Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
File: 1fa61929-412c-4540-85ff-6ae53d3a9f99.roa (raw, json)
Hash identifier: pPgtWJcGu38aNVeljHF1kAjL74PBFoFs87pbBxF4h3k=
Subject key identifier: 2E:09:ED:0F:DB:6A:43:A5:82:13:8B:09:9D:BD:64:E4:F4:8F:F1:B9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4250C36B254CFDE2AF3BAB9C4DB8A3945FBCBC88
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.212.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:50:c3:6b:25:4c:fd:e2:af:3b:ab:9c:4d:b8:a3:94:5f:bc:bc:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=4f8fd63c05d55d7bc44f1b24d6ed4f4ee1e7c5b2bf95825d49840831e80b7ba3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:bf:0c:50:0e:2a:64:30:0a:f0:03:07:7f:dd:
c0:3b:a3:1e:09:7c:59:4d:ef:e2:14:47:33:94:62:
84:66:fc:0e:9a:ac:eb:c4:b0:8e:ce:42:d7:d9:44:
1e:01:93:f9:be:c9:6f:9a:65:c6:a2:cc:74:62:85:
7f:7e:f5:86:8c:c3:b9:9a:b6:74:33:00:a1:94:d8:
d6:ef:77:3e:a0:db:fe:39:88:f3:96:00:09:7f:6f:
7c:6d:9d:05:2f:21:89:98:86:a4:14:83:81:d1:c2:
c6:0e:89:43:54:56:3f:d9:31:a1:5b:cb:c6:c6:dc:
9e:29:78:cc:b1:8a:5d:fd:2c:0f:91:d3:ac:b5:c3:
88:cf:d6:be:a5:4b:23:83:11:70:d8:c0:40:b8:f0:
aa:9b:ce:7e:b2:06:07:0d:58:23:39:8c:92:be:a0:
26:f8:0e:94:cc:e2:d4:31:eb:6d:ad:eb:54:91:5b:
37:d8:48:98:f8:c2:19:8a:24:f8:35:2b:c4:b9:da:
09:63:d9:1c:04:81:6c:83:cf:28:60:a1:1c:e3:d6:
69:bd:27:6c:98:95:10:1a:1d:57:1b:55:05:13:45:
9a:f3:66:a3:2d:a4:82:93:5c:90:1a:34:44:cd:94:
8a:32:8e:63:ab:d3:fe:1a:b3:da:80:1d:c2:52:05:
02:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:09:ED:0F:DB:6A:43:A5:82:13:8B:09:9D:BD:64:E4:F4:8F:F1:B9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.212.0.0/15
Signature Algorithm: sha256WithRSAEncryption
6b:e8:49:40:ab:d6:4e:94:8d:36:51:99:68:74:47:40:3a:e5:
52:94:25:fa:4b:7b:13:f6:be:9f:27:d8:ad:c5:96:36:d1:72:
19:e8:8f:e7:c9:b5:21:e7:fe:98:8e:1b:1d:8d:0e:73:4f:57:
f4:73:cb:03:5d:23:ae:a4:4e:e6:e5:4e:72:f1:58:2e:be:f1:
b7:9e:2f:e5:67:56:c9:3d:d6:57:b5:41:d2:34:bf:99:07:d8:
92:b2:6f:37:28:f7:19:a1:aa:fd:97:b1:71:24:20:58:25:ce:
f8:b0:5f:e0:f5:35:ce:24:0d:56:29:dd:83:54:79:a3:ba:68:
e5:92:2c:d0:d5:d1:4c:65:ff:c5:77:b0:6e:25:7a:ab:d2:04:
05:cb:63:cc:bf:25:cc:05:fe:f3:b9:25:f0:e0:e9:5a:93:da:
a6:6f:e3:6d:a8:7a:1d:84:3b:0f:2a:11:57:17:7f:f1:19:b9:
8a:7d:45:15:51:bb:62:8a:86:e6:31:db:cb:58:e1:16:3c:73:
d8:20:74:e1:ca:84:cf:75:c4:16:76:3f:2c:f2:86:39:35:39:
c0:f3:8e:f0:35:88:39:38:75:dd:7f:2c:0e:de:3b:9b:04:d6:
77:42:ee:b5:73:4a:e1:e6:5e:2f:7e:90:c3:c7:09:d5:9b:0e:
6d:cd:4b:f5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQlDDayVM/eKvO6ucTbijlF+8vIgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDRmOGZkNjNjMDVkNTVkN2JjNDRmMWIyNGQ2ZWQ0ZjRlZTFlN2M1YjJiZjk1
ODI1ZDQ5ODQwODMxZTgwYjdiYTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMm/DFAOKmQwCvADB3/dwDujHgl8WU3v4hRHM5RihGb8Dpqs68Swjs5C19lE
HgGT+b7Jb5plxqLMdGKFf371hozDuZq2dDMAoZTY1u93PqDb/jmI85YACX9vfG2d
BS8hiZiGpBSDgdHCxg6JQ1RWP9kxoVvLxsbcnil4zLGKXf0sD5HTrLXDiM/WvqVL
I4MRcNjAQLjwqpvOfrIGBw1YIzmMkr6gJvgOlMzi1DHrba3rVJFbN9hImPjCGYok
+DUrxLnaCWPZHASBbIPPKGChHOPWab0nbJiVEBodVxtVBRNFmvNmoy2kgpNckBo0
RM2UijKOY6vT/hqz2oAdwlIFAlECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQuCe0P
22pDpYITiwmdvWTk9I/xuTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWZhNjE5MjktNDEyYy00NTQwLTg1ZmYtNmFlNTNkM2E5Zjk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPUMA0G
CSqGSIb3DQEBCwUAA4IBAQBr6ElAq9ZOlI02UZlodEdAOuVSlCX6S3sT9r6fJ9it
xZY20XIZ6I/nybUh5/6YjhsdjQ5zT1f0c8sDXSOupE7m5U5y8VguvvG3ni/lZ1bJ
PdZXtUHSNL+ZB9iSsm83KPcZoar9l7FxJCBYJc74sF/g9TXOJA1WKd2DVHmjumjl
kizQ1dFMZf/Fd7BuJXqr0gQFy2PMvyXMBf7zuSXw4Olak9qmb+NtqHodhDsPKhFX
F3/xGbmKfUUVUbtiiobmMdvLWOEWPHPYIHThyoTPdcQWdj8s8oY5NTnA847wNYg5
OHXdfywO3jubBNZ3Qu61c0rh5l4vfpDDxwnVmw5tzUv1
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:19:12 2023 by rpki-client on console-fra.rpki-client.org