Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
File: 85056db0-2868-4547-8893-66ae7ad101d4.roa (raw, json)
Hash identifier: wEGLsX4sX2s2D9973xwCYPBxR/LRgOf6grT0ShuQsUM=
Subject key identifier: CB:25:90:19:21:79:33:FE:86:3C:94:0C:83:F2:40:D6:59:81:78:98
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 18A019160EF8628D73A8022348B2097BC62DA699
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.90.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Sep 2023 23:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:a0:19:16:0e:f8:62:8d:73:a8:02:23:48:b2:09:7b:c6:2d:a6:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=c82441730f970953996025ae7d734965e6693fb3f3c3ce4615417573e9defcf6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:39:ee:c0:f8:a6:0c:f8:9e:a4:b8:ef:dc:27:
bb:36:97:50:01:34:2b:9d:09:0c:7e:dd:0d:b9:69:
81:38:11:36:f1:e8:74:39:43:77:10:26:fa:c5:c5:
1e:f3:2a:39:26:30:f1:e2:ce:2d:5a:30:bd:73:3e:
b9:a7:00:ab:ef:75:ca:6d:99:bc:8f:ca:b2:7b:09:
b2:61:2b:6a:72:b8:ae:e0:31:ce:80:5e:c0:98:cd:
72:d1:42:38:00:68:82:7e:4f:8f:52:a7:95:f4:4f:
4f:14:57:d3:49:d5:e2:79:45:e3:2a:ff:53:02:c0:
45:d9:ea:ad:c7:88:5a:62:26:d0:63:b0:9e:b7:d0:
0b:e4:a0:1e:bb:3d:9c:ea:aa:22:96:82:46:8a:7b:
c1:be:44:a2:d4:83:03:d7:76:f3:71:9a:e8:45:6d:
2f:54:be:0f:db:9b:b9:f7:e8:03:3f:22:e4:18:b8:
67:6c:a2:d2:0f:c4:d5:21:87:1b:98:b2:92:3b:85:
03:ea:ad:b6:ef:3b:7b:d1:aa:4f:99:a6:57:97:50:
53:ad:6d:60:43:45:28:5e:0d:03:ef:6e:07:db:58:
03:2e:59:f0:c6:dc:e3:1f:69:2c:cf:7f:2e:c0:39:
6c:d8:c9:1d:e3:3b:ed:89:3c:43:d5:57:1f:fa:f1:
0e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:25:90:19:21:79:33:FE:86:3C:94:0C:83:F2:40:D6:59:81:78:98
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.90.0.0/16
Signature Algorithm: sha256WithRSAEncryption
77:d9:99:b4:9f:92:e8:d8:38:24:87:62:59:98:28:84:e9:76:
d6:fd:5f:6a:8c:f1:6d:0f:b7:44:bc:36:de:4f:ce:86:e6:7a:
f4:10:f9:f4:67:15:dd:12:97:2d:4e:0e:9f:ec:e0:9d:c2:92:
e5:fb:d2:45:bb:6e:f5:ea:c8:e5:2c:f3:f8:c2:a8:6c:b3:62:
52:e3:88:ae:a9:3b:a3:e7:97:46:d5:8d:40:fb:24:f8:ce:7e:
92:ee:02:87:26:0b:c5:d2:48:fd:0b:93:cb:e7:16:88:0b:7d:
d2:73:5d:6e:db:d7:7d:27:18:dd:55:c2:a4:f3:74:c3:78:6d:
df:3a:23:9d:2e:8b:ae:6a:e8:3a:6d:52:80:dc:e4:2b:fc:79:
50:2f:38:22:da:dc:82:6c:9b:ab:4e:a6:00:5b:60:ba:d8:bd:
ea:de:ff:5d:42:7c:51:a6:1c:01:ee:aa:7f:e6:ee:ec:8b:ed:
80:af:5a:de:3f:33:33:9a:cd:b4:89:de:0d:2c:1a:e3:9a:c5:
33:17:f1:14:f3:2a:54:06:4b:72:28:24:ba:92:0d:66:b8:ad:
79:d9:a9:ef:5f:1b:2f:89:3b:df:32:05:bd:e2:6a:55:c8:60:
52:c3:6e:d2:c0:da:97:22:a7:93:2b:ed:6c:d7:3d:c4:b8:bd:
6b:20:df:b6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGKAZFg74Yo1zqAIjSLIJe8YtppkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGM4MjQ0MTczMGY5NzA5NTM5OTYwMjVhZTdkNzM0OTY1ZTY2OTNmYjNmM2Mz
Y2U0NjE1NDE3NTczZTlkZWZjZjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJk57sD4pgz4nqS479wnuzaXUAE0K50JDH7dDblpgTgRNvHodDlDdxAm+sXF
HvMqOSYw8eLOLVowvXM+uacAq+91ym2ZvI/KsnsJsmEranK4ruAxzoBewJjNctFC
OABogn5Pj1KnlfRPTxRX00nV4nlF4yr/UwLARdnqrceIWmIm0GOwnrfQC+SgHrs9
nOqqIpaCRop7wb5EotSDA9d283Ga6EVtL1S+D9ubuffoAz8i5Bi4Z2yi0g/E1SGH
G5iykjuFA+qttu87e9GqT5mmV5dQU61tYENFKF4NA+9uB9tYAy5Z8Mbc4x9pLM9/
LsA5bNjJHeM77Yk8Q9VXH/rxDrUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTLJZAZ
IXkz/oY8lAyD8kDWWYF4mDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODUwNTZkYjAtMjg2OC00NTQ3LTg4OTMtNjZhZTdhZDEwMWQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNaMA0G
CSqGSIb3DQEBCwUAA4IBAQB32Zm0n5Lo2Dgkh2JZmCiE6XbW/V9qjPFtD7dEvDbe
T86G5nr0EPn0ZxXdEpctTg6f7OCdwpLl+9JFu2716sjlLPP4wqhss2JS44iuqTuj
55dG1Y1A+yT4zn6S7gKHJgvF0kj9C5PL5xaIC33Sc11u29d9JxjdVcKk83TDeG3f
OiOdLouuaug6bVKA3OQr/HlQLzgi2tyCbJurTqYAW2C62L3q3v9dQnxRphwB7qp/
5u7si+2Ar1rePzMzms20id4NLBrjmsUzF/EU8ypUBktyKCS6kg1muK152anvXxsv
iTvfMgW94mpVyGBSw27SwNqXIqeTK+1s1z3EuL1rIN+2
-----END CERTIFICATE-----
Generated at Fri Sep 8 00:23:34 2023 by rpki-client on console-fra.rpki-client.org