Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/123b20eb-4142-4c18-96e0-d1871de66fd3.roa
File: 123b20eb-4142-4c18-96e0-d1871de66fd3.roa (raw, json)
Hash identifier: gVYTrhb9mFSs1i/z/EnWlZ68hqswemQPiWi4q2+We2Y=
Subject key identifier: 1F:BB:AD:DE:8C:27:D1:90:C5:79:B2:DE:F6:DC:91:E7:59:D2:A5:FD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 27669E415B41BC05CE5889B6EB5D4C1EA3AB56E0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/123b20eb-4142-4c18-96e0-d1871de66fd3.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.214.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:66:9e:41:5b:41:bc:05:ce:58:89:b6:eb:5d:4c:1e:a3:ab:56:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=becc39857f6099255d54d6bba965d1b7f3ad083ce714af68f9b38a16d6eee566, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:40:c7:42:67:dd:f8:40:17:73:6c:86:51:aa:
ec:4e:0b:83:58:12:c9:e7:fe:fb:ed:98:f3:34:3a:
f5:c9:f2:25:86:06:77:1e:82:42:93:23:9a:e6:8b:
d4:64:75:b4:21:21:86:28:86:c4:d8:f4:6a:e4:2e:
72:a2:2c:68:10:bb:bb:02:b0:d4:18:5d:b7:b7:c7:
40:59:82:36:1a:9f:51:e4:1b:3b:c4:e9:3b:6f:99:
2d:55:a1:09:7b:8c:f3:c7:9e:7e:8e:e0:f2:1b:49:
8b:31:e5:3f:66:4f:63:40:6d:75:5d:ff:9d:66:1a:
4d:3e:93:dc:ea:ab:f6:35:36:aa:ec:d7:00:e6:89:
9b:56:f5:99:11:fd:24:bc:f6:c9:4b:ae:cd:f9:a4:
78:75:c2:13:4b:e8:6c:65:88:b1:c6:77:7b:35:0d:
85:9f:62:97:06:47:71:ff:29:0b:80:32:b9:5a:cf:
85:df:80:e9:a1:35:6c:08:5f:b7:49:1d:37:7f:d0:
71:bd:34:66:d8:40:ec:46:b6:ef:69:18:b5:06:c8:
09:e5:62:48:90:49:d9:3a:77:38:e0:c7:82:c0:52:
83:38:3d:c8:8b:a7:91:5d:4c:5e:77:60:d5:04:31:
bc:02:3b:b9:24:4b:3f:01:9f:6b:e9:41:63:ee:55:
19:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:BB:AD:DE:8C:27:D1:90:C5:79:B2:DE:F6:DC:91:E7:59:D2:A5:FD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/123b20eb-4142-4c18-96e0-d1871de66fd3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.214.0.0/15
Signature Algorithm: sha256WithRSAEncryption
24:66:47:76:99:73:74:fa:0c:41:3a:3d:fd:36:56:15:48:8c:
9a:29:69:46:d1:0a:4a:08:90:9c:a6:99:8b:58:a7:4d:58:70:
b6:1b:be:55:84:8d:e1:29:ce:80:ea:49:5d:39:e0:c0:f4:cb:
94:e5:87:95:0b:46:a2:6b:d5:c3:b2:b0:96:91:d4:3d:41:81:
4a:2c:99:c3:27:db:44:81:f4:00:40:b0:ab:73:bd:25:2d:c3:
08:ac:f2:9d:0e:dd:a4:56:fb:f5:7e:5a:33:b1:06:61:1d:33:
96:3f:a6:fe:02:f3:c9:4f:e4:bc:3e:0a:5c:7f:00:a4:73:94:
8a:0c:bc:55:84:b5:eb:88:56:90:3a:71:7f:19:db:5f:38:7b:
39:bf:7b:5d:db:16:f3:9e:b3:f7:9a:e3:86:e1:dc:f0:ef:6c:
0e:f3:17:d5:a8:50:f5:0a:66:85:8b:60:1d:69:6b:2d:0b:73:
b0:74:18:06:ae:8b:ce:9e:f7:01:72:8b:42:97:85:c3:e8:aa:
2e:4b:8d:05:1d:38:36:c1:fe:fc:1f:d1:13:56:cd:5b:c3:e8:
a1:51:4d:b5:aa:c7:b7:97:43:9a:a0:83:ad:ae:d5:49:db:68:
d9:58:22:67:a9:d2:f5:32:2b:c6:8f:6a:52:1d:f5:6c:4c:85:
00:87:d5:bc
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJ2aeQVtBvAXOWIm2611MHqOrVuAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGJlY2MzOTg1N2Y2MDk5MjU1ZDU0ZDZiYmE5NjVkMWI3ZjNhZDA4M2NlNzE0
YWY2OGY5YjM4YTE2ZDZlZWU1NjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKlAx0Jn3fhAF3NshlGq7E4Lg1gSyef+++2Y8zQ69cnyJYYGdx6CQpMjmuaL
1GR1tCEhhiiGxNj0auQucqIsaBC7uwKw1Bhdt7fHQFmCNhqfUeQbO8TpO2+ZLVWh
CXuM88eefo7g8htJizHlP2ZPY0BtdV3/nWYaTT6T3Oqr9jU2quzXAOaJm1b1mRH9
JLz2yUuuzfmkeHXCE0vobGWIscZ3ezUNhZ9ilwZHcf8pC4AyuVrPhd+A6aE1bAhf
t0kdN3/Qcb00ZthA7Ea272kYtQbICeViSJBJ2Tp3OODHgsBSgzg9yIunkV1MXndg
1QQxvAI7uSRLPwGfa+lBY+5VGQMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQfu63e
jCfRkMV5st723JHnWdKl/TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTIzYjIwZWItNDE0Mi00YzE4LTk2ZTAtZDE4NzFkZTY2ZmQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPWMA0G
CSqGSIb3DQEBCwUAA4IBAQAkZkd2mXN0+gxBOj39NlYVSIyaKWlG0QpKCJCcppmL
WKdNWHC2G75VhI3hKc6A6kldOeDA9MuU5YeVC0aia9XDsrCWkdQ9QYFKLJnDJ9tE
gfQAQLCrc70lLcMIrPKdDt2kVvv1flozsQZhHTOWP6b+AvPJT+S8PgpcfwCkc5SK
DLxVhLXriFaQOnF/GdtfOHs5v3td2xbznrP3muOG4dzw72wO8xfVqFD1CmaFi2Ad
aWstC3OwdBgGrovOnvcBcotCl4XD6KouS40FHTg2wf78H9ETVs1bw+ihUU21qse3
l0OaoIOtrtVJ22jZWCJnqdL1MivGj2pSHfVsTIUAh9W8
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:47:31 2023 by rpki-client on console-fra.rpki-client.org