Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1350b3cb-6def-4283-90f3-051faef7a4e3.roa
File: 1350b3cb-6def-4283-90f3-051faef7a4e3.roa (raw, json)
Hash identifier: GAAazx14WUtBSMLcPqXdPbasim2N8JAKIaUHr5M1IkM=
Subject key identifier: E4:1F:21:71:C7:B6:36:1D:A7:59:FA:A8:79:3F:63:3A:50:C2:0B:D2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0D2C1757A990CAA211FA7B4412875A5F7A0DF64B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1350b3cb-6def-4283-90f3-051faef7a4e3.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.20.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:2c:17:57:a9:90:ca:a2:11:fa:7b:44:12:87:5a:5f:7a:0d:f6:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=41139ea628d44433dbfa86c612dd88f473236266064f030847ba94b8f278d77a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:da:73:82:9e:cc:18:94:a1:61:49:d2:01:ff:
ad:87:87:c6:fe:f7:ba:83:13:ae:e0:3d:c5:b5:c8:
89:6d:0d:44:eb:d9:3f:84:74:7e:8f:ba:23:ec:9a:
da:83:ec:46:7e:a7:27:91:bd:11:bc:a0:58:00:dd:
2c:05:26:5a:88:d9:0d:23:65:1e:2e:4f:04:ee:32:
e8:d6:66:83:a4:e3:e2:97:be:ac:a3:fb:40:c8:f4:
31:9f:80:74:05:e4:c6:58:71:3a:c3:a2:aa:10:92:
35:09:45:3e:81:95:02:3d:b6:6c:22:1c:47:23:5d:
be:9e:c6:da:e9:90:30:44:32:6e:f7:da:87:40:ed:
f3:74:4f:b1:5b:56:65:fb:37:9e:77:20:a3:5f:2e:
ff:39:57:84:4b:fa:e1:f8:97:66:cb:df:89:9c:56:
63:35:7d:16:78:d3:17:a8:86:56:8a:bd:70:68:0b:
49:22:76:dc:c1:78:0e:c3:2b:8d:b8:a0:c4:c0:c0:
2f:61:1a:5b:c4:2e:05:a6:72:ab:76:02:c9:7e:29:
96:3f:37:b8:ec:a5:ec:c3:d7:c1:07:c6:2b:55:f9:
ce:94:34:08:ea:e7:76:3f:e6:3d:59:90:31:2c:60:
4c:bc:a6:88:46:6b:83:23:8d:b7:b1:d2:20:72:94:
74:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:1F:21:71:C7:B6:36:1D:A7:59:FA:A8:79:3F:63:3A:50:C2:0B:D2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1350b3cb-6def-4283-90f3-051faef7a4e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.20.0.0/14
Signature Algorithm: sha256WithRSAEncryption
a0:81:98:94:27:79:47:81:30:22:94:67:d3:e8:82:0c:45:a2:
d1:0e:99:de:84:66:cf:2c:aa:d8:65:a7:77:5f:42:bf:a5:b9:
08:c5:37:5b:35:2d:42:b6:ae:77:c6:3c:39:75:c3:73:e7:48:
6b:d3:f5:a1:b6:d1:4d:a7:17:55:46:3b:6b:2c:c9:3a:5d:f6:
56:68:2d:a9:d5:a1:26:a4:4c:3e:21:27:fc:fc:ce:df:52:0b:
8f:33:45:ec:20:70:66:89:4f:9d:a4:58:bf:61:31:b5:a4:33:
c6:0f:d5:9d:c3:4c:59:38:59:4d:1f:b6:3d:d6:e8:b0:81:18:
00:fb:00:57:ea:2f:69:db:d2:2d:1d:8e:8f:c4:fe:2d:39:68:
49:a2:92:6f:5c:a1:0e:36:95:e6:a2:f1:ea:bf:2b:88:10:e9:
4d:7d:85:ae:4b:25:45:28:58:17:3b:a1:85:f3:ad:11:02:8a:
66:72:be:e2:c1:36:63:ea:c5:d4:1b:94:9c:7b:d4:d9:cb:2a:
e1:31:5b:25:ce:0c:72:94:4a:17:c8:9a:19:27:74:f0:64:2f:
ce:62:53:2f:ed:88:95:bc:3d:a1:b5:cc:45:fd:d4:05:5b:59:
26:20:04:2c:4c:8b:11:62:1f:8d:3c:7b:73:8b:b5:ed:4b:8f:
d9:2a:b0:6b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUDSwXV6mQyqIR+ntEEodaX3oN9kswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDQxMTM5ZWE2MjhkNDQ0MzNkYmZhODZjNjEyZGQ4OGY0NzMyMzYyNjYwNjRm
MDMwODQ3YmE5NGI4ZjI3OGQ3N2ExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALnac4KezBiUoWFJ0gH/rYeHxv73uoMTruA9xbXIiW0NROvZP4R0fo+6I+ya
2oPsRn6nJ5G9EbygWADdLAUmWojZDSNlHi5PBO4y6NZmg6Tj4pe+rKP7QMj0MZ+A
dAXkxlhxOsOiqhCSNQlFPoGVAj22bCIcRyNdvp7G2umQMEQybvfah0Dt83RPsVtW
Zfs3nncgo18u/zlXhEv64fiXZsvfiZxWYzV9FnjTF6iGVoq9cGgLSSJ23MF4DsMr
jbigxMDAL2EaW8QuBaZyq3YCyX4plj83uOyl7MPXwQfGK1X5zpQ0COrndj/mPVmQ
MSxgTLymiEZrgyONt7HSIHKUdOUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTkHyFx
x7Y2HadZ+qh5P2M6UMIL0jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTM1MGIzY2ItNmRlZi00MjgzLTkwZjMtMDUxZmFlZjdhNGUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMUMA0G
CSqGSIb3DQEBCwUAA4IBAQCggZiUJ3lHgTAilGfT6IIMRaLRDpnehGbPLKrYZad3
X0K/pbkIxTdbNS1Ctq53xjw5dcNz50hr0/WhttFNpxdVRjtrLMk6XfZWaC2p1aEm
pEw+ISf8/M7fUguPM0XsIHBmiU+dpFi/YTG1pDPGD9Wdw0xZOFlNH7Y91uiwgRgA
+wBX6i9p29ItHY6PxP4tOWhJopJvXKEONpXmovHqvyuIEOlNfYWuSyVFKFgXO6GF
860RAopmcr7iwTZj6sXUG5Sce9TZyyrhMVslzgxylEoXyJoZJ3TwZC/OYlMv7YiV
vD2htcxF/dQFW1kmIAQsTIsRYh+NPHtzi7XtS4/ZKrBr
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:47:31 2023 by rpki-client on console-fra.rpki-client.org