Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/70f878ce-a193-47ae-b517-318c2b88892f.roa
File: 70f878ce-a193-47ae-b517-318c2b88892f.roa (raw, json)
Hash identifier: kk/mtcWC1rXCbQDPUrYkBP+sQXxqsfcpyI4JLsYog70=
Subject key identifier: 17:1C:E7:47:1C:23:D3:A4:7C:1B:9E:C4:F1:D8:8C:41:CD:7C:58:DA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 41E75A373F385688451DF93DBFBCA744E34C9CB6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/70f878ce-a193-47ae-b517-318c2b88892f.roa
Signing time: Fri 22 Sep 2023 00:00:00 +0000
ROA not before: Fri 22 Sep 2023 00:00:00 +0000
ROA not after: Fri 27 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Sep 2023 11:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:e7:5a:37:3f:38:56:88:45:1d:f9:3d:bf:bc:a7:44:e3:4c:9c:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 22 00:00:00 2023 GMT
Not After : Oct 27 23:59:59 2023 GMT
Subject: serialNumber=4176d3bd943111cf60b87f3b990c0879d94cb7087b1e429398c5057470d70cab, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c8:bf:d3:82:54:1e:d7:a6:db:55:be:45:53:
80:92:7e:14:54:81:88:00:f9:52:53:00:ab:01:94:
d9:8d:54:e1:f2:d2:f0:44:c9:19:1d:7f:5a:db:8b:
fb:ac:3f:dc:fc:4a:4b:34:bf:42:23:6b:26:fd:a3:
4e:b8:ba:f4:b0:6d:fa:0a:35:55:5f:c0:c7:2d:d9:
ca:aa:94:a4:19:a6:c8:68:eb:04:d9:bf:2a:ab:dc:
a3:1f:2a:64:35:6d:15:77:d0:40:e9:45:27:b2:5c:
b2:1e:ad:38:38:c0:c5:15:73:27:59:74:32:19:9a:
30:1d:e7:19:c2:2d:2d:26:a2:3a:3c:20:73:96:e0:
16:74:5f:6e:a1:f0:4f:00:12:b9:b2:86:34:dd:10:
c1:3b:f0:47:c0:ca:91:bc:5b:17:f0:ff:79:b4:9d:
22:4e:a0:1a:4a:fe:4a:26:76:ce:84:ce:1b:9e:d2:
89:01:ac:eb:6a:9e:ce:48:01:89:86:7a:2a:41:9f:
8e:13:00:f6:fe:e5:ae:46:e4:8a:13:ad:fb:d5:8e:
32:65:7d:17:50:b6:b2:e0:c6:9c:df:99:e2:d9:b3:
c0:cd:d3:19:f5:6c:b7:b7:a6:fa:e8:7e:03:f1:88:
8c:37:c1:70:a8:fb:e9:c1:49:0e:1c:50:5a:04:11:
be:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:1C:E7:47:1C:23:D3:A4:7C:1B:9E:C4:F1:D8:8C:41:CD:7C:58:DA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/70f878ce-a193-47ae-b517-318c2b88892f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.96.0/21
Signature Algorithm: sha256WithRSAEncryption
bc:a3:82:85:49:c2:2c:cb:9e:4d:3e:62:3f:5f:64:c6:35:22:
1d:13:6a:3d:a4:a7:eb:9d:b3:27:66:b3:49:08:0f:94:8f:ee:
64:0f:03:19:96:ff:93:73:3f:89:04:23:5b:50:d4:98:b1:ab:
aa:03:a5:31:f2:63:9b:a5:0b:ae:8b:e3:28:1c:67:83:27:41:
4c:f5:b8:b8:50:d8:20:c1:20:3c:c4:c7:af:0f:13:21:15:d8:
6f:04:fd:4d:ec:7e:a0:4c:b1:4c:9c:9a:8b:f4:f7:45:b7:a5:
f8:0e:40:53:21:47:2a:b2:3a:57:a2:91:17:4c:cb:a8:dd:ad:
9b:b0:28:bc:50:f1:64:73:ba:87:a4:4e:04:cd:20:29:47:82:
2d:b8:83:61:80:b4:c1:2a:e8:cb:91:90:b3:05:d3:0e:84:63:
9e:12:5c:03:39:06:bc:7d:34:3f:37:2d:24:2e:70:d5:0b:b9:
d9:bb:d3:37:07:df:05:0f:de:76:26:8b:eb:27:a2:a0:dd:71:
2b:10:d4:1c:cd:3b:14:55:22:d4:7b:ed:22:61:0e:79:06:32:
44:46:8f:36:cc:ee:07:8f:8f:b8:bb:e9:a6:33:21:ab:5b:08:
33:13:02:d9:de:f0:f2:95:0d:69:df:fa:44:27:58:2e:52:e6:
96:a7:4f:19
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQedaNz84VohFHfk9v7ynRONMnLYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MjIwMDAwMDBaFw0yMzEwMjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDQxNzZkM2JkOTQzMTExY2Y2MGI4N2YzYjk5MGMwODc5ZDk0Y2I3MDg3YjFl
NDI5Mzk4YzUwNTc0NzBkNzBjYWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMDIv9OCVB7XpttVvkVTgJJ+FFSBiAD5UlMAqwGU2Y1U4fLS8ETJGR1/WtuL
+6w/3PxKSzS/QiNrJv2jTri69LBt+go1VV/Axy3ZyqqUpBmmyGjrBNm/Kqvcox8q
ZDVtFXfQQOlFJ7Jcsh6tODjAxRVzJ1l0MhmaMB3nGcItLSaiOjwgc5bgFnRfbqHw
TwASubKGNN0QwTvwR8DKkbxbF/D/ebSdIk6gGkr+SiZ2zoTOG57SiQGs62qezkgB
iYZ6KkGfjhMA9v7lrkbkihOt+9WOMmV9F1C2suDGnN+Z4tmzwM3TGfVst7em+uh+
A/GIjDfBcKj76cFJDhxQWgQRvikCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQXHOdH
HCPTpHwbnsTx2IxBzXxY2jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzBmODc4Y2UtYTE5My00N2FlLWI1MTctMzE4YzJiODg4OTJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAYDAN
BgkqhkiG9w0BAQsFAAOCAQEAvKOChUnCLMueTT5iP19kxjUiHRNqPaSn652zJ2az
SQgPlI/uZA8DGZb/k3M/iQQjW1DUmLGrqgOlMfJjm6ULrovjKBxngydBTPW4uFDY
IMEgPMTHrw8TIRXYbwT9Tex+oEyxTJyai/T3Rbel+A5AUyFHKrI6V6KRF0zLqN2t
m7AovFDxZHO6h6ROBM0gKUeCLbiDYYC0wSroy5GQswXTDoRjnhJcAzkGvH00Pzct
JC5w1Qu52bvTNwffBQ/ediaL6yeioN1xKxDUHM07FFUi1HvtImEOeQYyREaPNszu
B4+PuLvppjMhq1sIMxMC2d7w8pUNad/6RCdYLlLmlqdPGQ==
-----END CERTIFICATE-----
Generated at Fri Sep 22 17:21:14 2023 by rpki-client on console-ams.rpki-client.org