Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f77806ea-9955-4b0b-97f2-78a93d7f0c74.roa
File: f77806ea-9955-4b0b-97f2-78a93d7f0c74.roa (raw, json)
Hash identifier: RwpAO5t+hZzlp9z4JYW/2Zd1qSsq6Z590tE6tCAjUGs=
Subject key identifier: 3D:91:CD:C5:88:10:4D:C8:97:A1:14:44:7E:49:52:8C:98:31:61:84
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1329B845788F74968832D6349340BF1F42B3D4F7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f77806ea-9955-4b0b-97f2-78a93d7f0c74.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.172.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:29:b8:45:78:8f:74:96:88:32:d6:34:93:40:bf:1f:42:b3:d4:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=89ba417fe2c7a6843e67547fc8c355640fa80f7fd0e8c72b11cf37a797b52406, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:8a:81:8f:1f:13:c6:3a:49:79:b0:64:68:48:
5b:a4:d0:db:93:40:65:e9:8e:2b:ef:af:a0:a5:0d:
a7:7e:48:fc:6f:15:d1:73:77:3a:08:21:35:95:a4:
da:48:9e:79:3e:08:cf:37:67:b9:c7:39:cb:ed:62:
79:10:92:7d:1d:44:3b:e8:3e:6b:45:41:4f:ae:0d:
64:b1:79:22:36:b4:40:bc:0c:ef:c3:98:a2:df:73:
a2:a7:92:88:96:83:3b:d4:33:a5:96:bf:98:da:40:
38:3b:76:be:96:05:6b:e0:24:a8:b6:b7:33:cd:ae:
48:5c:d6:1c:8e:fc:38:27:a5:29:06:92:53:e4:85:
0f:62:7d:e4:ee:3c:00:a8:8b:08:92:7a:d9:77:d0:
dd:58:0a:03:66:8f:34:2d:3f:75:32:41:10:40:ec:
f5:a5:43:df:e5:37:ec:40:96:15:4d:8c:74:09:0d:
e4:03:0a:78:10:cb:05:19:3c:ab:0e:29:1f:e9:90:
d7:7c:f4:fd:08:69:54:de:36:4a:04:28:b7:9f:2b:
2e:86:4f:2f:81:df:89:a8:b2:1f:82:b2:7b:a7:1f:
96:ba:09:f8:8f:0e:a8:f6:bb:6a:e6:37:d9:67:1c:
c6:8b:1b:15:da:34:24:64:9d:f3:43:14:2a:e4:b9:
67:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:91:CD:C5:88:10:4D:C8:97:A1:14:44:7E:49:52:8C:98:31:61:84
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f77806ea-9955-4b0b-97f2-78a93d7f0c74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.172.0.0/15
Signature Algorithm: sha256WithRSAEncryption
46:85:8e:d9:ea:9f:26:fe:e9:d3:6c:60:9d:ce:e2:80:7b:0c:
5a:5f:55:d8:df:fa:66:19:e6:8d:aa:0c:d5:35:7d:c2:fc:79:
d8:6c:af:0f:8e:b0:35:79:45:ca:95:aa:3f:17:4d:38:e0:70:
e3:2e:93:22:3f:cc:a1:04:88:65:de:e9:d5:8f:ea:cd:53:ab:
ec:c0:ac:e0:68:6a:89:1d:b8:9b:59:af:5e:07:90:80:67:5b:
5a:19:52:29:e9:71:7d:40:98:fe:0a:83:da:f3:46:64:1f:b5:
c6:1c:3b:7e:6e:9e:72:e5:0c:09:ec:e8:ef:3f:c5:a3:c7:c8:
10:e7:6b:f2:3b:32:f2:61:10:a4:09:ed:27:ec:3b:97:97:aa:
27:f2:93:ee:10:b8:a6:24:bf:7b:1f:a0:04:38:e2:9e:0e:52:
1d:e2:91:70:d4:c4:4e:a5:8f:1c:c5:5a:67:24:b3:a1:54:e4:
ec:9e:13:e1:4a:26:d8:a7:64:1f:c1:be:86:1c:f1:53:85:14:
f8:12:5d:20:0e:16:94:59:cf:5f:98:bd:43:f3:63:39:2c:cd:
ed:81:da:1a:c3:7c:e7:bf:e6:6d:b7:ed:20:68:67:86:3c:fa:
0d:12:e4:31:d9:ee:4a:d6:86:6e:57:15:5f:a5:2a:51:37:fc:
ae:fb:3a:5c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEym4RXiPdJaIMtY0k0C/H0Kz1PcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5YmE0MTdmZTJjN2E2ODQzZTY3NTQ3ZmM4YzM1NTY0MGZhODBmN2ZkMGU4
YzcyYjExY2YzN2E3OTdiNTI0MDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI+KgY8fE8Y6SXmwZGhIW6TQ25NAZemOK++voKUNp35I/G8V0XN3OgghNZWk
2kieeT4Izzdnucc5y+1ieRCSfR1EO+g+a0VBT64NZLF5Ija0QLwM78OYot9zoqeS
iJaDO9QzpZa/mNpAODt2vpYFa+AkqLa3M82uSFzWHI78OCelKQaSU+SFD2J95O48
AKiLCJJ62XfQ3VgKA2aPNC0/dTJBEEDs9aVD3+U37ECWFU2MdAkN5AMKeBDLBRk8
qw4pH+mQ13z0/QhpVN42SgQot58rLoZPL4HfiaiyH4Kye6cflroJ+I8OqPa7auY3
2WccxosbFdo0JGSd80MUKuS5Z6sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ9kc3F
iBBNyJehFER+SVKMmDFhhDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Zjc3ODA2ZWEtOTk1NS00YjBiLTk3ZjItNzhhOTNkN2YwYzc0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOsMA0G
CSqGSIb3DQEBCwUAA4IBAQBGhY7Z6p8m/unTbGCdzuKAewxaX1XY3/pmGeaNqgzV
NX3C/HnYbK8PjrA1eUXKlao/F0044HDjLpMiP8yhBIhl3unVj+rNU6vswKzgaGqJ
HbibWa9eB5CAZ1taGVIp6XF9QJj+CoPa80ZkH7XGHDt+bp5y5QwJ7OjvP8Wjx8gQ
52vyOzLyYRCkCe0n7DuXl6on8pPuELimJL97H6AEOOKeDlId4pFw1MROpY8cxVpn
JLOhVOTsnhPhSibYp2Qfwb6GHPFThRT4El0gDhaUWc9fmL1D82M5LM3tgdoaw3zn
v+Ztt+0gaGeGPPoNEuQx2e5K1oZuVxVfpSpRN/yu+zpc
-----END CERTIFICATE-----
Generated at Sun Nov 24 21:43:51 2024 by rpki-client on console-ams.rpki-client.org