Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1b39e9a7-4f3d-4cfc-975f-d9eaceed0ed2.roa
File: 1b39e9a7-4f3d-4cfc-975f-d9eaceed0ed2.roa (raw, json)
Hash identifier: FSHOtsYBx8dy00KXfyN8zt1uusFyYnT0EglKmuDe6S4=
Subject key identifier: 65:30:D6:93:EF:A7:4A:15:07:49:D1:87:66:4D:67:9A:18:8D:BB:A0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1FE8C49E4BD39FF6E27DB27B88D370270E165DC6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1b39e9a7-4f3d-4cfc-975f-d9eaceed0ed2.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.134.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:e8:c4:9e:4b:d3:9f:f6:e2:7d:b2:7b:88:d3:70:27:0e:16:5d:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=4bf6519553d4d260bb22195115cbf1e551ccb8c1b1cafdebb164d5f92a0a4d5b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b2:af:33:4c:f5:a1:31:3c:6e:9e:0e:f2:f2:
c0:3a:d7:a3:50:79:e6:ad:a9:a6:3b:84:5c:4c:2b:
56:b1:24:bc:2f:6a:a8:f8:55:fa:75:7c:6b:55:d6:
c6:01:5a:f8:c9:d4:bf:94:f2:30:ee:e6:c1:20:77:
16:2e:6e:e6:74:81:fa:b9:f6:d1:fb:a1:2f:d4:a3:
4a:26:3c:e2:89:75:da:53:e3:0f:7e:41:0c:5b:4d:
66:a4:2b:10:ce:25:a2:96:a9:67:ce:69:43:a5:ca:
3a:71:40:29:ad:e7:3d:5e:21:4b:08:31:2d:6b:8e:
7b:6f:6e:10:66:64:ef:ff:f7:01:a8:3c:10:df:2b:
dc:9e:81:4a:d1:52:86:7f:4b:c4:77:af:27:87:02:
60:53:e7:d5:d8:45:23:47:c1:e7:74:51:4a:d1:6f:
4a:f8:3c:fd:e9:4a:18:1d:50:94:bd:a4:0a:92:30:
2a:c2:e7:43:78:19:f8:a6:07:52:77:de:3c:c8:d2:
b5:46:6c:09:d0:07:68:68:4d:25:d4:66:7b:ba:50:
ee:70:5d:ab:99:5e:83:47:4c:12:21:42:ac:25:81:
00:ef:7f:ed:be:2c:b3:0c:68:4b:1b:51:25:21:84:
9f:1b:57:a4:4c:ed:ce:50:4c:44:64:63:cc:c6:66:
4d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:30:D6:93:EF:A7:4A:15:07:49:D1:87:66:4D:67:9A:18:8D:BB:A0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1b39e9a7-4f3d-4cfc-975f-d9eaceed0ed2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.134.0.0/16
Signature Algorithm: sha256WithRSAEncryption
26:68:5a:67:7c:2b:40:c9:61:0f:ff:aa:40:28:47:c6:b6:be:
4b:f0:1e:53:f4:00:9f:cc:03:48:09:2e:ac:be:ea:61:4a:d2:
f9:7d:fa:7c:10:ac:7d:6d:32:d4:10:e6:7c:47:37:a8:3c:6e:
f4:8e:b8:b9:3e:2a:a0:22:75:2a:bd:fe:42:e6:16:27:bc:28:
48:f1:8b:fc:07:42:61:3a:3c:5b:21:fe:49:e5:c6:e3:4e:a0:
12:64:a1:25:d8:f2:4d:a9:42:67:19:93:a8:6b:10:11:80:58:
63:11:ca:0c:37:d3:d6:a9:e6:37:26:6e:33:de:fc:32:1f:e7:
27:10:5c:8a:e9:2d:f2:0f:9f:f0:d4:ea:a8:b3:0d:db:04:78:
d8:f4:ee:00:4b:0a:39:bf:33:f1:01:9b:62:9d:a0:5d:32:79:
85:c0:d9:cb:22:a6:da:51:cf:e6:14:b8:c7:78:97:15:85:c6:
76:01:d5:16:e2:a9:a7:82:05:3e:d9:74:f1:61:22:8b:1e:76:
3f:59:8a:98:cf:43:85:b0:22:7f:19:24:49:af:7b:1b:08:4e:
ac:ed:1f:2a:b5:6d:d1:99:a0:eb:26:64:f8:f9:91:5d:ea:14:
36:28:3f:0b:97:e1:e8:b4:e5:a9:aa:b4:8d:e0:25:2a:af:04:
44:0d:84:00
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUH+jEnkvTn/bifbJ7iNNwJw4WXcYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiZjY1MTk1NTNkNGQyNjBiYjIyMTk1MTE1Y2JmMWU1NTFjY2I4YzFiMWNh
ZmRlYmIxNjRkNWY5MmEwYTRkNWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMqyrzNM9aExPG6eDvLywDrXo1B55q2ppjuEXEwrVrEkvC9qqPhV+nV8a1XW
xgFa+MnUv5TyMO7mwSB3Fi5u5nSB+rn20fuhL9SjSiY84ol12lPjD35BDFtNZqQr
EM4lopapZ85pQ6XKOnFAKa3nPV4hSwgxLWuOe29uEGZk7//3Aag8EN8r3J6BStFS
hn9LxHevJ4cCYFPn1dhFI0fB53RRStFvSvg8/elKGB1QlL2kCpIwKsLnQ3gZ+KYH
UnfePMjStUZsCdAHaGhNJdRme7pQ7nBdq5leg0dMEiFCrCWBAO9/7b4sswxoSxtR
JSGEnxtXpEztzlBMRGRjzMZmTcMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRlMNaT
76dKFQdJ0YdmTWeaGI27oDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWIzOWU5YTctNGYzZC00Y2ZjLTk3NWYtZDllYWNlZWQwZWQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOGMA0G
CSqGSIb3DQEBCwUAA4IBAQAmaFpnfCtAyWEP/6pAKEfGtr5L8B5T9ACfzANICS6s
vuphStL5ffp8EKx9bTLUEOZ8RzeoPG70jri5PiqgInUqvf5C5hYnvChI8Yv8B0Jh
OjxbIf5J5cbjTqASZKEl2PJNqUJnGZOoaxARgFhjEcoMN9PWqeY3Jm4z3vwyH+cn
EFyK6S3yD5/w1Oqosw3bBHjY9O4ASwo5vzPxAZtinaBdMnmFwNnLIqbaUc/mFLjH
eJcVhcZ2AdUW4qmnggU+2XTxYSKLHnY/WYqYz0OFsCJ/GSRJr3sbCE6s7R8qtW3R
maDrJmT4+ZFd6hQ2KD8Ll+HotOWpqrSN4CUqrwREDYQA
-----END CERTIFICATE-----
Generated at Fri Sep 8 16:38:26 2023 by rpki-client on console-fra.rpki-client.org