Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa
File: 46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa (raw, json)
Hash identifier: e/BW/whZQhdsIhybkD0wZ4nW1otyyGvo0Y+hG4lfU0M=
Subject key identifier: E0:32:A7:72:84:E3:28:5F:B2:A6:9D:6C:F2:21:EE:AA:57:BD:C7:3C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4DF3D1CFC7001E6AFF929CA5AF2283D4CA0347C1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa
Signing time: Wed 06 Sep 2023 00:00:00 +0000
ROA not before: Wed 06 Sep 2023 00:00:00 +0000
ROA not after: Wed 11 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.108.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Sep 2023 17:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:f3:d1:cf:c7:00:1e:6a:ff:92:9c:a5:af:22:83:d4:ca:03:47:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 6 00:00:00 2023 GMT
Not After : Oct 11 23:59:59 2023 GMT
Subject: serialNumber=dfe025fc47babefa26079e8566ec205a8e9d3cc6044b1c1e8f3fada3868547b5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:17:24:e7:6b:78:e8:4e:77:f2:17:69:6b:f2:
3c:37:0f:2e:6c:a0:23:00:21:87:f6:e6:c0:0f:67:
c0:59:f0:0f:48:2d:5d:2e:bb:a9:be:71:5a:7a:b1:
83:b0:e3:22:ca:8d:51:29:51:d2:65:cb:7d:d1:5b:
97:ff:da:11:6f:c3:0e:ab:7b:6a:bc:ec:f9:e0:d2:
c4:06:9c:04:8d:18:b4:22:05:16:9c:17:64:ab:86:
5c:f6:7c:56:b6:8d:47:d1:4d:a9:0a:be:25:74:9b:
2a:68:bb:90:d4:dc:54:b2:47:f7:e3:9b:3a:48:d3:
ba:59:d0:59:26:a1:8b:50:47:02:63:14:c1:2a:80:
9b:36:4b:a6:b3:ec:3a:7f:4f:89:87:2c:8e:85:2f:
96:62:de:c3:02:00:c7:08:eb:fc:25:dd:a3:2d:29:
b5:42:fa:d5:29:ff:fb:d6:c5:01:28:b0:ed:12:6d:
83:55:85:8d:20:bf:af:90:e4:88:93:ad:2d:43:e3:
ee:89:d2:1d:56:f9:39:cc:3e:ef:67:ce:38:42:ea:
ff:5f:85:96:2b:77:bc:de:36:36:36:98:b0:6b:9f:
52:f6:6c:41:4e:15:a3:73:6d:2a:c3:a2:5e:65:ca:
e6:c8:96:47:27:99:3f:53:68:7b:8a:ff:97:e8:de:
45:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:32:A7:72:84:E3:28:5F:B2:A6:9D:6C:F2:21:EE:AA:57:BD:C7:3C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.108.0.0/16
Signature Algorithm: sha256WithRSAEncryption
39:22:b9:0b:1f:e8:36:17:0a:e7:46:86:ed:3d:93:c9:1f:03:
da:b9:99:69:78:8b:62:7d:f0:2a:7c:f2:6f:d9:fe:a3:7b:3f:
2f:e5:6c:83:36:65:db:ef:bc:d8:eb:df:38:45:83:de:49:6d:
92:ff:b9:8a:2d:25:20:9d:15:1e:86:81:41:c7:73:b5:58:f9:
e0:de:a7:2a:11:e0:66:db:ab:01:e7:1c:7e:cf:d1:d6:82:20:
d4:08:a9:84:87:8f:04:b6:c3:32:51:ce:7b:1e:93:41:e6:c4:
1e:88:dd:50:2f:5f:32:04:44:36:dc:d8:90:59:45:da:6e:f0:
a9:45:15:18:b1:5d:47:de:1f:67:17:62:38:cc:96:19:34:1a:
36:7f:3e:24:88:68:6d:65:2b:c0:84:ac:f2:f2:ff:6c:35:cf:
14:0f:e1:6a:56:83:d5:1d:2b:7e:ae:18:df:84:5f:2a:ac:8e:
0c:f0:60:bc:e9:60:0d:1c:8b:ed:6e:d6:4a:54:cf:59:d3:45:
3a:0d:fb:89:43:f4:ba:4b:50:ff:83:f1:01:c2:f6:c3:9d:04:
00:97:0f:b6:6a:16:dc:5a:c9:3c:15:5d:28:b2:8d:de:38:87:
5b:19:78:0a:5e:48:34:63:7e:e6:e6:5c:66:9e:7f:b2:1d:76:
9c:18:a8:25
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTfPRz8cAHmr/kpylryKD1MoDR8EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDYwMDAwMDBaFw0yMzEwMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGRmZTAyNWZjNDdiYWJlZmEyNjA3OWU4NTY2ZWMyMDVhOGU5ZDNjYzYwNDRi
MWMxZThmM2ZhZGEzODY4NTQ3YjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0XJOdreOhOd/IXaWvyPDcPLmygIwAhh/bmwA9nwFnwD0gtXS67qb5xWnqx
g7DjIsqNUSlR0mXLfdFbl//aEW/DDqt7arzs+eDSxAacBI0YtCIFFpwXZKuGXPZ8
VraNR9FNqQq+JXSbKmi7kNTcVLJH9+ObOkjTulnQWSahi1BHAmMUwSqAmzZLprPs
On9PiYcsjoUvlmLewwIAxwjr/CXdoy0ptUL61Sn/+9bFASiw7RJtg1WFjSC/r5Dk
iJOtLUPj7onSHVb5Ocw+72fOOELq/1+Flit3vN42NjaYsGufUvZsQU4Vo3NtKsOi
XmXK5siWRyeZP1Noe4r/l+jeRbUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTgMqdy
hOMoX7KmnWzyIe6qV73HPDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDZlYjhiYjktOGE5MS00OTFkLThmM2YtOWNjNGFmY2Y1ZWNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNsMA0G
CSqGSIb3DQEBCwUAA4IBAQA5IrkLH+g2FwrnRobtPZPJHwPauZlpeItiffAqfPJv
2f6jez8v5WyDNmXb77zY6984RYPeSW2S/7mKLSUgnRUehoFBx3O1WPng3qcqEeBm
26sB5xx+z9HWgiDUCKmEh48EtsMyUc57HpNB5sQeiN1QL18yBEQ23NiQWUXabvCp
RRUYsV1H3h9nF2I4zJYZNBo2fz4kiGhtZSvAhKzy8v9sNc8UD+FqVoPVHSt+rhjf
hF8qrI4M8GC86WANHIvtbtZKVM9Z00U6DfuJQ/S6S1D/g/EBwvbDnQQAlw+2ahbc
Wsk8FV0oso3eOIdbGXgKXkg0Y37m5lxmnn+yHXacGKgl
-----END CERTIFICATE-----
Generated at Wed Sep 6 00:20:49 2023 by rpki-client on console-fra.rpki-client.org