Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46b220b9-837f-4174-97e6-c711958273ea.roa
File: 46b220b9-837f-4174-97e6-c711958273ea.roa (raw, json)
Hash identifier: 7ZGwcy79DEQJDXZ+kICeyhKGrfU31JPev/xBxpXyV4E=
Subject key identifier: C4:AA:BE:6B:3A:7E:D9:7F:1B:AE:FE:09:1C:F8:4C:B0:43:BF:F1:9B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 19631463EA0590713B3B7A2DD88B6567E79E9BA7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46b220b9-837f-4174-97e6-c711958273ea.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.78.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:63:14:63:ea:05:90:71:3b:3b:7a:2d:d8:8b:65:67:e7:9e:9b:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=f9a098f621ec105a7011f3f65011016fc909eaed0a080b4ff47894134072ffc7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:78:47:14:4c:14:12:ad:82:a7:7c:a8:e5:5a:
09:a0:18:61:4f:c6:49:03:95:e0:63:35:e3:d8:e0:
d8:1d:51:3e:8a:51:9a:2b:42:22:b8:29:1b:ea:52:
50:7a:4e:39:21:3e:65:fb:fe:45:22:ca:da:f6:ed:
69:19:47:8d:e5:dd:28:30:14:c7:a8:57:03:99:11:
a5:7b:60:ac:2a:ae:49:8e:a9:2b:6d:cb:dc:c1:6d:
ae:11:54:4e:b4:ab:1c:9a:ce:f4:f9:fa:f1:5b:e7:
7d:10:e1:8c:3e:67:23:53:83:3c:70:a4:c0:d9:68:
c0:af:7d:28:a6:f0:2b:7a:9f:d9:67:62:23:b2:5a:
93:5c:6d:43:56:67:dd:27:2f:d6:5d:53:4f:23:ae:
75:d0:a4:b4:82:95:8a:67:4c:8c:bd:6d:bf:57:9c:
9b:e7:29:5f:a8:e9:f5:f1:a1:15:bb:3a:c6:d7:1e:
e6:4a:1a:2c:af:03:f7:bc:ea:93:bd:ef:44:f4:84:
0b:10:28:8f:d8:64:74:93:85:77:81:af:5b:82:a7:
f7:a7:0c:94:f6:c4:72:35:ee:2a:37:b1:59:9d:c9:
0b:35:9f:1b:3a:df:84:eb:b8:10:aa:8c:6f:89:d7:
d9:e9:6f:ad:de:74:13:a4:67:17:d0:43:f5:da:fb:
3f:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:AA:BE:6B:3A:7E:D9:7F:1B:AE:FE:09:1C:F8:4C:B0:43:BF:F1:9B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46b220b9-837f-4174-97e6-c711958273ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.78.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b9:5d:6f:04:1a:33:de:96:72:54:5b:f6:5c:a9:b9:7e:0d:1a:
b1:b4:09:e0:92:c4:64:b3:85:1b:12:07:e1:df:b3:22:23:75:
1a:d7:a3:22:95:48:a6:09:41:b2:17:d7:14:10:32:15:58:93:
cf:76:b4:8a:55:57:cc:8e:fc:3d:4d:2b:05:c4:58:c4:8d:5f:
4f:ea:4d:9d:4e:74:f9:ec:af:02:97:f8:bc:d5:bb:34:3e:d0:
8e:48:2c:8e:57:99:8b:90:15:d3:f1:9a:0e:d4:ff:7c:16:0d:
ef:73:6e:99:d4:d7:88:c9:e2:1a:27:43:31:9e:39:ed:82:d6:
2d:71:fe:be:73:1e:e8:ad:6c:44:35:dd:a4:e8:d3:6d:0c:e9:
cb:ee:d4:ba:a7:a7:c9:cd:73:4d:b6:9b:6a:ce:d7:31:02:48:
4c:99:81:5a:cc:0f:23:23:35:c6:69:77:ea:40:6a:a8:7b:66:
d4:bc:dd:d1:5f:11:24:29:54:b4:23:09:4c:1e:d0:c8:c0:50:
66:51:2a:c4:ce:fe:e0:85:a8:99:6d:04:e1:e7:81:8e:71:72:
12:3d:69:f6:ee:05:e4:46:1c:dd:e3:be:23:57:9a:f7:b6:59:
7d:bf:1b:5b:e4:66:b5:f4:23:80:a1:d4:fa:f4:e7:e9:5a:4b:
c7:eb:0a:86
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGWMUY+oFkHE7O3ot2ItlZ+eem6cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5YTA5OGY2MjFlYzEwNWE3MDExZjNmNjUwMTEwMTZmYzkwOWVhZWQwYTA4
MGI0ZmY0Nzg5NDEzNDA3MmZmYzcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANR4RxRMFBKtgqd8qOVaCaAYYU/GSQOV4GM149jg2B1RPopRmitCIrgpG+pS
UHpOOSE+Zfv+RSLK2vbtaRlHjeXdKDAUx6hXA5kRpXtgrCquSY6pK23L3MFtrhFU
TrSrHJrO9Pn68VvnfRDhjD5nI1ODPHCkwNlowK99KKbwK3qf2WdiI7Jak1xtQ1Zn
3Scv1l1TTyOuddCktIKVimdMjL1tv1ecm+cpX6jp9fGhFbs6xtce5koaLK8D97zq
k73vRPSECxAoj9hkdJOFd4GvW4Kn96cMlPbEcjXuKjexWZ3JCzWfGzrfhOu4EKqM
b4nX2elvrd50E6RnF9BD9dr7P/ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTEqr5r
On7Zfxuu/gkc+EywQ7/xmzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDZiMjIwYjktODM3Zi00MTc0LTk3ZTYtYzcxMTk1ODI3M2VhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNOMA0G
CSqGSIb3DQEBCwUAA4IBAQC5XW8EGjPelnJUW/Zcqbl+DRqxtAngksRks4UbEgfh
37MiI3Ua16MilUimCUGyF9cUEDIVWJPPdrSKVVfMjvw9TSsFxFjEjV9P6k2dTnT5
7K8Cl/i81bs0PtCOSCyOV5mLkBXT8ZoO1P98Fg3vc26Z1NeIyeIaJ0MxnjntgtYt
cf6+cx7orWxENd2k6NNtDOnL7tS6p6fJzXNNtptqztcxAkhMmYFazA8jIzXGaXfq
QGqoe2bUvN3RXxEkKVS0IwlMHtDIwFBmUSrEzv7ghaiZbQTh54GOcXISPWn27gXk
Rhzd474jV5r3tll9vxtb5Ga19COAodT69OfpWkvH6wqG
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:27 2023 by rpki-client on console-ams.rpki-client.org