Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa
File: 5b05d201-6089-4826-a4dd-c7a9d71bd900.roa (raw, json)
Hash identifier: hNGT8xxG5eDTlLQhRgEbogV7y79fNTOopblliDxHFnQ=
Subject key identifier: C5:96:F6:E8:FB:5F:C5:C0:51:D6:A9:C6:FC:AC:D1:23:41:51:C1:17
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0794D40D9F5255DC795C92E8E1773B8C3CEAEB5E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.102.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Sep 2023 23:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:94:d4:0d:9f:52:55:dc:79:5c:92:e8:e1:77:3b:8c:3c:ea:eb:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=aa9a7df2fbd90a2168763b165c6b86220365aea0b9bf7411798cb8aefe1bb80b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f3:5d:66:1f:a7:d4:a0:a1:64:b8:da:37:ee:
48:45:6d:15:2e:88:01:ca:ca:81:b4:df:c2:92:14:
25:ae:4a:0c:56:3b:0f:b6:83:fb:c1:0d:b4:41:0d:
ce:e6:81:3f:b0:d1:83:51:f3:6e:40:c1:53:1d:41:
b7:06:90:e0:5c:cc:33:70:be:25:57:d8:f2:a5:77:
20:d1:d0:25:13:65:9e:fb:4c:19:90:25:c9:9d:e2:
57:e9:5a:e0:1d:bb:b1:6c:1c:8d:1a:8b:3a:08:b2:
2a:be:c7:a9:bf:e7:10:29:32:5b:49:68:e9:ab:2c:
ec:70:42:22:0b:e0:2c:f7:07:b1:ce:ec:5d:09:3e:
00:2f:70:2b:0e:1f:1d:e5:8e:29:56:19:66:82:a1:
34:8e:91:12:03:92:64:d4:0d:06:ac:0a:98:e5:15:
cc:c9:1d:6f:ac:19:70:d9:e0:52:47:41:2e:db:7c:
9f:d3:f7:4e:5a:82:bf:fe:b8:5f:3f:dc:3d:0e:53:
b5:59:aa:9e:35:d4:a9:f9:79:71:9f:3e:b1:08:ea:
df:6c:34:64:f6:75:aa:be:d1:bd:8c:33:33:b2:c2:
e0:e1:b8:57:f7:d9:46:28:0e:3a:0c:3c:4b:aa:38:
e1:75:0d:59:76:5e:35:86:f7:2a:b6:30:d1:52:9e:
ef:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:96:F6:E8:FB:5F:C5:C0:51:D6:A9:C6:FC:AC:D1:23:41:51:C1:17
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.102.0.0/16
Signature Algorithm: sha256WithRSAEncryption
91:53:5d:b2:03:73:a0:0f:ce:dc:42:3c:a7:b0:3f:a2:47:1e:
50:47:73:1b:e3:f7:f2:fb:7a:60:1b:db:a6:3a:83:35:6b:32:
f5:a9:da:fe:58:9d:c4:c1:c3:9e:93:0c:6b:77:57:bf:08:4f:
e0:53:46:8b:42:64:38:73:57:28:40:10:44:67:e9:ee:ad:c4:
45:fb:be:a9:e1:24:87:9b:f2:a8:80:f5:8d:2b:47:a9:bf:3e:
0d:fc:29:34:8e:62:49:89:23:b7:ad:95:5c:d9:0a:69:35:f4:
0a:fb:b8:5c:39:eb:ad:22:b7:4c:32:5b:3a:44:7b:1a:41:1e:
2b:c9:33:68:92:1b:07:36:ca:ca:01:fb:e7:63:70:99:74:7e:
da:b8:21:0c:d1:a0:e8:87:8e:69:00:42:d2:f0:c2:2b:10:76:
46:d3:5f:cb:93:e5:e9:bc:21:8a:e1:1f:20:80:28:c9:d7:bc:
95:11:36:f4:fa:14:4d:0f:5c:e5:5d:1d:0f:6b:c0:77:58:bf:
8f:0b:b9:3e:81:2e:90:a8:65:74:88:2e:d6:14:a6:0d:8c:9d:
2d:73:8a:e1:15:86:ec:67:1e:47:07:59:18:f8:5d:87:b7:d4:
50:e6:c1:04:71:a4:ad:7e:48:9f:42:14:05:5d:36:75:24:44:
99:05:c2:0a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUB5TUDZ9SVdx5XJLo4Xc7jDzq614wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGFhOWE3ZGYyZmJkOTBhMjE2ODc2M2IxNjVjNmI4NjIyMDM2NWFlYTBiOWJm
NzQxMTc5OGNiOGFlZmUxYmI4MGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMPzXWYfp9SgoWS42jfuSEVtFS6IAcrKgbTfwpIUJa5KDFY7D7aD+8ENtEEN
zuaBP7DRg1HzbkDBUx1BtwaQ4FzMM3C+JVfY8qV3INHQJRNlnvtMGZAlyZ3iV+la
4B27sWwcjRqLOgiyKr7Hqb/nECkyW0lo6ass7HBCIgvgLPcHsc7sXQk+AC9wKw4f
HeWOKVYZZoKhNI6REgOSZNQNBqwKmOUVzMkdb6wZcNngUkdBLtt8n9P3TlqCv/64
Xz/cPQ5TtVmqnjXUqfl5cZ8+sQjq32w0ZPZ1qr7RvYwzM7LC4OG4V/fZRigOOgw8
S6o44XUNWXZeNYb3KrYw0VKe7xUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTFlvbo
+1/FwFHWqcb8rNEjQVHBFzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWIwNWQyMDEtNjA4OS00ODI2LWE0ZGQtYzdhOWQ3MWJkOTAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNmMA0G
CSqGSIb3DQEBCwUAA4IBAQCRU12yA3OgD87cQjynsD+iRx5QR3Mb4/fy+3pgG9um
OoM1azL1qdr+WJ3EwcOekwxrd1e/CE/gU0aLQmQ4c1coQBBEZ+nurcRF+76p4SSH
m/KogPWNK0epvz4N/Ck0jmJJiSO3rZVc2QppNfQK+7hcOeutIrdMMls6RHsaQR4r
yTNokhsHNsrKAfvnY3CZdH7auCEM0aDoh45pAELS8MIrEHZG01/Lk+XpvCGK4R8g
gCjJ17yVETb0+hRND1zlXR0Pa8B3WL+PC7k+gS6QqGV0iC7WFKYNjJ0tc4rhFYbs
Zx5HB1kY+F2Ht9RQ5sEEcaStfkifQhQFXTZ1JESZBcIK
-----END CERTIFICATE-----
Generated at Fri Sep 8 00:38:22 2023 by rpki-client on console-ams.rpki-client.org