Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
File: 2d24b638-b951-4333-ac88-4886c7af230f.roa (raw, json)
Hash identifier: NTIqLieLbmL2oSnsTFVhypkhbDcTNCe7KxJH64ngA6g=
Subject key identifier: 4C:3F:41:91:B6:05:81:00:30:D2:0C:CA:60:A5:86:F3:85:11:0B:48
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 58A385F1ABFA8FF5B51E4F07B9E8F0EF3EBE4593
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.82.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:a3:85:f1:ab:fa:8f:f5:b5:1e:4f:07:b9:e8:f0:ef:3e:be:45:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=ac59a14bb9a95820f2ee62476c74d462c25875aa0902cd0506224900774fc804, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:0c:76:e2:d7:39:5a:84:71:a5:41:e7:fc:c2:
5b:8e:db:0b:95:90:4c:b1:b0:5f:c2:73:49:e8:3a:
68:af:80:68:c8:b5:25:7c:7f:dd:97:2e:9f:fb:50:
f0:cf:ee:b4:4f:68:a6:e5:1b:43:48:57:4b:29:dc:
60:9b:61:02:a1:3b:61:7e:93:19:5c:71:6f:4e:aa:
b6:32:4b:72:96:18:13:4c:37:c2:fb:49:0d:24:8c:
23:e7:c7:b7:a1:56:4d:cc:8f:c1:5b:42:06:a2:1c:
4b:6f:65:0a:f6:1b:47:25:ea:f6:18:99:50:a7:c6:
66:3e:bf:c0:19:40:0d:63:f8:b2:85:04:aa:de:ce:
b8:3c:64:41:e7:99:0d:09:be:32:2f:a9:d6:fc:a5:
fc:25:59:d7:7e:1a:0d:00:8c:bc:57:a5:7c:ba:05:
d9:81:f2:46:e6:5b:77:88:c3:1f:9c:0c:be:d7:f0:
be:27:02:7a:b6:43:4b:8d:a3:34:f6:e6:bd:17:1a:
4e:f3:de:29:28:c4:e8:01:d0:df:ba:58:42:7a:fa:
1d:40:95:5d:4b:e6:41:30:d3:4a:c2:e1:6e:48:28:
49:69:c9:11:5b:6f:64:ba:d2:0f:ce:cd:bd:f1:0b:
5c:90:6b:1a:2b:4b:7d:dc:5c:dd:62:ce:23:b4:da:
ef:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:3F:41:91:B6:05:81:00:30:D2:0C:CA:60:A5:86:F3:85:11:0B:48
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.82.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cf:2d:58:ea:9c:79:0a:c3:8b:dd:fe:01:3a:16:33:c3:3e:5d:
71:12:33:a3:9e:6c:59:ef:d5:f1:e0:65:b2:f8:b9:9f:4a:2d:
dd:6b:1b:b7:5d:11:78:de:c7:c4:d6:66:17:be:96:1b:c6:77:
48:1a:f7:ad:ac:6d:48:ab:69:a1:1f:d3:21:30:f3:01:68:22:
1f:df:c4:f5:50:cc:5b:d0:8c:2e:40:15:55:32:aa:3a:a0:4a:
4f:f7:bd:82:70:38:8c:ce:24:b4:c8:4c:d6:05:8b:59:de:6b:
64:9f:3d:dc:3b:1b:40:10:43:8c:16:fd:e2:5b:f7:dd:ba:d9:
ac:91:b0:32:69:5d:d4:e6:c7:50:3f:b8:67:d7:3e:35:cf:0f:
14:c0:d6:67:2d:3c:92:68:b7:1f:f7:e9:e4:83:53:5c:36:b2:
60:42:a2:33:5a:ae:99:ba:91:aa:7e:05:b5:6a:22:c8:6e:62:
80:75:7f:0d:a6:d9:98:41:e6:19:ba:36:c1:1f:38:d6:9d:6e:
df:8a:72:eb:fe:38:b5:09:a2:4c:74:a8:c8:04:4b:c9:1b:41:
23:f9:85:42:38:6a:13:a9:cf:35:1a:d9:cf:03:40:d0:39:03:
d1:4d:06:91:7a:d8:15:58:43:50:87:7e:2f:a0:ea:9c:bb:e3:
d5:0f:96:92
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUWKOF8av6j/W1Hk8Huejw7z6+RZMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjNTlhMTRiYjlhOTU4MjBmMmVlNjI0NzZjNzRkNDYyYzI1ODc1YWEwOTAy
Y2QwNTA2MjI0OTAwNzc0ZmM4MDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMsMduLXOVqEcaVB5/zCW47bC5WQTLGwX8JzSeg6aK+AaMi1JXx/3Zcun/tQ
8M/utE9opuUbQ0hXSyncYJthAqE7YX6TGVxxb06qtjJLcpYYE0w3wvtJDSSMI+fH
t6FWTcyPwVtCBqIcS29lCvYbRyXq9hiZUKfGZj6/wBlADWP4soUEqt7OuDxkQeeZ
DQm+Mi+p1vyl/CVZ134aDQCMvFelfLoF2YHyRuZbd4jDH5wMvtfwvicCerZDS42j
NPbmvRcaTvPeKSjE6AHQ37pYQnr6HUCVXUvmQTDTSsLhbkgoSWnJEVtvZLrSD87N
vfELXJBrGitLfdxc3WLOI7Ta76sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRMP0GR
tgWBADDSDMpgpYbzhRELSDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmQyNGI2MzgtYjk1MS00MzMzLWFjODgtNDg4NmM3YWYyMzBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNSMA0G
CSqGSIb3DQEBCwUAA4IBAQDPLVjqnHkKw4vd/gE6FjPDPl1xEjOjnmxZ79Xx4GWy
+LmfSi3daxu3XRF43sfE1mYXvpYbxndIGvetrG1Iq2mhH9MhMPMBaCIf38T1UMxb
0IwuQBVVMqo6oEpP972CcDiMziS0yEzWBYtZ3mtknz3cOxtAEEOMFv3iW/fdutms
kbAyaV3U5sdQP7hn1z41zw8UwNZnLTySaLcf9+nkg1NcNrJgQqIzWq6ZupGqfgW1
aiLIbmKAdX8NptmYQeYZujbBHzjWnW7finLr/ji1CaJMdKjIBEvJG0Ej+YVCOGoT
qc81GtnPA0DQOQPRTQaRetgVWENQh34voOqcu+PVD5aS
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:27 2023 by rpki-client on console-ams.rpki-client.org