Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f71d7429-ef0b-424d-9e36-741d62d1968a.roa
File: f71d7429-ef0b-424d-9e36-741d62d1968a.roa (raw, json)
Hash identifier: +nxELBtcY8mZ/gJTvA50odtaCJ6VgMuXk3EmeEdelQ8=
Subject key identifier: A4:B0:E7:B8:6F:A7:47:15:49:22:DC:D1:C9:65:F2:16:EE:79:83:24
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 541359528E6C168BEE6F6D6B6E9EA68C9B458897
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f71d7429-ef0b-424d-9e36-741d62d1968a.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.208.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:13:59:52:8e:6c:16:8b:ee:6f:6d:6b:6e:9e:a6:8c:9b:45:88:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=18566102cd9147a103dabd72b5bd8868f60ffff6d5575a1a370fa1a15901d09d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:21:3f:e8:91:5e:91:92:21:29:54:cd:ca:78:
1a:f2:d1:23:75:4d:8c:80:82:df:57:99:43:ac:b0:
59:99:cb:9c:63:d1:8c:f3:bb:8b:90:4c:11:0b:53:
10:83:28:ad:57:e8:f8:95:2e:ff:41:eb:f9:88:32:
9c:71:64:c1:bd:5e:d0:6d:7f:30:40:bf:20:8b:b0:
59:3c:4a:88:95:54:4b:ab:37:6f:22:0b:4c:24:6f:
1e:6a:2e:81:d1:3b:dc:c4:7c:fb:5d:87:43:06:62:
3b:26:13:02:dc:fb:23:c7:63:04:af:37:bd:a2:73:
47:4d:f6:37:60:51:c9:15:f9:ea:c6:d5:84:5a:55:
79:c3:30:18:ee:80:d6:10:74:9f:f0:21:13:89:83:
8d:05:85:54:cf:79:e3:2d:15:de:32:63:50:9c:2b:
d9:bc:f1:e9:e4:e9:71:d4:ff:ef:36:d4:ff:2c:19:
84:2d:eb:07:8b:37:9d:bc:ea:73:5a:25:af:20:31:
49:58:de:87:33:fd:97:0a:d6:e6:75:63:c7:19:c9:
f0:58:3f:c1:7a:82:02:24:e7:d7:25:75:f0:43:4c:
7b:e9:c3:48:67:48:f5:76:47:a9:6b:94:f2:90:ae:
6b:41:92:3e:e5:73:31:53:f9:0f:3e:6a:63:bf:77:
3c:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:B0:E7:B8:6F:A7:47:15:49:22:DC:D1:C9:65:F2:16:EE:79:83:24
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f71d7429-ef0b-424d-9e36-741d62d1968a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.208.0.0/15
Signature Algorithm: sha256WithRSAEncryption
10:0b:ed:d4:34:a9:f3:67:be:d5:d9:08:43:7f:7d:ba:19:c0:
a0:1f:7f:72:3d:34:9a:d7:da:eb:ac:c1:ee:27:47:c2:b7:03:
59:66:3a:d4:1b:af:4d:26:50:a0:de:c0:a8:e5:7c:5a:6b:5f:
59:47:a9:fd:1e:14:bd:80:aa:dc:77:00:4e:26:81:02:c7:a0:
57:e3:c1:04:ec:fd:0f:19:40:f9:c5:75:3b:cb:0e:4b:d6:87:
c9:5d:59:16:a7:eb:2c:0a:01:da:12:49:48:e4:88:83:f6:7f:
59:00:10:fa:5d:0d:53:45:fa:81:0e:07:fb:f6:16:fa:21:6b:
94:78:85:e2:36:8f:18:5b:3f:cd:71:4b:b2:69:47:44:68:1a:
ea:2c:6e:69:fe:bd:a6:bd:58:34:bf:f3:f6:b3:3c:de:61:42:
9f:5e:e8:9f:d4:39:05:64:79:54:df:4e:73:83:04:e5:d5:d5:
ec:e1:dc:fb:8c:f8:b2:3f:88:ae:ba:a5:5e:77:0c:54:06:93:
12:55:54:96:22:e5:97:2d:80:6b:df:02:25:39:4d:60:b8:15:
6b:9f:88:7a:5e:4f:b9:ae:43:2a:42:e8:79:ee:5a:8d:98:49:
cd:93:f9:b2:15:b4:df:e0:43:02:b6:f1:21:6a:fa:53:b1:da:
8d:1d:6e:dc
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVBNZUo5sFovub21rbp6mjJtFiJcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4NTY2MTAyY2Q5MTQ3YTEwM2RhYmQ3MmI1YmQ4ODY4ZjYwZmZmZjZkNTU3
NWExYTM3MGZhMWExNTkwMWQwOWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANchP+iRXpGSISlUzcp4GvLRI3VNjICC31eZQ6ywWZnLnGPRjPO7i5BMEQtT
EIMorVfo+JUu/0Hr+YgynHFkwb1e0G1/MEC/IIuwWTxKiJVUS6s3byILTCRvHmou
gdE73MR8+12HQwZiOyYTAtz7I8djBK83vaJzR032N2BRyRX56sbVhFpVecMwGO6A
1hB0n/AhE4mDjQWFVM954y0V3jJjUJwr2bzx6eTpcdT/7zbU/ywZhC3rB4s3nbzq
c1olryAxSVjehzP9lwrW5nVjxxnJ8Fg/wXqCAiTn1yV18ENMe+nDSGdI9XZHqWuU
8pCua0GSPuVzMVP5Dz5qY793PPECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSksOe4
b6dHFUki3NHJZfIW7nmDJDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjcxZDc0MjktZWYwYi00MjRkLTllMzYtNzQxZDYyZDE5NjhhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPQMA0G
CSqGSIb3DQEBCwUAA4IBAQAQC+3UNKnzZ77V2QhDf326GcCgH39yPTSa19rrrMHu
J0fCtwNZZjrUG69NJlCg3sCo5Xxaa19ZR6n9HhS9gKrcdwBOJoECx6BX48EE7P0P
GUD5xXU7yw5L1ofJXVkWp+ssCgHaEklI5IiD9n9ZABD6XQ1TRfqBDgf79hb6IWuU
eIXiNo8YWz/NcUuyaUdEaBrqLG5p/r2mvVg0v/P2szzeYUKfXuif1DkFZHlU305z
gwTl1dXs4dz7jPiyP4iuuqVedwxUBpMSVVSWIuWXLYBr3wIlOU1guBVrn4h6Xk+5
rkMqQuh57lqNmEnNk/myFbTf4EMCtvEhavpTsdqNHW7c
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:31 2024 by rpki-client on console-ams.rpki-client.org