Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
File: 83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa (raw, json)
Hash identifier: QWabzbDZq2Z8Z21rlRNJbgEOghMxfG2j0x6qA2R5mVg=
Subject key identifier: FA:8B:3A:4E:84:EE:6F:4C:86:CB:C3:94:80:84:97:2D:A3:7D:5C:4A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0A7402AB7B7B1729C939B4464C162AEA6A812DEE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.150.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:74:02:ab:7b:7b:17:29:c9:39:b4:46:4c:16:2a:ea:6a:81:2d:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=51425c042aa46b399c60def27947f5b426ca72141594153fa579a578947ff1f4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:8e:3f:47:c6:9c:13:5b:aa:e4:9c:75:0c:0c:
0d:73:8a:24:f4:28:ee:87:2d:00:08:8e:6c:6c:27:
13:ec:d3:de:c0:53:87:7c:91:f9:88:c3:82:dd:a7:
20:11:0d:ab:a0:1b:e7:20:c7:69:26:d3:9d:f7:98:
1d:8e:42:a1:f1:47:28:2c:46:19:08:8a:4e:e5:bb:
7f:dc:7c:0f:c3:b0:84:8f:3c:26:a4:4a:78:b5:e4:
b6:bd:93:6c:54:73:b7:ca:f0:c6:82:21:d4:19:5c:
ce:49:75:dd:31:c9:e1:fe:7e:4c:8f:71:9c:9e:14:
a8:df:5c:f3:d0:23:da:07:7e:87:93:92:91:bf:71:
cc:4f:81:40:24:91:4a:54:f7:5c:8f:aa:e4:f6:68:
f0:ea:b8:55:ae:94:35:72:7b:09:88:bc:39:c6:94:
90:26:c0:a5:2a:5c:f0:40:e9:80:10:29:9f:c4:99:
32:77:a5:18:8f:80:37:c8:7b:db:0a:17:fb:53:df:
30:64:6a:0f:2b:39:96:31:a0:f6:6d:be:a8:1e:52:
82:d2:5f:5e:06:39:54:bf:7f:6a:21:f1:68:ae:59:
2f:6c:52:02:37:ec:53:e8:4b:ab:79:71:1d:15:35:
61:09:e0:2a:cf:ec:df:f3:30:05:50:94:ae:49:50:
fc:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:8B:3A:4E:84:EE:6F:4C:86:CB:C3:94:80:84:97:2D:A3:7D:5C:4A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.150.0.0/16
Signature Algorithm: sha256WithRSAEncryption
54:a9:8d:30:52:4b:08:16:32:49:8b:09:07:5d:ac:6a:0b:77:
0e:f8:7f:69:08:49:f0:28:7a:06:b6:11:59:fe:66:d1:05:8b:
e8:4e:33:da:a9:68:a2:60:44:cd:c8:b3:18:bf:de:e1:0b:65:
42:b3:6a:69:96:39:ec:81:3b:18:68:49:12:14:0b:f5:e8:70:
e1:cc:05:8b:f3:f6:aa:fb:80:38:d9:4d:b5:7f:de:3a:dc:41:
7e:3e:f6:83:7f:fc:f0:36:7b:4d:2e:f6:b5:f9:65:ea:ab:00:
8f:37:2f:74:9c:5d:e1:e5:03:0c:1e:de:66:16:9a:b7:6a:23:
c6:70:b9:90:16:c3:6c:0d:be:09:47:87:65:65:4f:d8:ad:cf:
ca:21:67:08:5b:0a:55:65:09:d3:f8:5c:94:f3:f3:4f:df:a4:
2a:7a:d1:9f:02:8b:49:1e:06:72:e0:65:c0:29:75:f5:70:f8:
00:c6:ca:e4:8a:fc:63:58:78:12:d4:67:a4:92:ca:15:1b:55:
e5:ac:de:de:06:9d:78:53:9e:f2:66:ed:31:f2:f4:84:06:ef:
56:79:79:47:64:79:94:b9:89:84:d6:15:59:76:a9:18:dc:3e:
63:95:f5:49:68:5f:bd:34:b1:49:11:cc:2d:bd:db:d3:e3:e9:
fe:04:86:84
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCnQCq3t7FynJObRGTBYq6mqBLe4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDUxNDI1YzA0MmFhNDZiMzk5YzYwZGVmMjc5NDdmNWI0MjZjYTcyMTQxNTk0
MTUzZmE1NzlhNTc4OTQ3ZmYxZjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMqOP0fGnBNbquScdQwMDXOKJPQo7octAAiObGwnE+zT3sBTh3yR+YjDgt2n
IBENq6Ab5yDHaSbTnfeYHY5CofFHKCxGGQiKTuW7f9x8D8OwhI88JqRKeLXktr2T
bFRzt8rwxoIh1Blczkl13THJ4f5+TI9xnJ4UqN9c89Aj2gd+h5OSkb9xzE+BQCSR
SlT3XI+q5PZo8Oq4Va6UNXJ7CYi8OcaUkCbApSpc8EDpgBApn8SZMnelGI+AN8h7
2woX+1PfMGRqDys5ljGg9m2+qB5SgtJfXgY5VL9/aiHxaK5ZL2xSAjfsU+hLq3lx
HRU1YQngKs/s3/MwBVCUrklQ/K8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT6izpO
hO5vTIbLw5SAhJcto31cSjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNjOWY5YzQtMzlhMi00ZjVmLTkxODgtMWE5ZTBkY2NmMjA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOWMA0G
CSqGSIb3DQEBCwUAA4IBAQBUqY0wUksIFjJJiwkHXaxqC3cO+H9pCEnwKHoGthFZ
/mbRBYvoTjPaqWiiYETNyLMYv97hC2VCs2ppljnsgTsYaEkSFAv16HDhzAWL8/aq
+4A42U21f9463EF+PvaDf/zwNntNLva1+WXqqwCPNy90nF3h5QMMHt5mFpq3aiPG
cLmQFsNsDb4JR4dlZU/Yrc/KIWcIWwpVZQnT+FyU8/NP36QqetGfAotJHgZy4GXA
KXX1cPgAxsrkivxjWHgS1GekksoVG1XlrN7eBp14U57yZu0x8vSEBu9WeXlHZHmU
uYmE1hVZdqkY3D5jlfVJaF+9NLFJEcwtvdvT4+n+BIaE
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:28 2023 by rpki-client on console-ams.rpki-client.org