Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51429a37-e3fd-4b49-a184-1e07ed522f97.roa
File: 51429a37-e3fd-4b49-a184-1e07ed522f97.roa (raw, json)
Hash identifier: znTSpn6tiJojwgmHceBC7lJW82mJPOLOiiezWW1RmWw=
Subject key identifier: 47:0C:23:9D:26:17:86:9D:AD:47:B9:F3:8D:35:45:0A:98:4B:85:F6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6BF920F560A6540B56A4F2BDD76167FEBFD90DA3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51429a37-e3fd-4b49-a184-1e07ed522f97.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.3.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Sep 2023 23:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:f9:20:f5:60:a6:54:0b:56:a4:f2:bd:d7:61:67:fe:bf:d9:0d:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=b5e6777e54ed4d02a98f3a7c61870fd2eb84db88ee00d5b514b5571e5294855a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:cd:72:c7:c3:a0:3e:93:45:48:96:2b:7e:9a:
8b:97:7b:bf:0e:f9:22:7c:63:ae:c3:34:95:93:c3:
cf:47:49:99:fd:ce:1a:2f:f0:c7:47:1d:27:da:c3:
ce:73:d5:f6:34:fa:79:97:70:f7:bd:fb:85:0b:03:
42:61:16:1c:18:c3:30:8a:76:c0:33:81:3a:c8:1d:
69:6f:0a:b6:87:d1:a5:b6:55:a5:67:f0:e5:6b:69:
f2:da:d1:75:8f:b8:aa:1f:ae:8a:67:af:3f:aa:c3:
9b:d6:26:74:e0:14:2f:7d:27:93:6b:4b:47:8d:dc:
07:74:75:bc:48:2c:75:55:92:d7:5c:1f:18:39:fc:
d6:c9:b3:62:1c:06:7f:47:4d:fc:46:f7:5d:24:d1:
98:82:e0:cf:7b:52:63:e3:26:7b:28:60:e8:45:37:
18:a1:c1:5a:76:5a:59:25:9b:a7:cd:0e:59:77:1e:
df:db:15:c8:08:83:4d:13:25:f8:b2:b7:83:00:f2:
b9:5d:6e:99:8b:a9:3c:4f:6a:59:7b:b2:78:c1:b7:
36:67:97:1d:52:36:b0:78:b2:d3:5c:f6:25:25:3b:
f7:85:b3:00:61:3b:af:42:19:be:82:9a:c6:c5:90:
17:b0:42:fb:b8:e3:e5:93:05:c8:e6:8e:62:2a:17:
af:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:0C:23:9D:26:17:86:9D:AD:47:B9:F3:8D:35:45:0A:98:4B:85:F6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51429a37-e3fd-4b49-a184-1e07ed522f97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.3.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2f:9a:25:a7:bd:b6:67:02:25:7d:0d:44:9a:53:82:7b:1c:ba:
c1:a3:52:d1:47:4b:f8:d5:75:86:70:44:75:09:37:18:9e:a4:
43:e1:28:76:d2:c1:09:ea:94:88:33:3f:8f:aa:0a:d0:1c:a0:
5d:36:48:44:13:bb:3f:ca:a5:92:d9:ca:ca:45:2c:41:78:6b:
6c:30:db:a8:4b:0b:a1:6b:56:e4:f0:7f:a0:17:11:18:a8:49:
93:1f:c4:bc:91:f2:38:f7:a5:4a:8a:18:6b:39:fb:27:86:17:
00:7d:f2:5e:8b:fc:1c:e8:6c:7f:38:d8:46:a0:b7:e0:b1:a3:
ef:b4:7f:b8:8c:1a:b3:26:88:18:20:79:c2:6f:6d:b7:ef:f5:
e8:84:b0:6b:66:a2:78:72:db:66:d9:5b:6c:25:e6:38:ee:b6:
79:4a:a8:ed:be:5c:11:af:69:fb:46:f6:54:ab:08:75:ea:b1:
c5:52:f3:91:0d:19:ad:01:8e:09:14:62:90:86:71:f2:82:16:
fa:77:bb:6b:e0:43:72:e0:ca:24:8b:0c:20:54:0a:ed:7f:ec:
08:b9:65:84:98:5d:3f:8e:51:65:3d:24:f5:05:7b:d6:36:8c:
fa:7f:aa:2a:38:5e:f6:67:86:c1:ca:32:cb:aa:e7:d5:78:83:
31:21:9e:01
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUa/kg9WCmVAtWpPK912Fn/r/ZDaMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1ZTY3NzdlNTRlZDRkMDJhOThmM2E3YzYxODcwZmQyZWI4NGRiODhlZTAw
ZDViNTE0YjU1NzFlNTI5NDg1NWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbNcsfDoD6TRUiWK36ai5d7vw75InxjrsM0lZPDz0dJmf3OGi/wx0cdJ9rD
znPV9jT6eZdw9737hQsDQmEWHBjDMIp2wDOBOsgdaW8KtofRpbZVpWfw5Wtp8trR
dY+4qh+uimevP6rDm9YmdOAUL30nk2tLR43cB3R1vEgsdVWS11wfGDn81smzYhwG
f0dN/Eb3XSTRmILgz3tSY+Mmeyhg6EU3GKHBWnZaWSWbp80OWXce39sVyAiDTRMl
+LK3gwDyuV1umYupPE9qWXuyeMG3NmeXHVI2sHiy01z2JSU794WzAGE7r0IZvoKa
xsWQF7BC+7jj5ZMFyOaOYioXr3kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRHDCOd
JheGna1HufONNUUKmEuF9jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTE0MjlhMzctZTNmZC00YjQ5LWExODQtMWUwN2VkNTIyZjk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMDMA0G
CSqGSIb3DQEBCwUAA4IBAQAvmiWnvbZnAiV9DUSaU4J7HLrBo1LRR0v41XWGcER1
CTcYnqRD4Sh20sEJ6pSIMz+PqgrQHKBdNkhEE7s/yqWS2crKRSxBeGtsMNuoSwuh
a1bk8H+gFxEYqEmTH8S8kfI496VKihhrOfsnhhcAffJei/wc6Gx/ONhGoLfgsaPv
tH+4jBqzJogYIHnCb2237/XohLBrZqJ4cttm2VtsJeY47rZ5SqjtvlwRr2n7RvZU
qwh16rHFUvORDRmtAY4JFGKQhnHyghb6d7tr4ENy4MokiwwgVArtf+wIuWWEmF0/
jlFlPST1BXvWNoz6f6oqOF72Z4bByjLLqufVeIMxIZ4B
-----END CERTIFICATE-----
Generated at Fri Sep 8 00:23:34 2023 by rpki-client on console-fra.rpki-client.org