Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
File: 84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa (raw, json)
Hash identifier: HZ6ILgUM9Hn42lMBEUNqIrMsObkXojbObFDjBTCimtU=
Subject key identifier: 20:32:5D:9B:27:6F:6A:01:49:00:20:12:A2:AA:14:09:93:EB:10:86
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 69EB31161C0399A17F246CEFCF6B0F2296F7180E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.236.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:eb:31:16:1c:03:99:a1:7f:24:6c:ef:cf:6b:0f:22:96:f7:18:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=29848e7f7073142f00ee865c24edaa56c923938ad838f71d51319db47514ec25, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:0a:2d:68:c7:dc:c4:99:b3:ef:70:8b:82:97:
0d:b6:f3:f2:ec:56:e1:24:ea:10:1f:de:f1:a9:36:
1a:6b:b7:5c:fa:19:87:e5:e8:87:3c:ad:17:dd:74:
55:23:f6:a6:88:b4:b7:de:8f:ce:0c:9a:e2:6c:5b:
a6:26:85:83:71:f1:e0:83:86:5d:86:fb:c0:45:08:
e9:ac:12:08:e0:f8:3c:f1:ce:8d:68:5e:46:43:d4:
9a:ce:6c:70:6e:9f:ab:d1:c1:2a:98:c8:f0:fe:fa:
00:4f:58:10:4d:22:80:e8:af:87:83:79:41:48:9f:
95:10:d8:86:2d:9a:0e:d0:ce:29:a0:1b:a2:24:14:
ac:2a:d5:ce:7e:32:24:b4:da:7e:cc:67:24:09:d2:
48:e2:ad:90:ea:f1:86:ee:70:30:d6:b1:fc:7c:de:
43:12:6b:a5:7b:44:1b:14:1f:af:95:b1:70:84:f0:
04:9c:11:1f:3c:76:ab:1b:bb:bf:aa:5f:50:fd:90:
ae:7b:b3:6a:c6:7a:fa:71:02:6c:21:51:a2:c1:56:
62:f1:5f:ac:27:1e:f6:72:5a:ff:56:9c:40:78:79:
89:f0:ed:29:e2:f0:ab:f3:f6:42:b3:f6:02:9a:62:
0c:dc:61:ce:b3:d7:e3:81:55:df:8a:02:04:0d:77:
4b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:32:5D:9B:27:6F:6A:01:49:00:20:12:A2:AA:14:09:93:EB:10:86
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.236.0.0/15
Signature Algorithm: sha256WithRSAEncryption
60:83:5f:63:53:07:13:d3:a8:69:5f:73:9b:db:c8:e2:d8:92:
d3:23:59:a7:ac:9e:6b:9e:47:d8:be:68:d4:5d:5c:c1:7a:fc:
06:33:8b:ae:1f:8d:c9:70:95:8b:84:e8:23:74:a2:cc:e0:31:
61:26:b4:b2:c6:da:22:3d:29:7c:9b:95:2e:79:5a:4f:df:0b:
0e:40:94:56:30:bf:2b:a4:75:9a:1b:54:a8:fc:e7:37:8e:81:
a9:5b:3f:57:90:8d:0d:46:b2:da:a8:8f:5c:38:f0:bd:8f:4c:
8e:ed:be:b7:d5:89:79:b3:3d:fa:64:8b:65:7c:99:63:fe:1d:
20:7c:7a:79:39:ca:80:07:5b:35:84:a1:87:64:09:5f:a2:58:
73:83:45:a8:af:01:ab:32:4b:49:5a:0a:79:e2:47:99:86:d3:
c1:b6:62:74:e4:15:db:d1:f5:2d:95:92:76:4c:f1:86:26:5e:
01:2e:ff:a4:92:46:4c:a7:31:9e:72:5c:52:1b:86:1c:25:f4:
67:3e:26:a1:82:d1:4e:ad:b8:34:ff:75:03:85:e1:ca:8a:0b:
b8:f5:fc:33:e9:c4:c4:66:7f:f3:7f:43:79:4a:2b:9a:cc:84:
46:55:d3:4e:73:f5:70:10:48:84:15:7f:ba:58:22:e8:13:b3:
28:2d:6c:81
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUaesxFhwDmaF/JGzvz2sPIpb3GA4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDI5ODQ4ZTdmNzA3MzE0MmYwMGVlODY1YzI0ZWRhYTU2YzkyMzkzOGFkODM4
ZjcxZDUxMzE5ZGI0NzUxNGVjMjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANoKLWjH3MSZs+9wi4KXDbbz8uxW4STqEB/e8ak2Gmu3XPoZh+XohzytF910
VSP2poi0t96Pzgya4mxbpiaFg3Hx4IOGXYb7wEUI6awSCOD4PPHOjWheRkPUms5s
cG6fq9HBKpjI8P76AE9YEE0igOivh4N5QUiflRDYhi2aDtDOKaAboiQUrCrVzn4y
JLTafsxnJAnSSOKtkOrxhu5wMNax/HzeQxJrpXtEGxQfr5WxcITwBJwRHzx2qxu7
v6pfUP2QrnuzasZ6+nECbCFRosFWYvFfrCce9nJa/1acQHh5ifDtKeLwq/P2QrP2
AppiDNxhzrPX44FV34oCBA13S2cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQgMl2b
J29qAUkAIBKiqhQJk+sQhjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODRjNDNiOTUtODVkMy00YzFkLWE2YmUtY2YxNzkwNmYxMWM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPsMA0G
CSqGSIb3DQEBCwUAA4IBAQBgg19jUwcT06hpX3Ob28ji2JLTI1mnrJ5rnkfYvmjU
XVzBevwGM4uuH43JcJWLhOgjdKLM4DFhJrSyxtoiPSl8m5UueVpP3wsOQJRWML8r
pHWaG1So/Oc3joGpWz9XkI0NRrLaqI9cOPC9j0yO7b631Yl5sz36ZItlfJlj/h0g
fHp5OcqAB1s1hKGHZAlfolhzg0WorwGrMktJWgp54keZhtPBtmJ05BXb0fUtlZJ2
TPGGJl4BLv+kkkZMpzGeclxSG4YcJfRnPiahgtFOrbg0/3UDheHKigu49fwz6cTE
Zn/zf0N5SiuazIRGVdNOc/VwEEiEFX+6WCLoE7MoLWyB
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:28 2023 by rpki-client on console-ams.rpki-client.org