Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ccf05a8-b4fe-4e2c-9ad2-733a33029e21.roa
File: 5ccf05a8-b4fe-4e2c-9ad2-733a33029e21.roa (raw, json)
Hash identifier: DxBhrQkN/zIz2nAywnlDCYRwFnQov6jlhz5+TOuP0us=
Subject key identifier: DE:D0:EB:21:BC:ED:92:F0:1A:CF:00:0E:78:E8:8A:E6:83:28:D6:A5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5F7065F883929364F0186B65126AE307EDDF8C6E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ccf05a8-b4fe-4e2c-9ad2-733a33029e21.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.224.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:70:65:f8:83:92:93:64:f0:18:6b:65:12:6a:e3:07:ed:df:8c:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=f630d1bc7876016e87556c575724ac9eafe605c049917f20f6c3bea70f1efe5d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:aa:26:3c:2c:08:b6:ad:89:2a:28:b0:7a:60:
97:38:ed:04:37:cc:ca:4b:43:61:40:c9:ab:e8:40:
14:03:c3:42:07:e6:a0:cb:30:48:cb:02:87:a9:f8:
43:6a:b1:42:98:0c:e4:85:c6:48:ff:4b:79:24:7e:
f0:86:cf:ae:89:51:d2:9b:5a:f5:3e:97:18:ec:9d:
c8:80:07:f6:69:9f:e9:aa:89:62:11:f2:33:2e:4f:
6e:25:00:b1:35:0b:03:33:84:5a:11:64:d3:4e:36:
fc:c4:39:9e:0e:00:e8:64:2e:cb:8a:39:a2:76:b0:
bf:c3:77:d6:9c:e1:5a:ed:cc:b4:fd:da:d2:bc:97:
fa:09:3a:cf:92:55:96:d0:68:4f:ab:be:cd:55:18:
6e:7b:ad:5f:37:a0:fa:6b:86:c6:13:ec:1d:d4:fd:
82:d9:be:d4:17:2b:44:a4:fb:da:50:c8:c4:e6:c4:
d3:85:e4:5b:8b:db:a6:ac:18:1f:95:79:50:35:21:
8f:da:b4:28:e8:82:82:03:13:8b:c4:4b:66:54:3f:
70:76:9d:65:d6:4f:57:23:d9:47:5c:ad:25:97:b4:
c7:4c:b7:45:44:9f:4f:92:df:9e:d6:a7:1c:c5:eb:
2e:cf:9a:e3:c4:d9:e6:41:93:c5:13:d9:54:61:c1:
ec:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:D0:EB:21:BC:ED:92:F0:1A:CF:00:0E:78:E8:8A:E6:83:28:D6:A5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ccf05a8-b4fe-4e2c-9ad2-733a33029e21.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.224.0.0/15
Signature Algorithm: sha256WithRSAEncryption
0d:7c:48:f0:07:aa:50:61:85:0f:e6:ce:ae:45:60:c9:70:76:
2d:db:c4:9a:07:8f:20:c0:84:d8:d9:a5:27:a5:03:5b:3e:94:
c4:ef:68:bd:51:72:8f:8a:07:19:be:c6:5f:01:f8:8d:d9:6c:
85:4a:65:3c:68:fc:89:82:74:5a:ad:5f:b7:7c:56:41:3e:ef:
47:e4:fe:0c:06:aa:a4:88:8e:55:5f:fc:44:8b:0c:70:dc:4f:
ec:5c:2a:d4:db:68:f3:d2:a1:4d:40:47:64:c3:cc:56:ea:b5:
a2:71:d5:53:72:dd:9d:c0:db:6c:2e:de:16:18:74:b2:b4:4c:
67:f6:0b:e6:ec:48:a3:5c:e4:7d:d5:3a:b2:7a:c8:d4:6b:4c:
00:5a:7f:68:9f:8e:b7:73:fd:12:d2:9a:c3:44:a9:24:b2:53:
13:6a:39:e2:1b:d1:bc:71:6e:5e:19:35:9b:ca:74:47:f2:b4:
be:eb:7e:a7:48:c3:aa:4f:70:ca:7e:32:a1:92:99:56:77:cf:
11:6b:37:e8:a6:c6:63:01:fc:95:57:8a:c1:06:3d:a3:ee:bc:
bf:9b:c6:4d:70:5a:68:fd:2a:c5:32:a6:fd:2f:9b:32:ab:22:
a6:a9:65:ec:bf:6f:14:2a:94:fc:0b:8d:d6:1e:3f:6f:0c:7d:
aa:1c:8b:2a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUX3Bl+IOSk2TwGGtlEmrjB+3fjG4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGY2MzBkMWJjNzg3NjAxNmU4NzU1NmM1NzU3MjRhYzllYWZlNjA1YzA0OTkx
N2YyMGY2YzNiZWE3MGYxZWZlNWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6qJjwsCLatiSoosHpglzjtBDfMyktDYUDJq+hAFAPDQgfmoMswSMsCh6n4
Q2qxQpgM5IXGSP9LeSR+8IbProlR0pta9T6XGOydyIAH9mmf6aqJYhHyMy5PbiUA
sTULAzOEWhFk0042/MQ5ng4A6GQuy4o5onawv8N31pzhWu3MtP3a0ryX+gk6z5JV
ltBoT6u+zVUYbnutXzeg+muGxhPsHdT9gtm+1BcrRKT72lDIxObE04XkW4vbpqwY
H5V5UDUhj9q0KOiCggMTi8RLZlQ/cHadZdZPVyPZR1ytJZe0x0y3RUSfT5Lfntan
HMXrLs+a48TZ5kGTxRPZVGHB7AsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTe0Osh
vO2S8BrPAA546IrmgyjWpTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWNjZjA1YTgtYjRmZS00ZTJjLTlhZDItNzMzYTMzMDI5ZTIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPgMA0G
CSqGSIb3DQEBCwUAA4IBAQANfEjwB6pQYYUP5s6uRWDJcHYt28SaB48gwITY2aUn
pQNbPpTE72i9UXKPigcZvsZfAfiN2WyFSmU8aPyJgnRarV+3fFZBPu9H5P4MBqqk
iI5VX/xEiwxw3E/sXCrU22jz0qFNQEdkw8xW6rWicdVTct2dwNtsLt4WGHSytExn
9gvm7EijXOR91TqyesjUa0wAWn9on463c/0S0prDRKkkslMTajniG9G8cW5eGTWb
ynRH8rS+636nSMOqT3DKfjKhkplWd88RazfopsZjAfyVV4rBBj2j7ry/m8ZNcFpo
/SrFMqb9L5syqyKmqWXsv28UKpT8C43WHj9vDH2qHIsq
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:27 2023 by rpki-client on console-ams.rpki-client.org