Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f9c2130f-6f88-42ac-853e-f39d188adb6d.roa
File: f9c2130f-6f88-42ac-853e-f39d188adb6d.roa (raw, json)
Hash identifier: fhu45VHSFgVoTDvcTi+C9LVexg/V3Pk3lOqo3FB4iv4=
Subject key identifier: 43:FD:B0:ED:E4:95:0E:05:D2:FD:0C:40:0C:54:F7:A8:83:8C:AB:25
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5A5847A97C621AB02547B1287419E995752FB7AB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f9c2130f-6f88-42ac-853e-f39d188adb6d.roa
Signing time: Fri 08 Nov 2024 00:00:00 +0000
ROA not before: Fri 08 Nov 2024 00:00:00 +0000
ROA not after: Fri 13 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.232.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:58:47:a9:7c:62:1a:b0:25:47:b1:28:74:19:e9:95:75:2f:b7:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 8 00:00:00 2024 GMT
Not After : Dec 13 23:59:59 2024 GMT
Subject: serialNumber=cfd5c1be337a622331625d0f803f377e1e73517d822b2cf364bd320a5d3a9fef, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:c5:7e:fb:f0:e1:ba:91:f9:db:d1:72:5d:f5:
5f:d9:8b:b2:c9:0f:3c:e3:c3:ac:34:47:b6:df:46:
c1:3d:2f:e6:1f:db:3b:22:26:31:86:0f:fe:0a:25:
5a:ab:31:31:eb:1a:f5:88:59:19:37:97:c2:e3:55:
f9:57:9b:e7:93:4f:89:eb:4b:2a:bc:b7:d3:2a:f7:
64:97:e0:d0:26:ab:4d:a5:c5:a4:84:7d:8a:51:79:
5a:05:4f:28:dd:14:5e:aa:10:9b:82:71:db:f9:a0:
ef:d7:ef:f6:dc:b6:b8:cd:2c:42:02:3b:dc:63:ef:
56:d8:26:da:87:03:15:82:9a:4e:ac:fc:a1:87:1b:
0c:b7:e4:c3:68:f5:7a:9f:31:8c:b6:71:ab:96:7c:
48:b2:53:1a:76:25:3f:6a:7e:74:5e:4f:54:ef:c1:
a5:fa:ea:a3:25:a9:2e:4a:ec:e5:72:80:cc:90:34:
3c:4e:77:cb:26:80:a6:01:85:15:7f:44:b5:01:52:
67:6d:65:a7:73:b7:89:f2:38:be:9b:0d:f2:ba:68:
2a:ea:70:88:e5:0b:58:c6:b7:0c:c5:a5:4a:6d:2d:
bb:c6:1d:49:7d:0b:cc:c6:5d:4d:2b:2b:bf:c2:be:
eb:c1:6c:07:05:06:aa:7f:04:66:25:b9:17:b6:5b:
75:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:FD:B0:ED:E4:95:0E:05:D2:FD:0C:40:0C:54:F7:A8:83:8C:AB:25
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f9c2130f-6f88-42ac-853e-f39d188adb6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.232.0.0/15
Signature Algorithm: sha256WithRSAEncryption
2f:a1:d2:18:82:26:a7:3b:db:fe:f2:fa:31:91:a1:78:7d:e3:
ee:e0:3c:62:2e:55:03:1d:3b:bc:4f:7f:21:3c:2e:ac:3f:09:
ae:9e:3e:4f:4f:9c:3a:74:03:0d:63:f3:35:40:bb:0f:18:58:
48:42:16:04:64:8e:ff:6a:b5:58:84:20:b1:7d:2f:8e:b2:da:
f7:ae:55:cf:17:ae:78:91:72:46:3c:04:ca:2b:62:ad:c5:9b:
d4:77:a6:e9:62:ff:ad:ff:80:2f:91:a0:bb:08:cf:78:c9:de:
b7:ad:1f:a6:9a:95:0e:47:5f:2e:a8:b2:d5:58:41:c0:e3:61:
2e:1e:c8:f0:c5:60:a5:cd:73:ec:a6:01:b8:3d:db:fd:65:19:
2a:37:7f:aa:56:17:7b:c8:ac:8a:e3:82:f3:f2:4c:ef:a6:4d:
8a:99:a9:c3:88:1b:c5:0a:bc:57:55:3d:6f:89:de:a5:4b:57:
fc:bc:f8:ff:f8:62:89:83:47:0d:9a:1e:7d:7f:f4:36:cf:10:
e1:0b:9b:d2:36:a9:a3:a9:be:89:fb:9a:2d:50:e7:42:72:8c:
9a:36:0c:0d:24:ba:1f:a9:c0:da:03:d3:40:0e:4e:f3:46:44:
2a:ae:59:05:c3:05:3e:c5:db:c2:3e:6a:c3:5e:1b:ca:9f:27:
04:96:68:0e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUWlhHqXxiGrAlR7EodBnplXUvt6swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDgwMDAwMDBaFw0yNDEyMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmZDVjMWJlMzM3YTYyMjMzMTYyNWQwZjgwM2YzNzdlMWU3MzUxN2Q4MjJi
MmNmMzY0YmQzMjBhNWQzYTlmZWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANjFfvvw4bqR+dvRcl31X9mLsskPPOPDrDRHtt9GwT0v5h/bOyImMYYP/gol
WqsxMesa9YhZGTeXwuNV+Veb55NPietLKry30yr3ZJfg0CarTaXFpIR9ilF5WgVP
KN0UXqoQm4Jx2/mg79fv9ty2uM0sQgI73GPvVtgm2ocDFYKaTqz8oYcbDLfkw2j1
ep8xjLZxq5Z8SLJTGnYlP2p+dF5PVO/BpfrqoyWpLkrs5XKAzJA0PE53yyaApgGF
FX9EtQFSZ21lp3O3ifI4vpsN8rpoKupwiOULWMa3DMWlSm0tu8YdSX0LzMZdTSsr
v8K+68FsBwUGqn8EZiW5F7Zbdc0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRD/bDt
5JUOBdL9DEAMVPeog4yrJTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjljMjEzMGYtNmY4OC00MmFjLTg1M2UtZjM5ZDE4OGFkYjZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPoMA0G
CSqGSIb3DQEBCwUAA4IBAQAvodIYgianO9v+8voxkaF4fePu4DxiLlUDHTu8T38h
PC6sPwmunj5PT5w6dAMNY/M1QLsPGFhIQhYEZI7/arVYhCCxfS+Ostr3rlXPF654
kXJGPATKK2KtxZvUd6bpYv+t/4AvkaC7CM94yd63rR+mmpUOR18uqLLVWEHA42Eu
HsjwxWClzXPspgG4Pdv9ZRkqN3+qVhd7yKyK44Lz8kzvpk2KmanDiBvFCrxXVT1v
id6lS1f8vPj/+GKJg0cNmh59f/Q2zxDhC5vSNqmjqb6J+5otUOdCcoyaNgwNJLof
qcDaA9NADk7zRkQqrlkFwwU+xdvCPmrDXhvKnycElmgO
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:31 2024 by rpki-client on console-ams.rpki-client.org