Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa
File: 42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa (raw, json)
Hash identifier: DfbKE32PLt6qFwPqjK0TqwYUX+2mq6T2P54KHKGyO4M=
Subject key identifier: D4:7D:AB:A9:85:A0:6C:26:0E:3C:7C:00:AA:C1:1B:AA:7A:34:CB:AA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 14291A19B4219075BAD386994617B816846E6309
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.164.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:29:1a:19:b4:21:90:75:ba:d3:86:99:46:17:b8:16:84:6e:63:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=f447db3bc301156b2309438c34f87e658eae6c5fd323b014c7de43b447780d36, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c3:98:da:7c:14:76:ca:78:c7:a6:a5:77:81:
da:7a:f6:51:9f:5b:95:ec:04:20:5d:0f:b5:29:29:
bc:a8:32:5c:ae:32:8b:6c:6d:17:f9:37:57:05:cd:
4a:80:80:9d:32:e6:d3:c2:ab:44:b2:25:69:df:ca:
05:ca:5f:3a:94:34:d2:ea:4d:b4:ee:45:b0:f5:8e:
1c:47:50:d0:84:fa:44:6d:2c:07:4c:b0:35:ce:6d:
95:35:d9:84:75:c4:5e:2c:41:0f:73:d1:ba:dc:27:
3e:02:73:c5:a5:dc:a0:1a:3a:12:0e:a8:97:85:94:
34:46:99:0f:21:93:a2:0e:30:2a:08:c8:1c:d8:22:
7b:1c:34:7d:8c:dc:a4:08:0a:66:89:32:f0:42:37:
da:6d:92:96:7d:09:bf:53:de:f1:6f:eb:d7:35:0f:
89:a4:d7:76:68:b8:22:19:2e:08:50:bd:b7:82:6b:
70:d8:61:8f:a4:7b:a5:b6:31:b1:b0:01:54:d7:78:
02:0c:f9:11:0d:0e:bf:8b:54:a4:9f:1d:e2:bc:ff:
de:a1:19:f6:fe:23:e5:1a:4f:8a:86:11:62:34:6e:
83:71:98:9b:a7:c2:3d:c1:ed:30:21:7e:f7:70:67:
e4:01:68:20:21:4a:cd:0e:67:42:37:dc:17:00:38:
1f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:7D:AB:A9:85:A0:6C:26:0E:3C:7C:00:AA:C1:1B:AA:7A:34:CB:AA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.164.0.0/15
Signature Algorithm: sha256WithRSAEncryption
7b:0e:cc:42:d7:e2:7f:c7:df:a3:75:3d:b6:20:38:50:8f:39:
db:57:65:44:e8:5a:98:23:5e:52:6f:5d:d2:0a:3b:ac:fa:fe:
ef:63:12:38:07:32:2b:06:47:01:74:11:ab:be:8a:4e:7d:c4:
f7:af:22:46:d0:c4:d0:72:14:cb:dd:9b:1e:26:07:b4:d8:aa:
a9:fd:a6:2a:1f:43:7b:17:79:5f:1c:ae:08:f8:13:49:24:65:
2b:e7:ce:ca:4d:9e:68:80:2f:77:a8:46:15:8f:1c:61:89:e8:
ef:e3:67:64:4e:d9:57:2a:69:5a:bb:1c:de:e5:e2:a9:24:3e:
1d:3b:1a:f9:04:f9:76:15:b0:7d:04:dc:e0:58:d5:14:6a:04:
73:d2:3a:d2:95:0a:5d:13:7e:c2:b4:c7:38:06:ae:36:dc:86:
11:9e:87:57:07:9a:6f:35:7d:0b:d7:d9:77:80:92:fe:df:f1:
fb:6a:22:6a:a5:41:31:97:23:b1:21:c2:92:73:3b:3d:0c:47:
fb:5d:1e:84:0a:1c:ab:8d:d7:ab:13:fc:53:98:47:66:91:7d:
1f:69:1c:fd:2e:20:37:30:5c:e5:49:89:4a:c3:73:3a:cc:60:
9e:b3:49:56:2f:bf:30:6c:50:8d:1d:48:eb:ad:a7:45:ce:55:
56:c6:f2:3c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFCkaGbQhkHW604aZRhe4FoRuYwkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0NDdkYjNiYzMwMTE1NmIyMzA5NDM4YzM0Zjg3ZTY1OGVhZTZjNWZkMzIz
YjAxNGM3ZGU0M2I0NDc3ODBkMzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL/DmNp8FHbKeMempXeB2nr2UZ9blewEIF0PtSkpvKgyXK4yi2xtF/k3VwXN
SoCAnTLm08KrRLIlad/KBcpfOpQ00upNtO5FsPWOHEdQ0IT6RG0sB0ywNc5tlTXZ
hHXEXixBD3PRutwnPgJzxaXcoBo6Eg6ol4WUNEaZDyGTog4wKgjIHNgiexw0fYzc
pAgKZoky8EI32m2Sln0Jv1Pe8W/r1zUPiaTXdmi4IhkuCFC9t4JrcNhhj6R7pbYx
sbABVNd4Agz5EQ0Ov4tUpJ8d4rz/3qEZ9v4j5RpPioYRYjRug3GYm6fCPcHtMCF+
93Bn5AFoICFKzQ5nQjfcFwA4H1kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTUfaup
haBsJg48fACqwRuqejTLqjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDJlZmExYTgtZjgwNC00N2M1LThhM2QtNmYzZWEwNWUxYTViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOkMA0G
CSqGSIb3DQEBCwUAA4IBAQB7DsxC1+J/x9+jdT22IDhQjznbV2VE6FqYI15Sb13S
Cjus+v7vYxI4BzIrBkcBdBGrvopOfcT3ryJG0MTQchTL3ZseJge02Kqp/aYqH0N7
F3lfHK4I+BNJJGUr587KTZ5ogC93qEYVjxxhiejv42dkTtlXKmlauxze5eKpJD4d
Oxr5BPl2FbB9BNzgWNUUagRz0jrSlQpdE37CtMc4Bq423IYRnodXB5pvNX0L19l3
gJL+3/H7aiJqpUExlyOxIcKSczs9DEf7XR6EChyrjderE/xTmEdmkX0faRz9LiA3
MFzlSYlKw3M6zGCes0lWL78wbFCNHUjrradFzlVWxvI8
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:47:31 2023 by rpki-client on console-fra.rpki-client.org