Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/156cb8b7-b25d-44ed-8f7a-44e741154b2e.roa
File: 156cb8b7-b25d-44ed-8f7a-44e741154b2e.roa (raw, json)
Hash identifier: 0tjk0dsHbpVT2wXtdwQ9FFo88twGmBD/0NvF8nsNu9k=
Subject key identifier: C9:A1:6E:A6:BA:8F:62:64:86:D6:0C:25:51:E8:85:99:DB:4A:38:0D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 51C93845B8818FC9477FF9ABCA96A1C398537111
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/156cb8b7-b25d-44ed-8f7a-44e741154b2e.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.44.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Sep 2023 23:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:c9:38:45:b8:81:8f:c9:47:7f:f9:ab:ca:96:a1:c3:98:53:71:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=08e6e7254d1a5e94570e1b79308ff7da09b8a35a28ed8442b3b75e29eeddf686, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b4:42:28:1c:0a:24:c2:90:82:81:96:3f:a6:
16:9b:0e:f5:97:d9:24:a6:7f:6a:b7:05:33:ec:5a:
91:cf:e8:9d:e0:5e:86:8d:f6:e8:04:0e:bc:1d:09:
0a:35:4f:d7:f0:be:a2:3e:df:13:6d:40:c4:a0:be:
9d:20:02:39:9a:60:6c:97:d2:ec:68:53:64:26:a4:
e2:4c:82:ef:7b:88:be:53:f8:83:39:a3:60:e3:8d:
bd:57:12:58:86:18:45:c4:93:8f:85:1e:80:16:1a:
ab:2b:c6:f9:68:8d:71:32:7f:bb:f2:f0:5e:0f:75:
4f:65:9a:50:b3:d5:c6:86:54:a7:d1:cb:a3:09:fa:
74:4d:71:cb:06:4a:61:48:c9:a1:34:0b:f3:16:9f:
8d:24:77:89:2c:f5:48:04:14:6d:7a:25:16:48:8f:
e6:97:21:15:f0:4a:ef:fc:b2:d2:04:80:7c:91:c5:
3a:7a:87:4d:9d:de:d5:8b:75:66:74:ce:df:90:a5:
77:26:eb:a5:4a:43:53:8c:33:b7:f2:0f:95:23:0e:
0b:ae:01:73:0d:07:b7:ff:be:38:8b:90:bc:66:80:
51:f1:17:ba:bb:f1:b3:59:d3:87:f1:de:4a:1a:a4:
5a:01:f3:7e:18:37:5e:39:ae:b8:78:ae:cd:a2:d4:
ac:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:A1:6E:A6:BA:8F:62:64:86:D6:0C:25:51:E8:85:99:DB:4A:38:0D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/156cb8b7-b25d-44ed-8f7a-44e741154b2e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.44.0.0/14
Signature Algorithm: sha256WithRSAEncryption
56:0d:ac:91:98:ed:84:f4:de:a4:b9:22:36:89:21:6f:9f:4d:
c6:7f:72:7b:42:ce:cf:63:0a:4d:e1:b6:c7:f4:fa:34:39:54:
d4:48:5f:22:fe:d4:23:58:87:e6:10:38:a9:a2:91:94:db:6a:
07:e5:7a:9c:55:25:e5:12:ed:62:81:87:86:4d:8b:33:74:e3:
84:e2:35:b4:dc:f3:83:0c:6b:82:33:e5:ad:20:9d:87:55:71:
95:87:f0:19:ab:03:82:f0:10:66:30:29:63:1f:95:4a:a6:8d:
5f:0e:cc:5a:02:a2:53:e5:b6:09:96:8c:aa:ea:23:05:7d:e3:
fd:11:f6:b4:9f:96:ce:50:99:b3:cc:cd:be:79:b9:66:3d:78:
f3:19:92:66:de:f5:66:1f:f4:74:bf:09:1c:64:34:a2:07:a8:
56:58:1e:aa:1d:fc:1e:1d:e7:79:90:94:97:dd:20:a9:ca:5a:
49:a7:3a:46:5d:6d:54:50:88:af:1d:76:8a:b3:10:8e:f9:c0:
c2:62:12:3f:2b:ae:95:21:3e:76:fc:19:5f:0f:88:1d:ea:07:
5b:13:13:9a:d8:d7:fc:8a:25:5d:54:ae:4f:b3:b4:7f:19:14:
9d:2a:fd:18:e5:63:dd:d6:94:bf:ff:d6:70:39:26:e6:7c:90:
88:20:83:7c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUck4RbiBj8lHf/mrypahw5hTcREwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDA4ZTZlNzI1NGQxYTVlOTQ1NzBlMWI3OTMwOGZmN2RhMDliOGEzNWEyOGVk
ODQ0MmIzYjc1ZTI5ZWVkZGY2ODYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALO0QigcCiTCkIKBlj+mFpsO9ZfZJKZ/arcFM+xakc/oneBeho326AQOvB0J
CjVP1/C+oj7fE21AxKC+nSACOZpgbJfS7GhTZCak4kyC73uIvlP4gzmjYOONvVcS
WIYYRcSTj4UegBYaqyvG+WiNcTJ/u/LwXg91T2WaULPVxoZUp9HLown6dE1xywZK
YUjJoTQL8xafjSR3iSz1SAQUbXolFkiP5pchFfBK7/yy0gSAfJHFOnqHTZ3e1Yt1
ZnTO35CldybrpUpDU4wzt/IPlSMOC64Bcw0Ht/++OIuQvGaAUfEXurvxs1nTh/He
ShqkWgHzfhg3XjmuuHiuzaLUrOkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTJoW6m
uo9iZIbWDCVR6IWZ20o4DTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTU2Y2I4YjctYjI1ZC00NGVkLThmN2EtNDRlNzQxMTU0YjJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMsMA0G
CSqGSIb3DQEBCwUAA4IBAQBWDayRmO2E9N6kuSI2iSFvn03Gf3J7Qs7PYwpN4bbH
9Po0OVTUSF8i/tQjWIfmEDipopGU22oH5XqcVSXlEu1igYeGTYszdOOE4jW03POD
DGuCM+WtIJ2HVXGVh/AZqwOC8BBmMCljH5VKpo1fDsxaAqJT5bYJloyq6iMFfeP9
Efa0n5bOUJmzzM2+eblmPXjzGZJm3vVmH/R0vwkcZDSiB6hWWB6qHfweHed5kJSX
3SCpylpJpzpGXW1UUIivHXaKsxCO+cDCYhI/K66VIT52/BlfD4gd6gdbExOa2Nf8
iiVdVK5Ps7R/GRSdKv0Y5WPd1pS//9ZwOSbmfJCIIIN8
-----END CERTIFICATE-----
Generated at Fri Sep 8 00:38:22 2023 by rpki-client on console-ams.rpki-client.org