Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa
File: 44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa (raw, json)
Hash identifier: 69oL7hzqUwVupiHJXDj0j5na7Tj9HmiE6CmVLpDnp0I=
Subject key identifier: D7:ED:DA:55:B9:39:97:95:9B:5A:53:66:3A:CB:9B:64:91:73:E6:88
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1D3904320DD1EA6FF124FA2637B1706CF9F58F0A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa
Signing time: Wed 06 Sep 2023 00:00:00 +0000
ROA not before: Wed 06 Sep 2023 00:00:00 +0000
ROA not after: Wed 11 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.244.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Sep 2023 17:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:39:04:32:0d:d1:ea:6f:f1:24:fa:26:37:b1:70:6c:f9:f5:8f:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 6 00:00:00 2023 GMT
Not After : Oct 11 23:59:59 2023 GMT
Subject: serialNumber=aa00a7d998239f2da13a93fb74dcf924a5e5eb48af85a09e6c9a387c6ba8f93b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:c4:0a:8c:ad:c9:fb:70:bc:65:d8:23:e3:b9:
c5:60:1a:2c:d2:a3:05:7b:7f:61:ae:47:47:74:4f:
76:98:0c:dd:48:cb:a5:a7:83:a6:d9:cf:22:25:f3:
53:0b:43:b2:29:a8:f0:d7:71:ef:79:db:96:52:91:
18:97:15:95:e0:3d:a2:b1:a1:2d:22:97:1c:b6:70:
cb:83:74:92:da:b0:02:74:3d:cb:00:4c:38:fb:66:
2c:6d:ac:d1:4d:78:84:32:89:0d:bf:dd:96:ea:3e:
f7:d0:35:63:c1:39:f0:28:6c:72:06:f1:9d:53:63:
53:5c:28:14:96:cb:9f:91:de:82:e1:da:f1:58:f1:
24:4b:d2:72:4a:d5:11:cf:a1:fe:86:19:00:9b:53:
91:6c:49:67:f1:38:e3:06:ac:8b:9a:8b:10:ff:f4:
52:da:85:80:be:36:f0:dd:de:f6:70:9f:0d:1c:0c:
30:80:05:48:70:90:d3:f0:2e:0d:f4:ff:cb:c2:8c:
90:d6:06:3e:36:e4:fd:4c:20:fb:8e:40:74:b6:94:
18:48:dc:0d:75:59:8e:36:28:c8:75:91:a1:15:30:
e9:2e:b6:ff:f5:e8:e9:9c:76:62:e6:cc:63:00:48:
01:e7:af:17:cc:e6:1f:a5:9f:a6:dd:b2:50:f4:0f:
84:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:ED:DA:55:B9:39:97:95:9B:5A:53:66:3A:CB:9B:64:91:73:E6:88
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.244.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b6:c0:50:0d:18:cb:48:68:fe:86:ab:66:07:c1:93:6c:c1:0d:
c3:ba:23:99:14:6b:77:a5:e6:ea:64:f0:d4:a9:ce:e7:8b:cc:
13:a8:d0:d9:17:ca:10:3b:1b:58:1f:8c:93:29:41:e8:39:c6:
e3:f5:16:45:79:b3:ab:8d:db:ee:b8:3c:ce:f7:5d:7d:61:85:
5c:39:e0:94:f6:c5:32:56:7a:07:62:ea:b1:1f:7f:94:0f:fe:
88:32:c9:31:07:cb:61:99:c0:97:b4:87:de:52:cb:83:72:a9:
02:4d:45:93:69:81:b1:09:b5:fc:e6:fd:db:94:d7:a2:d9:f8:
79:c6:d4:dc:b8:17:43:00:3a:1b:c2:2d:1a:4c:67:3b:e5:4f:
f1:34:86:e7:00:10:26:b4:f2:dc:bc:51:df:1b:a0:7c:53:1a:
f9:32:fe:52:87:41:6d:40:80:78:cd:b6:1d:9a:35:10:a6:0e:
d0:66:a0:fe:57:fd:ea:9a:b0:56:a6:e2:79:76:ac:3d:3d:92:
91:3e:0f:b9:71:51:0a:46:f7:a3:dc:82:d4:38:da:8f:2a:b7:
93:aa:95:01:27:23:95:ac:73:ec:f3:be:8c:f1:15:8b:70:37:
26:3f:ef:cd:28:6a:be:bf:cd:c1:de:2c:47:f7:92:b7:77:76:
3d:42:74:9e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHTkEMg3R6m/xJPomN7FwbPn1jwowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDYwMDAwMDBaFw0yMzEwMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGFhMDBhN2Q5OTgyMzlmMmRhMTNhOTNmYjc0ZGNmOTI0YTVlNWViNDhhZjg1
YTA5ZTZjOWEzODdjNmJhOGY5M2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOnECoytyftwvGXYI+O5xWAaLNKjBXt/Ya5HR3RPdpgM3UjLpaeDptnPIiXz
UwtDsimo8Ndx73nbllKRGJcVleA9orGhLSKXHLZwy4N0ktqwAnQ9ywBMOPtmLG2s
0U14hDKJDb/dluo+99A1Y8E58ChscgbxnVNjU1woFJbLn5HeguHa8VjxJEvSckrV
Ec+h/oYZAJtTkWxJZ/E44wasi5qLEP/0UtqFgL428N3e9nCfDRwMMIAFSHCQ0/Au
DfT/y8KMkNYGPjbk/Uwg+45AdLaUGEjcDXVZjjYoyHWRoRUw6S62//Xo6Zx2YubM
YwBIAeevF8zmH6Wfpt2yUPQPhPUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTX7dpV
uTmXlZtaU2Y6y5tkkXPmiDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDRiYjAwY2MtM2RlZS00Y2Y2LThkZTktMmZlYmZhMGYwZjZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATP0MA0G
CSqGSIb3DQEBCwUAA4IBAQC2wFANGMtIaP6Gq2YHwZNswQ3DuiOZFGt3pebqZPDU
qc7ni8wTqNDZF8oQOxtYH4yTKUHoOcbj9RZFebOrjdvuuDzO9119YYVcOeCU9sUy
VnoHYuqxH3+UD/6IMskxB8thmcCXtIfeUsuDcqkCTUWTaYGxCbX85v3blNei2fh5
xtTcuBdDADobwi0aTGc75U/xNIbnABAmtPLcvFHfG6B8Uxr5Mv5Sh0FtQIB4zbYd
mjUQpg7QZqD+V/3qmrBWpuJ5dqw9PZKRPg+5cVEKRvej3ILUONqPKreTqpUBJyOV
rHPs876M8RWLcDcmP+/NKGq+v83B3ixH95K3d3Y9QnSe
-----END CERTIFICATE-----
Generated at Wed Sep 6 00:20:49 2023 by rpki-client on console-fra.rpki-client.org