:f4:61:4a:92:a6:75:03:c7:e6:5d:8b:
ab:7b:c1:6b:85:83:f0:ac:c1:df:01:cc:81:d0:06:47:a6:86:
ae:e9:16:7a:91:cc:96:13:9c:ae:1e:51:46:01:b2:89:c6:66:
c9:97:e0:64:92:eb:4f:e3:bc:81:9e:f8:58:2f:91:66:5a:a8:
af:a3:4d:01:6b:4a:de:0c:95:5a:87:57:ae:c4:cc:3f:9c:14:
f8:46:61:a7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUK1Ku32zi1l1HVnps2qP6QBMoJwgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4MTQ1YjBhMmY4MGQxNzhjZWJhMThiMTU3Mzg5MWEyYjg4NDQ5NDhkYzE4
NDE4NzkxZmFlMzEyOGE1MjVkYjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALeD/PrFelQ/ztcxNA66GaS2Kf/kB4CQKyGSypguPk8AISZaKbNtNtyEEKAm
xKDxNoYgkgpOFXDWHfSq8cM/JRzB7Bs2E+V2rWhDyzvS5ErbJKaDs12lblX7JdWp
Ii0qNznR5MVwtbAxyRoW+3iRJVqdOHPcMorkA5pey470BkJGUYFFr/wZibGXRGpg
ZyDEvLbz7viB/r235akFFYnHN+WAfm2xnqQl3knWq3fgHUbZhJ+tOTAeZMPQcprI
egL67WPpF2EseXPhmvOBmFIrO37qkFNjiNzud8C4+J/KuYRs4OEd5lI9/6/uwfnb
ToM1SSk2XHNqHKX7Uvq5r42mzfECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS2GdaM
QQ16TRgqfOXTHII/FcVG9zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjA5ZmQ5MjYtM2Y2MS00MzkxLTk4NDMtNzM4ZTAzZGE1ZTZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjFMA0G
CSqGSIb3DQEBCwUAA4IBAQAX665fPXh9eHAW5VtoXtOGV3r6PhD325YTfS1wrq1T
0uDR+/YOtWYHwb2zOrjMGzZ1+Lt0OM99F0LU8BdMPVBSbFAOJHdPTk+dsaw1oQ/h
ldk9l9kYSk8owPhj/PkRlEAJQ4jvwQDPTjkBsqSqArnGcSOpzHkhb9JOJYTJadaF
BsTJhC465fVHi9RA1o13WrRR35yJz/RZ70nCy3tQ2wK752R2IJRwQsUN9GFKkqZ1
A8fmXYure8FrhYPwrMHfAcyB0AZHpoau6RZ6kcyWE5yuHlFGAbKJxmbJl+BkkutP
47yBnvhYL5FmWqivo00Ba0reDJVah1euxMw/nBT4RmGn
-----END CERTIFICATE-----
Generated at Sun Nov 24 21:43:51 2024 by rpki-client on console-ams.rpki-client.org