Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa
File: 49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa (raw, json)
Hash identifier: ZSlkuOQZoEPBR07Hd+/FAHrZK8HDTnxv8DvCNXeILRc=
Subject key identifier: CC:50:31:13:22:9E:24:73:DF:20:73:30:2C:0E:76:72:61:05:84:5C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 60690F2B03396154FFCACEE5BA95319DA5442F0D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.192.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:69:0f:2b:03:39:61:54:ff:ca:ce:e5:ba:95:31:9d:a5:44:2f:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=d45c83c3c61669f5dc2801f03db5f75a7b1dc08fee68403f5cadcf787e426c41, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d1:6a:8e:a0:0c:fd:6e:62:8d:57:4f:86:aa:
2a:fb:36:81:c2:fc:52:fd:14:47:47:5b:de:bd:d8:
11:6a:00:a1:65:17:07:8f:a0:90:b1:c4:a5:2c:8a:
b8:97:c4:9a:51:05:c3:ed:15:ca:6b:01:16:4e:6b:
d1:d9:21:48:6d:35:ad:1a:5f:30:df:f4:d2:02:8e:
28:2e:dc:4b:56:fb:79:34:0e:b3:54:c8:cc:33:c7:
c4:0c:c7:40:be:a9:3c:73:82:1a:2f:41:fd:9a:9d:
ad:b5:8a:89:1a:f1:b4:87:63:9c:3c:dc:34:6b:12:
8a:73:42:03:a9:11:09:45:2a:9d:41:a2:70:01:02:
d3:6c:05:9e:ca:8b:84:cb:53:6e:cc:18:99:1b:61:
b1:9b:8d:b6:88:b2:f9:6e:f2:91:c1:f0:3f:ca:6c:
ea:76:2b:ed:d8:34:17:86:3c:bc:15:24:dd:86:b3:
f2:c8:27:a0:25:62:f0:d7:93:a6:18:f4:27:d8:e0:
35:35:03:2d:14:4f:f9:37:6d:40:4a:00:f7:cf:18:
33:08:ec:fc:f8:4c:b8:3d:8d:ee:a1:03:7f:37:b8:
f3:b2:58:6e:6b:9d:3b:bf:85:f4:70:03:e1:56:a5:
58:10:3d:dd:cd:07:66:bb:ad:aa:01:f6:50:c4:4a:
74:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:50:31:13:22:9E:24:73:DF:20:73:30:2C:0E:76:72:61:05:84:5C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.192.0.0/15
Signature Algorithm: sha256WithRSAEncryption
1e:01:70:6c:59:8d:cb:de:c0:14:b8:36:ba:10:64:ee:5b:e0:
c7:24:ce:56:8b:65:79:35:f1:7c:be:60:0d:45:34:2d:c6:d1:
b1:aa:8f:a6:c4:f8:eb:45:13:70:81:77:57:ea:78:b3:bc:40:
ad:c0:90:a5:f6:e8:fa:0f:5b:71:45:6a:91:1b:54:97:66:d2:
45:83:4d:67:ec:8c:57:ce:34:05:f2:7a:c5:54:d3:0e:e3:de:
2c:c7:9c:07:29:78:1a:b7:78:f2:9f:4c:2a:aa:e2:af:4d:a2:
35:4f:7a:36:13:e8:17:74:cd:93:63:6e:24:29:fb:e6:f5:9f:
c8:00:46:40:f9:cb:73:eb:c0:de:9f:f4:b0:a3:f6:12:75:d8:
f3:59:7a:51:89:67:3d:eb:fc:3c:2b:1a:6b:f0:d8:00:51:fd:
63:dc:bd:56:3b:fa:07:26:d8:a1:d8:1b:e4:31:e7:50:71:b7:
fb:1e:a3:a0:4e:d5:1a:cb:64:2e:3b:58:53:ac:dc:cb:c5:ea:
42:56:c2:bf:2e:0c:44:a6:2f:42:5d:c2:0d:90:64:16:89:49:
79:a9:ba:de:d9:2a:20:a2:5a:fb:d8:ed:ee:99:f6:cb:b4:9d:
5f:c8:fb:bb:e8:ae:c6:ee:e3:a8:a0:55:13:43:2f:b1:fd:dc:
dd:bf:13:f4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYGkPKwM5YVT/ys7lupUxnaVELw0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0NWM4M2MzYzYxNjY5ZjVkYzI4MDFmMDNkYjVmNzVhN2IxZGMwOGZlZTY4
NDAzZjVjYWRjZjc4N2U0MjZjNDExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJnRao6gDP1uYo1XT4aqKvs2gcL8Uv0UR0db3r3YEWoAoWUXB4+gkLHEpSyK
uJfEmlEFw+0VymsBFk5r0dkhSG01rRpfMN/00gKOKC7cS1b7eTQOs1TIzDPHxAzH
QL6pPHOCGi9B/ZqdrbWKiRrxtIdjnDzcNGsSinNCA6kRCUUqnUGicAEC02wFnsqL
hMtTbswYmRthsZuNtoiy+W7ykcHwP8ps6nYr7dg0F4Y8vBUk3Yaz8sgnoCVi8NeT
phj0J9jgNTUDLRRP+TdtQEoA988YMwjs/PhMuD2N7qEDfze487JYbmudO7+F9HAD
4ValWBA93c0HZrutqgH2UMRKdNECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTMUDET
Ip4kc98gczAsDnZyYQWEXDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDliMmI1ZDUtNDZhNy00MmEzLTk5MDAtYmNiN2UzZWRmZmRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPAMA0G
CSqGSIb3DQEBCwUAA4IBAQAeAXBsWY3L3sAUuDa6EGTuW+DHJM5Wi2V5NfF8vmAN
RTQtxtGxqo+mxPjrRRNwgXdX6nizvECtwJCl9uj6D1txRWqRG1SXZtJFg01n7IxX
zjQF8nrFVNMO494sx5wHKXgat3jyn0wqquKvTaI1T3o2E+gXdM2TY24kKfvm9Z/I
AEZA+ctz68Den/Swo/YSddjzWXpRiWc96/w8Kxpr8NgAUf1j3L1WO/oHJtih2Bvk
MedQcbf7HqOgTtUay2QuO1hTrNzLxepCVsK/LgxEpi9CXcINkGQWiUl5qbre2Sog
olr72O3umfbLtJ1fyPu76K7G7uOooFUTQy+x/dzdvxP0
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:27 2023 by rpki-client on console-ams.rpki-client.org