Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa
File: 21ed4032-a4d1-486a-97f8-a4eed91bb627.roa (raw, json)
Hash identifier: pN5RjmfEkStcB+GwGd1WmRqVPBysi46/KtG/6V+m9BE=
Subject key identifier: 15:EE:2E:17:AB:5D:B6:A6:18:C3:FE:AD:6F:D7:ED:E2:DD:C1:A8:C0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 38DC5DCC6A17D9413CB437B333B51661BFFB7AD7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 194.52.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:dc:5d:cc:6a:17:d9:41:3c:b4:37:b3:33:b5:16:61:bf:fb:7a:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=ad30e3e5106f3c645ea07e50b06085d2f482959b6acabed829c3e8fd8f07f2c8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:dd:00:7f:10:32:37:ab:6b:bc:3e:52:78:6f:
2e:1e:e3:ca:d4:02:7d:0f:14:26:7b:71:7b:1b:e0:
55:eb:c0:b4:dc:2e:be:42:d5:8b:a7:cf:ec:38:97:
4f:10:9d:68:1f:54:dc:c6:c8:d2:59:a3:cb:3e:15:
14:78:1a:f7:a5:ef:42:ab:6e:b9:da:1d:92:5d:0d:
ee:8f:7e:ce:d7:55:f3:de:6a:9c:40:48:c7:83:36:
ae:5c:d1:b9:af:58:e1:03:08:4b:8e:8a:8d:1a:c1:
cc:8b:bd:45:4c:a7:4e:5e:fc:da:60:8a:21:c7:b1:
08:25:cc:f8:78:7f:9e:aa:2e:72:d7:ca:b4:7a:20:
ba:95:79:0a:e4:be:c0:b7:b1:7e:7e:ce:02:5c:98:
2f:3c:23:a2:e4:dd:82:4e:5e:a9:45:8f:2a:43:05:
04:d1:50:f8:62:ea:00:10:34:e8:cf:60:d3:4d:42:
d0:b4:f2:af:19:e5:36:30:b6:10:41:13:fb:6d:b7:
ae:db:6c:40:98:d1:43:30:41:b5:9d:de:00:74:6a:
10:12:1c:21:6f:2a:20:1c:16:7b:bd:25:cf:ef:0e:
1a:32:de:f8:df:6a:19:ef:ff:a4:c3:fb:4c:ed:c5:
d3:25:85:42:92:96:43:b5:ef:34:59:4a:b1:cf:ce:
85:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:EE:2E:17:AB:5D:B6:A6:18:C3:FE:AD:6F:D7:ED:E2:DD:C1:A8:C0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.52.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2d:eb:40:56:d5:82:36:d3:1c:a3:0b:89:e9:f5:06:0c:1f:59:
f6:3c:11:6e:d1:23:5f:7b:49:1f:2c:3a:2e:a1:4c:4f:bf:38:
c6:4a:ca:6c:e3:dc:49:b3:9c:da:bd:24:a9:58:e8:60:16:e6:
e6:c5:fb:37:43:c8:68:dc:bd:ae:8b:7a:4e:a4:96:4b:16:7f:
87:30:51:10:4c:63:29:ac:ce:27:5e:8f:82:da:e5:56:c2:57:
19:92:cb:b4:d4:98:b6:a6:aa:85:24:f0:ea:2a:79:c5:77:22:
b1:46:b5:ea:c8:47:28:1a:bc:b7:a7:32:5a:86:d2:9d:d2:19:
78:3f:85:3a:86:46:a8:d4:b8:7f:f8:fe:f8:8d:f3:7f:1d:04:
37:16:5f:32:6d:ae:b2:09:5d:e9:bc:28:70:9b:67:a6:da:49:
5d:ef:fa:76:50:fa:d3:f3:cd:c3:4a:fc:52:6b:82:37:8c:36:
d4:78:64:81:e6:4a:56:89:e1:c5:3b:5e:17:0d:26:6c:cd:2a:
2c:6c:43:bd:f4:d6:5c:31:d0:fd:76:6d:2e:85:6e:08:e8:42:
a5:cb:a1:e5:83:75:7a:89:67:cc:22:a1:1f:8f:1a:1f:bc:91:
de:09:ad:6c:6e:d0:36:14:c4:9c:1f:4c:e0:0d:da:9c:b2:30:
1d:73:7d:85
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUONxdzGoX2UE8tDezM7UWYb/7etcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGFkMzBlM2U1MTA2ZjNjNjQ1ZWEwN2U1MGIwNjA4NWQyZjQ4Mjk1OWI2YWNh
YmVkODI5YzNlOGZkOGYwN2YyYzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM/dAH8QMjera7w+UnhvLh7jytQCfQ8UJntxexvgVevAtNwuvkLVi6fP7DiX
TxCdaB9U3MbI0lmjyz4VFHga96XvQqtuudodkl0N7o9+ztdV895qnEBIx4M2rlzR
ua9Y4QMIS46KjRrBzIu9RUynTl782mCKIcexCCXM+Hh/nqouctfKtHogupV5CuS+
wLexfn7OAlyYLzwjouTdgk5eqUWPKkMFBNFQ+GLqABA06M9g001C0LTyrxnlNjC2
EEET+223rttsQJjRQzBBtZ3eAHRqEBIcIW8qIBwWe70lz+8OGjLe+N9qGe//pMP7
TO3F0yWFQpKWQ7XvNFlKsc/OhQUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQV7i4X
q122phjD/q1v1+3i3cGowDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjFlZDQwMzItYTRkMS00ODZhLTk3ZjgtYTRlZWQ5MWJiNjI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMI0MA0G
CSqGSIb3DQEBCwUAA4IBAQAt60BW1YI20xyjC4np9QYMH1n2PBFu0SNfe0kfLDou
oUxPvzjGSsps49xJs5zavSSpWOhgFubmxfs3Q8ho3L2ui3pOpJZLFn+HMFEQTGMp
rM4nXo+C2uVWwlcZksu01Ji2pqqFJPDqKnnFdyKxRrXqyEcoGry3pzJahtKd0hl4
P4U6hkao1Lh/+P74jfN/HQQ3Fl8yba6yCV3pvChwm2em2kld7/p2UPrT883DSvxS
a4I3jDbUeGSB5kpWieHFO14XDSZszSosbEO99NZcMdD9dm0uhW4I6EKly6Hlg3V6
iWfMIqEfjxofvJHeCa1sbtA2FMScH0zgDdqcsjAdc32F
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:27 2023 by rpki-client on console-ams.rpki-client.org