Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
File: 01305f95-02db-46f4-a135-5ff585346b72.roa (raw, json)
Hash identifier: d6Sn+26C0sdlGEtrM7mvC1GhqYHNWaD/OmO7LL2TcBg=
Subject key identifier: F6:11:03:39:54:79:E3:CD:6F:4D:04:A1:EE:D9:6C:EE:E8:31:6A:DA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 19937A1C8B12A67DD7DABBEB3FBA99E9DA313C86
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.204.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:93:7a:1c:8b:12:a6:7d:d7:da:bb:eb:3f:ba:99:e9:da:31:3c:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=53801c49919a32e4fd94d1d9e52edcf0069b8da51eaa3bd513001914eeabbf4c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:01:2f:41:02:60:fd:f2:d2:09:ae:4f:83:34:
5b:90:83:ce:b7:8c:44:cf:e5:d7:d9:78:b0:92:d8:
39:86:76:f2:ed:20:0a:87:f8:57:a8:95:3d:1e:ca:
99:3d:09:c0:59:2c:f5:10:23:36:72:24:b4:46:97:
97:c5:43:9f:c3:fe:e5:ec:40:bd:00:84:04:02:df:
11:4c:05:38:c9:a9:64:02:ff:61:8a:b5:e8:63:a0:
33:0c:12:98:4d:e5:22:1a:17:56:af:cb:8a:6b:cf:
5f:ce:ec:bf:55:72:0b:4e:2e:f1:0e:e2:5b:3e:30:
56:d3:59:e3:b3:c8:f2:f2:2d:11:fd:8a:9f:d7:3a:
78:cf:6f:2e:d3:7d:c7:17:77:c7:99:10:5e:e2:88:
0c:2e:c5:1e:c5:33:3c:92:68:bc:5e:a3:6c:8b:88:
73:24:07:05:c7:9e:de:b5:d8:cc:9b:18:5b:7b:36:
1f:5f:ae:5b:b8:af:dd:d8:a3:ae:03:67:13:67:a1:
14:a5:48:b2:9a:41:66:4e:8f:70:da:e6:a2:54:5f:
87:c4:13:32:cf:5a:e8:5a:4b:11:46:02:5d:26:e2:
04:08:97:85:df:58:4b:d0:9f:5d:98:07:2a:66:87:
8d:80:cd:75:ff:49:dd:83:ee:0e:74:24:62:88:1b:
b9:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:11:03:39:54:79:E3:CD:6F:4D:04:A1:EE:D9:6C:EE:E8:31:6A:DA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.204.0.0/15
Signature Algorithm: sha256WithRSAEncryption
47:64:b9:66:72:80:39:1d:b9:32:a3:a7:2d:55:3f:af:63:ca:
8f:a1:ee:4e:5a:9c:c4:45:94:d1:62:18:36:3b:ec:8d:d1:55:
ae:b2:33:dd:ce:45:a7:72:da:60:59:57:20:44:56:ff:9d:7a:
f8:5b:17:d1:af:96:ea:bc:11:82:a9:f1:86:62:eb:84:ad:57:
f4:1b:8d:71:5e:f4:27:42:b7:0b:3c:fa:5e:8c:3e:50:8c:eb:
9f:30:14:7c:3c:56:62:34:45:03:4a:17:8e:2a:a1:25:13:a5:
d7:df:64:f3:15:5b:b1:46:53:fe:9e:da:35:95:37:2d:f7:00:
79:b2:c7:fb:06:9f:4e:86:0a:8d:cf:9d:f2:a3:fc:da:43:49:
16:ca:17:6e:9f:96:af:c7:44:4a:e5:41:b3:56:87:6b:29:55:
02:b6:96:9e:55:64:ca:f7:7f:ec:29:88:e8:64:87:71:b3:a3:
40:e4:3c:bc:46:db:20:4b:c8:1c:89:2f:0a:17:09:1d:07:94:
54:ce:90:c1:64:dd:68:83:5f:78:e5:8f:cc:1d:93:98:be:ef:
c1:0d:59:c7:1a:c2:70:bd:ad:41:b3:09:9e:0a:42:33:94:9b:
99:e8:fe:76:be:a2:d4:cc:6b:be:65:ba:e0:5f:ea:8a:67:6a:
b6:22:8d:ad
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGZN6HIsSpn3X2rvrP7qZ6doxPIYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzODAxYzQ5OTE5YTMyZTRmZDk0ZDFkOWU1MmVkY2YwMDY5YjhkYTUxZWFh
M2JkNTEzMDAxOTE0ZWVhYmJmNGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN0BL0ECYP3y0gmuT4M0W5CDzreMRM/l19l4sJLYOYZ28u0gCof4V6iVPR7K
mT0JwFks9RAjNnIktEaXl8VDn8P+5exAvQCEBALfEUwFOMmpZAL/YYq16GOgMwwS
mE3lIhoXVq/LimvPX87sv1VyC04u8Q7iWz4wVtNZ47PI8vItEf2Kn9c6eM9vLtN9
xxd3x5kQXuKIDC7FHsUzPJJovF6jbIuIcyQHBcee3rXYzJsYW3s2H1+uW7iv3dij
rgNnE2ehFKVIsppBZk6PcNrmolRfh8QTMs9a6FpLEUYCXSbiBAiXhd9YS9CfXZgH
KmaHjYDNdf9J3YPuDnQkYogbuRsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT2EQM5
VHnjzW9NBKHu2Wzu6DFq2jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDEzMDVmOTUtMDJkYi00NmY0LWExMzUtNWZmNTg1MzQ2YjcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPMMA0G
CSqGSIb3DQEBCwUAA4IBAQBHZLlmcoA5Hbkyo6ctVT+vY8qPoe5OWpzERZTRYhg2
O+yN0VWusjPdzkWnctpgWVcgRFb/nXr4WxfRr5bqvBGCqfGGYuuErVf0G41xXvQn
QrcLPPpejD5QjOufMBR8PFZiNEUDSheOKqElE6XX32TzFVuxRlP+nto1lTct9wB5
ssf7Bp9OhgqNz53yo/zaQ0kWyhdun5avx0RK5UGzVodrKVUCtpaeVWTK93/sKYjo
ZIdxs6NA5Dy8RtsgS8gciS8KFwkdB5RUzpDBZN1og1945Y/MHZOYvu/BDVnHGsJw
va1BswmeCkIzlJuZ6P52vqLUzGu+ZbrgX+qKZ2q2Io2t
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:47:31 2023 by rpki-client on console-fra.rpki-client.org