Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2f0149f0-c984-4579-a478-0c4e7147bcd1.roa
File: 2f0149f0-c984-4579-a478-0c4e7147bcd1.roa (raw, json)
Hash identifier: hf+8oAVl96zfuzA11k6kb25XD+p7LMc/J915TungYPY=
Subject key identifier: F5:0B:39:F1:C6:4B:42:67:A0:61:3D:36:08:1A:D8:6C:51:99:84:B4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 178980B53EC816EA2E9F4570C4DFE9D075B3BFDD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2f0149f0-c984-4579-a478-0c4e7147bcd1.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:89:80:b5:3e:c8:16:ea:2e:9f:45:70:c4:df:e9:d0:75:b3:bf:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=abbf9662fcee8aba77c2d438cd99bb62bac3f1406ad8eb3aab10926987ec3fe6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d4:24:62:7f:18:c9:8f:e8:92:71:75:75:90:
49:d8:47:e9:00:38:9d:68:b2:28:4d:21:a1:4a:2d:
09:0a:7a:92:a2:13:c1:bd:52:32:a1:f9:07:a9:8e:
76:8f:79:41:c7:45:32:a4:b4:c9:b7:f6:0c:e5:71:
d7:b1:9b:03:bd:ae:e6:fb:3e:52:24:50:ff:fe:8b:
e3:2a:fc:0a:f5:52:ce:9e:de:3c:ac:b8:4b:6c:27:
03:1c:e6:69:ec:a8:54:70:ce:dd:7d:5e:fd:a2:9c:
8d:63:7d:50:4d:c4:72:79:1a:c8:ff:e6:b7:de:58:
dc:45:06:8d:45:85:5b:48:48:68:22:bb:09:24:7e:
e0:29:4b:82:90:05:39:8c:c7:16:23:95:48:e7:76:
92:e9:19:a4:4c:a7:35:c5:80:69:07:81:9e:ba:92:
5c:78:26:79:33:af:01:bb:e2:f2:8b:ae:8b:09:24:
8b:d2:1d:48:ba:48:78:56:8c:aa:32:5b:bc:d6:8f:
fe:b8:0c:8b:30:d5:3b:12:92:d4:0b:87:f0:20:2a:
88:8a:2b:67:87:58:bc:a7:e2:9b:95:7d:e3:2b:e5:
94:2d:02:52:60:f2:69:4a:b5:41:f5:39:f7:57:7c:
0d:79:f9:61:f7:4d:29:04:a5:fb:bd:df:3e:38:a2:
0c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:0B:39:F1:C6:4B:42:67:A0:61:3D:36:08:1A:D8:6C:51:99:84:B4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2f0149f0-c984-4579-a478-0c4e7147bcd1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.128.0/17
Signature Algorithm: sha256WithRSAEncryption
21:dd:32:8f:84:89:93:75:a6:f9:0c:e9:77:f9:fb:c2:52:0e:
cf:d9:5c:29:b1:3f:60:da:e9:74:45:e1:09:d0:01:df:e8:54:
2b:5f:2b:79:2f:64:61:17:65:26:6e:23:bb:6d:d3:d7:67:49:
e5:46:73:9c:81:d8:98:d1:a2:80:62:1d:86:f9:c0:ea:46:10:
90:ef:9a:5f:f8:40:d1:1d:02:e2:c0:90:5c:52:7a:eb:fc:a5:
82:d0:b7:26:53:ef:b0:1e:15:f9:5e:bf:f9:47:e2:ee:e3:b0:
d8:5b:61:e1:02:92:18:c6:82:64:88:10:44:24:27:96:44:06:
90:ce:b4:f4:26:c5:4f:b1:82:85:2a:78:0e:8a:6d:ef:39:5c:
e9:35:9f:9a:ef:ee:78:3d:6b:df:4e:62:f1:e5:e2:29:2f:5a:
3e:04:54:d7:38:8c:a5:a8:10:8b:f8:6b:04:68:01:21:51:6a:
37:39:78:56:b1:5c:ed:27:7a:80:ea:3d:d3:6d:3e:24:99:c3:
53:b6:a0:dc:85:51:99:60:64:3e:0e:17:c3:ec:8a:17:0f:d9:
f8:ac:03:25:95:ba:42:69:1c:d9:94:25:b9:25:65:e2:4a:16:
b8:70:ea:b2:85:cb:1a:34:5d:b0:34:21:47:4d:f8:1e:04:e9:
4f:62:74:55
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUF4mAtT7IFuoun0VwxN/p0HWzv90wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGFiYmY5NjYyZmNlZThhYmE3N2MyZDQzOGNkOTliYjYyYmFjM2YxNDA2YWQ4
ZWIzYWFiMTA5MjY5ODdlYzNmZTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALDUJGJ/GMmP6JJxdXWQSdhH6QA4nWiyKE0hoUotCQp6kqITwb1SMqH5B6mO
do95QcdFMqS0ybf2DOVx17GbA72u5vs+UiRQ//6L4yr8CvVSzp7ePKy4S2wnAxzm
aeyoVHDO3X1e/aKcjWN9UE3EcnkayP/mt95Y3EUGjUWFW0hIaCK7CSR+4ClLgpAF
OYzHFiOVSOd2kukZpEynNcWAaQeBnrqSXHgmeTOvAbvi8ouuiwkki9IdSLpIeFaM
qjJbvNaP/rgMizDVOxKS1AuH8CAqiIorZ4dYvKfim5V94yvllC0CUmDyaUq1QfU5
91d8DXn5YfdNKQSl+73fPjiiDKsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT1Cznx
xktCZ6BhPTYIGthsUZmEtDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmYwMTQ5ZjAtYzk4NC00NTc5LWE0NzgtMGM0ZTcxNDdiY2QxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBzMAgDAN
BgkqhkiG9w0BAQsFAAOCAQEAId0yj4SJk3Wm+Qzpd/n7wlIOz9lcKbE/YNrpdEXh
CdAB3+hUK18reS9kYRdlJm4ju23T12dJ5UZznIHYmNGigGIdhvnA6kYQkO+aX/hA
0R0C4sCQXFJ66/ylgtC3JlPvsB4V+V6/+Ufi7uOw2Fth4QKSGMaCZIgQRCQnlkQG
kM609CbFT7GChSp4Dopt7zlc6TWfmu/ueD1r305i8eXiKS9aPgRU1ziMpagQi/hr
BGgBIVFqNzl4VrFc7Sd6gOo9020+JJnDU7ag3IVRmWBkPg4Xw+yKFw/Z+KwDJZW6
Qmkc2ZQluSVl4koWuHDqsoXLGjRdsDQhR034HgTpT2J0VQ==
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:27 2023 by rpki-client on console-ams.rpki-client.org