Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa
File: 179c664b-afae-4c21-9c97-2a2a3985d5b0.roa (raw, json)
Hash identifier: rOw2w/4H1kadK3mxfmQBfy8HZnPgfPwpiZ3pxFypQlA=
Subject key identifier: 11:9D:29:A4:EB:DF:7C:E9:91:A4:A6:FC:A1:49:1B:A9:2B:09:B8:85
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 440AC028F457598DD578B52E31E79F4D37FD6813
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.117.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:0a:c0:28:f4:57:59:8d:d5:78:b5:2e:31:e7:9f:4d:37:fd:68:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=265629cf1078957d83ae1932e1288e86631db139c51e83887bb6a7197034058a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:18:5e:74:0f:09:5a:5f:c9:eb:2a:f9:68:24:
62:1f:92:24:1f:46:9c:94:f1:2c:e4:c2:5a:1f:33:
64:56:85:d9:3c:a7:82:b8:ef:21:4f:00:01:4b:a7:
9a:3f:2e:02:3f:92:fa:c2:d5:64:07:a4:07:32:f6:
ef:26:ce:0f:57:f8:a4:27:3d:12:ae:9a:19:83:ac:
38:36:72:51:60:7f:fd:ae:e3:9e:2a:b4:09:91:66:
c2:56:87:18:24:2f:6c:b5:44:c5:00:98:c6:f4:d2:
4f:b1:42:28:32:17:22:99:78:b3:71:4d:20:d5:e5:
df:f6:b9:44:21:34:d0:0b:40:df:92:0e:b5:0f:57:
43:8e:6b:09:c8:70:21:b0:4b:ee:90:82:af:40:7d:
f6:7c:58:5e:57:0b:84:a0:c3:c9:d3:79:d5:7c:25:
73:ba:be:3a:25:f1:3d:07:03:6d:2b:48:6e:d8:94:
3e:8e:a4:f1:78:2e:66:35:b9:13:41:14:23:96:e5:
d3:b0:19:0e:00:43:38:b8:06:d8:6b:66:60:c7:11:
ee:08:1e:fb:ee:a9:0c:78:84:8e:7e:af:82:ff:3c:
5e:48:56:bc:38:85:b5:77:4f:30:73:37:c7:8a:7e:
2a:1b:52:c1:83:48:be:5f:ba:77:d9:d4:d7:2a:12:
a8:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:9D:29:A4:EB:DF:7C:E9:91:A4:A6:FC:A1:49:1B:A9:2B:09:B8:85
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.117.0.0/16
Signature Algorithm: sha256WithRSAEncryption
66:a8:53:96:57:f8:40:3b:9b:16:6e:bc:81:c5:4a:e6:06:10:
d3:3d:36:e7:46:72:2b:f9:cf:b0:1d:11:12:c4:4f:0d:1c:9e:
bf:ca:d9:54:b5:e3:3a:3b:94:1f:29:b4:86:b3:45:f1:91:b3:
2e:0d:dd:49:93:e7:51:95:fa:b5:98:35:15:09:ed:ba:7d:34:
5d:c0:d8:43:5e:9d:08:00:35:cc:63:83:31:f9:91:1b:aa:bb:
25:d6:f9:18:66:e6:44:57:ac:2c:59:37:09:3f:40:a2:53:6e:
32:cb:22:ad:86:85:19:ab:04:b6:78:ac:30:1b:78:79:7f:cb:
a3:ee:01:2c:d6:97:06:76:f1:2f:89:93:4f:dc:99:09:cb:8b:
47:5e:0f:99:e7:c8:f2:14:ed:d9:a3:f4:44:54:0d:4c:1e:a1:
95:bc:56:1a:17:dc:e0:9b:f9:82:a6:3c:cc:db:9c:f5:c5:c7:
69:7d:3a:f2:c9:f5:f0:c4:ff:6a:80:b1:88:c3:59:09:72:8b:
1e:57:be:0f:34:2a:55:07:9d:e8:3d:38:d8:a0:c3:9c:a5:c0:
c7:19:3b:70:8f:eb:3d:61:e9:4d:8b:c4:c6:d4:de:ec:28:64:
5e:31:59:13:62:65:7d:ff:99:fe:76:a7:67:44:66:c6:fe:c1:
a3:6a:4f:52
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIURArAKPRXWY3VeLUuMeefTTf9aBMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDI2NTYyOWNmMTA3ODk1N2Q4M2FlMTkzMmUxMjg4ZTg2NjMxZGIxMzljNTFl
ODM4ODdiYjZhNzE5NzAzNDA1OGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALkYXnQPCVpfyesq+WgkYh+SJB9GnJTxLOTCWh8zZFaF2TyngrjvIU8AAUun
mj8uAj+S+sLVZAekBzL27ybOD1f4pCc9Eq6aGYOsODZyUWB//a7jniq0CZFmwlaH
GCQvbLVExQCYxvTST7FCKDIXIpl4s3FNINXl3/a5RCE00AtA35IOtQ9XQ45rCchw
IbBL7pCCr0B99nxYXlcLhKDDydN51Xwlc7q+OiXxPQcDbStIbtiUPo6k8XguZjW5
E0EUI5bl07AZDgBDOLgG2GtmYMcR7gge++6pDHiEjn6vgv88XkhWvDiFtXdPMHM3
x4p+KhtSwYNIvl+6d9nU1yoSqGkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQRnSmk
69986ZGkpvyhSRupKwm4hTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTc5YzY2NGItYWZhZS00YzIxLTljOTctMmEyYTM5ODVkNWIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN1MA0G
CSqGSIb3DQEBCwUAA4IBAQBmqFOWV/hAO5sWbryBxUrmBhDTPTbnRnIr+c+wHRES
xE8NHJ6/ytlUteM6O5QfKbSGs0XxkbMuDd1Jk+dRlfq1mDUVCe26fTRdwNhDXp0I
ADXMY4Mx+ZEbqrsl1vkYZuZEV6wsWTcJP0CiU24yyyKthoUZqwS2eKwwG3h5f8uj
7gEs1pcGdvEviZNP3JkJy4tHXg+Z58jyFO3Zo/REVA1MHqGVvFYaF9zgm/mCpjzM
25z1xcdpfTryyfXwxP9qgLGIw1kJcoseV74PNCpVB53oPTjYoMOcpcDHGTtwj+s9
YelNi8TG1N7sKGReMVkTYmV9/5n+dqdnRGbG/sGjak9S
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:27 2023 by rpki-client on console-ams.rpki-client.org