Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
File: 41816f61-5ce3-406a-8d78-37c4eafa6915.roa (raw, json)
Hash identifier: 9Cf3kQMDpp/D2v33XgCr8fCfZrar55rA1up4dD/wAYA=
Subject key identifier: 4C:9A:DF:4E:78:25:D4:45:76:59:7A:95:8F:F7:58:9B:B9:F4:C1:45
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5BBCD16A9CB384F5CCECD3CA58AD1E0A93439C0B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:bc:d1:6a:9c:b3:84:f5:cc:ec:d3:ca:58:ad:1e:0a:93:43:9c:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=8a5b649cbe1de40a931ad6b971b83c95a31eac0a4751384ac03c3bdd4672e8f7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6f:31:df:8c:3c:2d:8e:74:6c:87:58:17:8a:
58:83:27:58:ea:28:af:16:b8:ce:bd:3a:c9:ae:6b:
df:f4:06:78:d0:2b:13:17:61:49:c7:89:21:10:aa:
49:6c:4f:90:84:5e:b7:f0:f1:44:a4:8e:44:0f:f1:
47:52:2f:1d:2e:ac:f7:58:09:42:72:7a:85:6e:7a:
9c:58:48:22:c7:0a:3c:f5:e8:e6:8c:56:7c:ca:da:
6b:f4:f6:65:2c:b2:e7:65:35:02:5c:b4:73:69:fd:
c1:f6:6f:89:cb:65:57:43:99:de:61:8d:7e:a5:ba:
6a:0b:f4:fb:07:13:d1:d7:a3:5c:c2:dd:6a:36:be:
03:5d:d2:b5:f5:6a:77:f4:46:ce:82:d0:ee:f1:df:
40:a7:60:e4:57:d9:77:e2:87:af:b9:71:a2:e6:66:
cb:d6:e0:b4:0f:d2:4c:60:d2:7b:5e:26:75:ba:77:
00:9e:a8:9e:d0:6c:0e:7d:9d:bb:b5:5e:36:55:80:
07:78:0f:d2:3a:3b:76:e6:89:77:ae:b9:a0:70:8b:
f9:9b:41:00:ea:06:3d:30:50:17:0f:34:ce:ce:7e:
98:a2:84:1c:7b:42:4f:1d:b1:88:b4:ba:6f:e5:b8:
38:cf:61:7e:22:57:63:93:7b:e8:f7:93:ad:75:a7:
0d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:9A:DF:4E:78:25:D4:45:76:59:7A:95:8F:F7:58:9B:B9:F4:C1:45
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.32.0/19
Signature Algorithm: sha256WithRSAEncryption
43:aa:0c:2a:00:f1:1f:ad:18:e7:bd:27:85:a8:b0:60:b3:e4:
56:16:c7:f4:18:4d:26:59:e3:a8:4d:26:9e:96:fe:77:7b:36:
0a:b6:d8:81:bf:1e:e7:90:22:31:de:0e:25:b0:c2:2a:f9:b8:
7a:70:1d:ca:98:aa:c3:05:da:cf:40:0d:ed:7f:ac:f6:aa:5b:
98:a2:81:1f:6f:3d:30:01:d2:61:55:c0:43:6b:9f:bd:fe:2f:
fa:bd:37:41:e1:46:d7:c3:0c:a2:25:f9:82:a9:a7:19:87:22:
ca:4a:35:5c:d8:7d:74:a1:ba:33:a2:7b:96:13:95:04:47:76:
6c:76:ec:84:09:9d:de:48:c3:8a:6c:8a:74:d0:e1:0e:4b:b7:
36:c1:ac:73:76:36:dc:2c:6a:99:8a:f0:fc:21:cc:e2:bf:a9:
ff:c7:d8:b3:9e:a7:af:34:2b:ff:3c:f4:66:5a:46:89:96:a8:
42:2a:9c:52:ca:72:6f:80:1a:b7:63:33:d6:32:22:56:f4:33:
4b:f4:a9:53:27:9c:49:89:20:c0:e0:89:81:72:3f:e9:66:4c:
b3:9a:57:10:b8:dc:9c:ab:70:4e:62:9b:b1:36:fb:ec:81:88:
67:88:a2:25:9b:66:a3:c8:46:3a:a0:2d:12:3c:74:96:92:4b:
36:f4:49:ac
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUW7zRapyzhPXM7NPKWK0eCpNDnAswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDhhNWI2NDljYmUxZGU0MGE5MzFhZDZiOTcxYjgzYzk1YTMxZWFjMGE0NzUx
Mzg0YWMwM2MzYmRkNDY3MmU4ZjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALxvMd+MPC2OdGyHWBeKWIMnWOoorxa4zr06ya5r3/QGeNArExdhSceJIRCq
SWxPkIRet/DxRKSORA/xR1IvHS6s91gJQnJ6hW56nFhIIscKPPXo5oxWfMraa/T2
ZSyy52U1Aly0c2n9wfZvictlV0OZ3mGNfqW6agv0+wcT0dejXMLdaja+A13StfVq
d/RGzoLQ7vHfQKdg5FfZd+KHr7lxouZmy9bgtA/STGDSe14mdbp3AJ6ontBsDn2d
u7VeNlWAB3gP0jo7duaJd665oHCL+ZtBAOoGPTBQFw80zs5+mKKEHHtCTx2xiLS6
b+W4OM9hfiJXY5N76PeTrXWnDZkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRMmt9O
eCXURXZZepWP91ibufTBRTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDE4MTZmNjEtNWNlMy00MDZhLThkNzgtMzdjNGVhZmE2OTE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBTMAIDAN
BgkqhkiG9w0BAQsFAAOCAQEAQ6oMKgDxH60Y570nhaiwYLPkVhbH9BhNJlnjqE0m
npb+d3s2CrbYgb8e55AiMd4OJbDCKvm4enAdypiqwwXaz0AN7X+s9qpbmKKBH289
MAHSYVXAQ2ufvf4v+r03QeFG18MMoiX5gqmnGYciyko1XNh9dKG6M6J7lhOVBEd2
bHbshAmd3kjDimyKdNDhDku3NsGsc3Y23CxqmYrw/CHM4r+p/8fYs56nrzQr/zz0
ZlpGiZaoQiqcUspyb4Aat2Mz1jIiVvQzS/SpUyecSYkgwOCJgXI/6WZMs5pXELjc
nKtwTmKbsTb77IGIZ4iiJZtmo8hGOqAtEjx0lpJLNvRJrA==
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:47:31 2023 by rpki-client on console-fra.rpki-client.org