Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
File: 444db014-8d2a-4c59-af9c-399bacab4f3f.roa (raw, json)
Hash identifier: +ya2tQyopPRsb7se6yqTiKJJ30yOlbzYT2UR97lkf44=
Subject key identifier: 3A:89:60:34:35:F4:22:63:C3:A2:9D:D9:06:FB:23:71:45:2A:37:87
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1F6B34C1C645DA09177D56C0857CFB1690FEB6D3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.156.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:6b:34:c1:c6:45:da:09:17:7d:56:c0:85:7c:fb:16:90:fe:b6:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=d27e01e0639a0aebc8ceca3f0dba21845a17983a4a32c7d312b396538159fb1e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:03:7a:aa:0d:5e:ae:8d:4f:18:5c:63:84:b4:
ff:f0:37:df:34:ef:64:89:4b:32:c4:c7:5a:96:23:
3b:ae:11:c5:74:e2:ca:fa:99:96:0a:6b:10:fe:31:
6e:b6:90:c6:24:00:42:f4:73:9d:08:10:c1:73:c4:
12:0f:0c:28:18:bd:e9:85:7f:b0:77:eb:8e:2b:3f:
92:af:2d:1b:bf:ba:65:a7:c6:2d:f1:70:8a:92:67:
5e:a9:a3:4c:2c:6d:12:2e:e5:cd:1c:f1:a0:a8:d8:
b1:27:ca:36:80:83:70:46:b5:06:d7:38:a8:b1:cf:
c5:f8:03:a1:33:ec:8a:f5:3e:a0:8a:75:20:1d:f1:
99:b5:05:8f:ba:b2:10:4e:6a:2e:f2:16:d3:eb:b1:
07:e5:d2:7a:0d:e0:f2:79:f4:74:f6:dc:b7:1b:b1:
82:f1:79:fe:b9:b4:72:40:83:34:ba:32:3b:fb:34:
8e:b7:b4:88:0a:46:9c:df:ce:1c:54:2b:18:5c:c6:
29:73:e8:f0:8d:4a:5f:05:b9:65:32:95:fd:08:4b:
dc:03:1d:57:d8:fc:e6:16:24:18:32:d8:2d:f6:e9:
d4:98:a2:82:87:c9:62:b3:0d:40:12:2a:d2:e5:65:
aa:15:ae:1c:36:03:e1:2f:0c:b6:8d:e4:38:92:e7:
03:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:89:60:34:35:F4:22:63:C3:A2:9D:D9:06:FB:23:71:45:2A:37:87
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.156.0.0/15
Signature Algorithm: sha256WithRSAEncryption
43:2f:4f:a7:03:73:d1:0b:c8:d4:ea:9e:82:a4:3d:43:11:9d:
37:05:68:58:a7:4a:b4:9a:b6:db:8f:c0:1e:03:e5:c1:2c:55:
d1:64:30:b4:d8:fb:ba:36:f2:d4:4c:a9:07:2a:81:21:d0:9c:
f6:81:c6:f6:7d:f2:f8:15:23:16:8c:91:f4:5f:d2:86:c3:84:
10:94:92:62:29:d8:86:cc:93:9d:83:86:e6:5e:c7:4c:5f:9e:
64:0c:d3:f0:dc:38:f8:f3:9d:32:81:ee:60:8e:17:a0:35:88:
04:35:fa:cc:81:f9:15:fb:2d:2a:8f:11:69:97:23:3d:59:4f:
94:52:de:19:07:10:55:12:2c:6d:2b:0a:01:35:a1:f1:81:70:
a8:3e:a6:d2:17:eb:ff:c0:93:1c:83:fc:f2:1d:de:30:9e:3a:
37:78:f8:cc:ed:bc:89:df:4f:ce:17:1b:f9:da:d7:70:22:c3:
b4:59:e3:81:9b:26:21:00:25:2c:1d:60:bf:54:1e:24:7b:f2:
72:dd:d2:c4:08:fe:20:71:0a:30:c2:42:94:50:2d:03:8c:28:
cf:58:30:74:f3:9f:58:2f:d6:f2:c6:46:f9:7f:e3:48:05:2c:
ec:2a:e3:23:fa:e0:2f:27:78:7e:28:3b:d0:e3:17:e4:86:c3:
fd:1c:ea:b2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUH2s0wcZF2gkXfVbAhXz7FpD+ttMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyN2UwMWUwNjM5YTBhZWJjOGNlY2EzZjBkYmEyMTg0NWExNzk4M2E0YTMy
YzdkMzEyYjM5NjUzODE1OWZiMWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK8DeqoNXq6NTxhcY4S0//A33zTvZIlLMsTHWpYjO64RxXTiyvqZlgprEP4x
braQxiQAQvRznQgQwXPEEg8MKBi96YV/sHfrjis/kq8tG7+6ZafGLfFwipJnXqmj
TCxtEi7lzRzxoKjYsSfKNoCDcEa1Btc4qLHPxfgDoTPsivU+oIp1IB3xmbUFj7qy
EE5qLvIW0+uxB+XSeg3g8nn0dPbctxuxgvF5/rm0ckCDNLoyO/s0jre0iApGnN/O
HFQrGFzGKXPo8I1KXwW5ZTKV/QhL3AMdV9j85hYkGDLYLfbp1JiigofJYrMNQBIq
0uVlqhWuHDYD4S8Mto3kOJLnA68CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ6iWA0
NfQiY8OindkG+yNxRSo3hzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDQ0ZGIwMTQtOGQyYS00YzU5LWFmOWMtMzk5YmFjYWI0ZjNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOcMA0G
CSqGSIb3DQEBCwUAA4IBAQBDL0+nA3PRC8jU6p6CpD1DEZ03BWhYp0q0mrbbj8Ae
A+XBLFXRZDC02Pu6NvLUTKkHKoEh0Jz2gcb2ffL4FSMWjJH0X9KGw4QQlJJiKdiG
zJOdg4bmXsdMX55kDNPw3Dj4850yge5gjhegNYgENfrMgfkV+y0qjxFplyM9WU+U
Ut4ZBxBVEixtKwoBNaHxgXCoPqbSF+v/wJMcg/zyHd4wnjo3ePjM7byJ30/OFxv5
2tdwIsO0WeOBmyYhACUsHWC/VB4ke/Jy3dLECP4gcQowwkKUUC0DjCjPWDB0859Y
L9byxkb5f+NIBSzsKuMj+uAvJ3h+KDvQ4xfkhsP9HOqy
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:27 2023 by rpki-client on console-ams.rpki-client.org