Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5a7af8cb-5cfa-4914-965e-5e6a4b8c16f5.roa
File: 5a7af8cb-5cfa-4914-965e-5e6a4b8c16f5.roa (raw, json)
Hash identifier: TpUlG5vjkIvrO9+4Q1+8MtjaXB+OMYHcKVHjny/1czs=
Subject key identifier: 3C:08:D1:A6:CE:96:13:2C:C9:80:F2:63:46:36:AA:7F:03:6F:83:25
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 43F381A31FD9E862338D7F954D98E828E8FE1D95
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5a7af8cb-5cfa-4914-965e-5e6a4b8c16f5.roa
Signing time: Sat 30 Sep 2023 00:00:00 +0000
ROA not before: Sat 30 Sep 2023 00:00:00 +0000
ROA not after: Sat 04 Nov 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.112.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 30 Sep 2023 16:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:f3:81:a3:1f:d9:e8:62:33:8d:7f:95:4d:98:e8:28:e8:fe:1d:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 30 00:00:00 2023 GMT
Not After : Nov 4 23:59:59 2023 GMT
Subject: serialNumber=4b143a8bbacaa67d8f7784d0018421aea802ccd2d5a216987f3bc8ca7e87c983, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:41:5a:64:ad:b0:11:8e:c4:e4:ac:e8:02:01:
bf:08:f6:f9:ca:6c:e1:d6:0a:e8:fd:78:ce:40:75:
28:b1:01:50:3d:f1:40:79:da:bb:e9:46:13:63:62:
a0:98:54:05:a5:17:94:56:86:79:b4:4d:8f:21:c1:
90:61:d6:f3:c9:38:eb:cb:ac:f7:ef:79:b9:25:dc:
7d:74:d9:d7:2f:b9:fe:40:fc:01:31:28:92:f6:8b:
ee:85:22:4c:3c:fd:17:c0:ba:a8:ea:ad:da:aa:0a:
78:85:3a:d0:15:50:2f:30:b9:9b:2b:45:21:9e:21:
46:50:51:d3:44:da:17:78:80:71:67:d2:5b:8c:26:
99:57:fe:01:96:25:5c:dc:a7:fa:e0:93:78:4c:4f:
ca:ba:55:69:07:af:9b:69:5d:0b:86:0b:f2:f9:34:
bd:b8:25:9b:09:f8:61:58:a7:99:12:59:4e:8e:ac:
8a:41:1d:ae:09:40:d4:28:39:e7:ee:c3:1d:4b:97:
41:02:09:68:0f:9b:a4:33:12:6d:1b:6e:6e:60:6d:
da:a7:3b:81:19:7c:af:62:2e:06:03:ac:b0:dc:fd:
21:f1:0a:86:a1:0f:3e:ba:8c:b3:a5:9c:cd:de:c5:
7f:76:f2:e3:c9:a7:60:23:16:20:6a:eb:ac:a5:ca:
3a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:08:D1:A6:CE:96:13:2C:C9:80:F2:63:46:36:AA:7F:03:6F:83:25
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5a7af8cb-5cfa-4914-965e-5e6a4b8c16f5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.112.0.0/16
Signature Algorithm: sha256WithRSAEncryption
74:c3:70:fe:3e:34:0b:13:7a:95:ea:37:72:df:d2:74:75:d5:
3b:50:96:78:a8:00:f8:f8:4d:47:5e:f1:d5:04:25:d5:59:58:
00:88:90:09:2d:9e:ec:7d:33:b1:66:80:cd:0d:85:e5:ae:03:
8f:7e:64:f4:bb:ea:df:cb:1a:f4:b0:d1:a7:1c:a5:74:70:cb:
c1:67:8f:05:86:c9:46:10:44:14:51:07:da:ce:2a:3e:e2:ed:
b1:26:87:42:d0:85:37:85:27:ba:86:49:05:a9:69:e8:14:26:
42:dc:0e:83:22:37:23:c3:fc:45:c9:b9:1f:e6:be:d5:58:cf:
41:32:71:6f:22:91:34:ad:67:5c:8b:06:c1:50:c4:14:0b:87:
bd:6f:79:8b:ba:86:a1:7f:6a:96:ab:7e:a0:c3:7c:0b:f8:54:
56:c1:47:43:b8:fc:2f:60:70:af:d7:9e:e0:14:5d:a6:74:5f:
20:73:d2:78:25:0c:b1:14:64:a6:79:0b:84:f3:c1:a0:b8:c0:
48:5e:d0:be:8f:5a:9e:ad:cb:4c:bb:af:bf:84:1e:09:19:22:
0b:73:a5:7c:07:7e:d2:ee:0a:af:41:d5:fa:1c:db:6b:7c:8f:
7a:b1:92:58:c3:cc:07:cc:3a:df:f4:38:fd:34:48:df:e5:ff:
e4:bd:40:a3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQ/OBox/Z6GIzjX+VTZjoKOj+HZUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MzAwMDAwMDBaFw0yMzExMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiMTQzYThiYmFjYWE2N2Q4Zjc3ODRkMDAxODQyMWFlYTgwMmNjZDJkNWEy
MTY5ODdmM2JjOGNhN2U4N2M5ODMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALFBWmStsBGOxOSs6AIBvwj2+cps4dYK6P14zkB1KLEBUD3xQHnau+lGE2Ni
oJhUBaUXlFaGebRNjyHBkGHW88k468us9+95uSXcfXTZ1y+5/kD8ATEokvaL7oUi
TDz9F8C6qOqt2qoKeIU60BVQLzC5mytFIZ4hRlBR00TaF3iAcWfSW4wmmVf+AZYl
XNyn+uCTeExPyrpVaQevm2ldC4YL8vk0vbglmwn4YVinmRJZTo6sikEdrglA1Cg5
5+7DHUuXQQIJaA+bpDMSbRtubmBt2qc7gRl8r2IuBgOssNz9IfEKhqEPPrqMs6Wc
zd7Ff3by48mnYCMWIGrrrKXKOkMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ8CNGm
zpYTLMmA8mNGNqp/A2+DJTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWE3YWY4Y2ItNWNmYS00OTE0LTk2NWUtNWU2YTRiOGMxNmY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNwMA0G
CSqGSIb3DQEBCwUAA4IBAQB0w3D+PjQLE3qV6jdy39J0ddU7UJZ4qAD4+E1HXvHV
BCXVWVgAiJAJLZ7sfTOxZoDNDYXlrgOPfmT0u+rfyxr0sNGnHKV0cMvBZ48FhslG
EEQUUQfazio+4u2xJodC0IU3hSe6hkkFqWnoFCZC3A6DIjcjw/xFybkf5r7VWM9B
MnFvIpE0rWdciwbBUMQUC4e9b3mLuoahf2qWq36gw3wL+FRWwUdDuPwvYHCv157g
FF2mdF8gc9J4JQyxFGSmeQuE88GguMBIXtC+j1qerctMu6+/hB4JGSILc6V8B37S
7gqvQdX6HNtrfI96sZJYw8wHzDrf9Dj9NEjf5f/kvUCj
-----END CERTIFICATE-----
Generated at Sat Sep 30 00:51:04 2023 by rpki-client on console-fra.rpki-client.org