Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
File: 18d9a632-05fe-446e-aca9-1adb271dcda8.roa (raw, json)
Hash identifier: hzEG/E7QAYdUP9jDbNXRXCBWPfjkJTpdck6DH8b+Sqc=
Subject key identifier: 70:85:90:78:A6:6A:96:A0:08:ED:75:0C:F0:5C:E3:10:D8:EA:C6:79
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2F73FDB7D68755FDAB0D8E5A1045A9C24710933C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.196.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:73:fd:b7:d6:87:55:fd:ab:0d:8e:5a:10:45:a9:c2:47:10:93:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=bc0a70584433afc49fb758b5895504fb21360b33fa91f3ca04eee7cb8b9a5524, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:1c:d9:ff:88:6d:10:42:1f:76:11:20:d5:a3:
5f:78:66:f5:1a:e6:6d:e9:3e:a0:3e:ba:1b:f4:30:
d7:b4:90:0e:df:70:45:e4:e8:b2:bf:eb:8a:8c:56:
f4:00:03:67:bc:19:ec:40:c8:97:b7:8a:81:b3:79:
20:a7:c8:02:fe:35:07:ba:1f:2c:e6:a7:4d:4a:5f:
63:af:d1:3e:81:88:62:07:fc:1b:d7:9d:20:26:eb:
96:49:c4:35:ba:3c:71:81:61:ee:3c:57:36:5b:6b:
a9:1e:24:45:db:ae:43:64:34:83:07:50:9f:6c:7b:
67:71:36:44:87:50:e2:df:51:6e:34:43:f4:47:c3:
57:3d:69:76:52:c6:98:84:21:6e:38:c1:aa:b8:02:
b0:d9:7b:51:5b:13:4f:c9:b6:ef:28:39:e2:d3:37:
0f:1e:ca:53:a7:9f:c2:4a:2d:b9:3b:85:03:4f:82:
8a:d0:f2:47:42:8c:2f:44:f8:86:d0:20:38:eb:6b:
66:af:53:2a:42:80:b4:7f:51:87:b4:1a:e1:02:a8:
1d:86:d1:43:4d:a5:03:31:4b:72:d5:e7:b2:bb:68:
11:55:52:fb:37:f8:87:8d:ae:94:82:12:2a:66:25:
08:f7:4b:4d:ff:8c:cc:c3:cc:48:fe:ff:e5:e1:76:
92:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:85:90:78:A6:6A:96:A0:08:ED:75:0C:F0:5C:E3:10:D8:EA:C6:79
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.196.0.0/15
Signature Algorithm: sha256WithRSAEncryption
33:9c:a4:cc:65:1f:d0:b8:94:b1:65:aa:cb:a9:5f:13:3d:92:
e0:5f:00:5d:94:d6:94:a5:5a:d9:99:dc:85:77:99:db:31:34:
6e:f7:9a:8c:1a:e7:6b:56:11:c7:9c:bb:ee:15:e7:8e:91:4c:
13:92:84:ca:9d:88:3b:63:a4:db:1d:db:9a:30:41:64:b3:01:
f1:4c:e3:66:7b:6d:fc:00:13:8a:d3:ca:ea:22:d1:4e:21:da:
36:3a:fc:9d:a6:75:fc:7a:0a:98:94:a9:e5:df:9f:55:66:73:
3d:c0:57:62:c0:1f:b3:b6:a8:39:5f:e2:2f:b3:79:14:db:e5:
90:4c:d1:38:ca:05:30:97:87:a2:72:c2:37:d4:52:ec:b1:7f:
b0:e8:c8:e8:30:3b:82:4f:35:56:c1:1c:cd:3f:e8:c7:0b:30:
4b:f3:4b:f7:3f:46:d3:26:50:24:8b:58:30:6a:7a:77:0e:72:
56:d4:43:1f:d0:59:ef:76:3e:dc:8f:13:94:31:b2:9c:0e:1c:
75:dc:12:1e:43:00:97:54:16:f5:a1:14:54:55:5f:03:62:47:
83:f7:f5:29:51:6b:12:fa:e1:46:22:df:86:b3:88:61:cf:f1:
5f:13:d6:c7:bf:4f:60:ca:31:29:77:ea:d1:c4:2a:0b:6e:9f:
9f:2a:73:73
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUL3P9t9aHVf2rDY5aEEWpwkcQkzwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGJjMGE3MDU4NDQzM2FmYzQ5ZmI3NThiNTg5NTUwNGZiMjEzNjBiMzNmYTkx
ZjNjYTA0ZWVlN2NiOGI5YTU1MjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIwc2f+IbRBCH3YRINWjX3hm9Rrmbek+oD66G/Qw17SQDt9wReTosr/rioxW
9AADZ7wZ7EDIl7eKgbN5IKfIAv41B7ofLOanTUpfY6/RPoGIYgf8G9edICbrlknE
Nbo8cYFh7jxXNltrqR4kRduuQ2Q0gwdQn2x7Z3E2RIdQ4t9RbjRD9EfDVz1pdlLG
mIQhbjjBqrgCsNl7UVsTT8m27yg54tM3Dx7KU6efwkotuTuFA0+CitDyR0KML0T4
htAgOOtrZq9TKkKAtH9Rh7Qa4QKoHYbRQ02lAzFLctXnsrtoEVVS+zf4h42ulIIS
KmYlCPdLTf+MzMPMSP7/5eF2kkkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRwhZB4
pmqWoAjtdQzwXOMQ2OrGeTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MThkOWE2MzItMDVmZS00NDZlLWFjYTktMWFkYjI3MWRjZGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPEMA0G
CSqGSIb3DQEBCwUAA4IBAQAznKTMZR/QuJSxZarLqV8TPZLgXwBdlNaUpVrZmdyF
d5nbMTRu95qMGudrVhHHnLvuFeeOkUwTkoTKnYg7Y6TbHduaMEFkswHxTONme238
ABOK08rqItFOIdo2OvydpnX8egqYlKnl359VZnM9wFdiwB+ztqg5X+Ivs3kU2+WQ
TNE4ygUwl4eicsI31FLssX+w6MjoMDuCTzVWwRzNP+jHCzBL80v3P0bTJlAki1gw
anp3DnJW1EMf0Fnvdj7cjxOUMbKcDhx13BIeQwCXVBb1oRRUVV8DYkeD9/UpUWsS
+uFGIt+Gs4hhz/FfE9bHv09gyjEpd+rRxCoLbp+fKnNz
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:27 2023 by rpki-client on console-ams.rpki-client.org