Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1daf6597-c039-470d-a015-f42507e1afef.roa
File: 1daf6597-c039-470d-a015-f42507e1afef.roa (raw, json)
Hash identifier: +vRnKxFBGUS0Urj/WCcOu/BOuFSNt+ToXEBHfxynSBk=
Subject key identifier: FD:7C:21:28:B6:1C:26:7F:D8:79:01:46:92:65:39:2C:66:D0:C3:08
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 05B234AC1AA034EC10D029C87DE2D3281A2F6CC7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1daf6597-c039-470d-a015-f42507e1afef.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.172.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:b2:34:ac:1a:a0:34:ec:10:d0:29:c8:7d:e2:d3:28:1a:2f:6c:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=0c89612447e5fec4197458949bf9695c02610aff522094245f5f6381e3f5361d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f4:44:72:34:f5:7a:36:74:32:cb:28:a8:48:
4e:7f:35:1c:dc:c1:02:1b:f1:9f:fd:d5:d2:9d:e0:
32:28:aa:de:e1:3c:39:b5:2d:06:ac:6b:42:e2:b0:
48:db:49:39:d8:45:eb:56:b6:3b:92:9a:d5:f8:34:
bb:73:67:1e:e2:20:cf:c5:cf:8f:8b:13:94:e7:0d:
d9:44:0b:71:b1:85:c5:07:ab:db:78:95:e2:c8:24:
f3:ba:31:64:c2:77:96:1e:9d:e1:0e:6c:ba:fd:ca:
fd:4c:39:2a:cc:42:0c:80:2c:c3:cf:f1:11:29:07:
f2:53:cb:9b:a0:78:1e:b8:dc:74:64:29:84:86:33:
40:2e:9a:2f:ba:07:21:26:36:2f:1f:d3:06:cf:21:
ff:fc:d0:0a:c1:1e:0b:3d:07:4d:7c:45:3b:ea:f4:
87:9a:a4:a6:7f:11:94:60:66:20:09:b8:30:dc:f0:
0f:88:61:9a:e1:b7:a8:8f:ac:f3:d5:9b:ed:79:5a:
d2:63:ef:bc:ab:68:41:cc:28:c9:02:ee:24:8d:3e:
f4:f2:54:9c:4e:c2:d6:62:f0:03:83:6e:3f:df:2b:
01:19:46:3b:f7:cc:73:3e:f1:14:46:bb:f0:cc:50:
97:43:c0:31:d0:d3:48:45:54:d3:a3:39:d7:0c:02:
ec:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:7C:21:28:B6:1C:26:7F:D8:79:01:46:92:65:39:2C:66:D0:C3:08
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1daf6597-c039-470d-a015-f42507e1afef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.172.0.0/15
Signature Algorithm: sha256WithRSAEncryption
1d:28:a1:55:27:76:2e:9e:a1:2d:1f:27:f9:88:f3:36:78:25:
74:5b:2a:e4:29:c0:46:53:f0:e6:fd:25:6f:60:f0:b5:43:35:
16:ba:98:fd:5c:1a:d1:d8:88:9b:db:dc:8c:33:20:18:75:94:
05:fe:a1:2f:db:22:ec:fc:af:d6:91:d4:d9:33:83:3b:46:c2:
69:15:c3:1a:f5:44:dd:a0:5e:52:68:ed:50:56:6b:73:75:ae:
af:6f:06:78:b4:dc:ac:f5:3c:2d:a7:01:1b:77:f4:4b:56:f7:
65:11:92:d0:28:df:25:0f:47:9f:b1:4c:12:79:f1:a6:50:1a:
cb:2c:81:8e:21:2e:60:c4:5e:15:87:8a:85:41:a3:68:00:c0:
df:0a:e5:33:e5:34:f3:ca:8b:d3:ec:fd:13:89:fc:bd:21:60:
ea:4b:9e:8b:b6:9c:8c:14:5f:7d:9d:3c:aa:e6:23:54:10:33:
34:9d:b6:58:b2:2d:c6:db:af:0a:22:0d:02:ef:13:be:9f:3f:
c3:93:a3:8a:21:4c:f2:de:96:7f:2a:1c:d1:a6:22:37:61:ed:
34:39:b4:a7:dc:a8:ec:dc:59:76:ef:7d:81:37:5e:10:03:92:
83:0d:9c:18:5d:53:db:d2:36:bf:67:9f:2d:34:fd:8b:19:d1:
89:bb:b6:78
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBbI0rBqgNOwQ0CnIfeLTKBovbMcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjODk2MTI0NDdlNWZlYzQxOTc0NTg5NDliZjk2OTVjMDI2MTBhZmY1MjIw
OTQyNDVmNWY2MzgxZTNmNTM2MWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI/0RHI09Xo2dDLLKKhITn81HNzBAhvxn/3V0p3gMiiq3uE8ObUtBqxrQuKw
SNtJOdhF61a2O5Ka1fg0u3NnHuIgz8XPj4sTlOcN2UQLcbGFxQer23iV4sgk87ox
ZMJ3lh6d4Q5suv3K/Uw5KsxCDIAsw8/xESkH8lPLm6B4HrjcdGQphIYzQC6aL7oH
ISY2Lx/TBs8h//zQCsEeCz0HTXxFO+r0h5qkpn8RlGBmIAm4MNzwD4hhmuG3qI+s
89Wb7Xla0mPvvKtoQcwoyQLuJI0+9PJUnE7C1mLwA4NuP98rARlGO/fMcz7xFEa7
8MxQl0PAMdDTSEVU06M51wwC7NsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT9fCEo
thwmf9h5AUaSZTksZtDDCDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWRhZjY1OTctYzAzOS00NzBkLWEwMTUtZjQyNTA3ZTFhZmVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOsMA0G
CSqGSIb3DQEBCwUAA4IBAQAdKKFVJ3YunqEtHyf5iPM2eCV0WyrkKcBGU/Dm/SVv
YPC1QzUWupj9XBrR2Iib29yMMyAYdZQF/qEv2yLs/K/WkdTZM4M7RsJpFcMa9UTd
oF5SaO1QVmtzda6vbwZ4tNys9TwtpwEbd/RLVvdlEZLQKN8lD0efsUwSefGmUBrL
LIGOIS5gxF4Vh4qFQaNoAMDfCuUz5TTzyovT7P0Tify9IWDqS56LtpyMFF99nTyq
5iNUEDM0nbZYsi3G268KIg0C7xO+nz/Dk6OKIUzy3pZ/KhzRpiI3Ye00ObSn3Kjs
3Fl2732BN14QA5KDDZwYXVPb0ja/Z58tNP2LGdGJu7Z4
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:27 2023 by rpki-client on console-ams.rpki-client.org