Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
File: 8551266c-ef98-4dd7-801f-d816ee2eeade.roa (raw, json)
Hash identifier: os9szWcVi+iEGr3hpamI/+ToqxIW8cVHp1hJlog8TyI=
Subject key identifier: B4:2B:20:F0:64:8F:6E:1B:C3:E9:74:02:39:5E:FC:40:D1:76:1A:9B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0D7765C3F387ED7B4A4001D6DE07D99969580528
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.176.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:77:65:c3:f3:87:ed:7b:4a:40:01:d6:de:07:d9:99:69:58:05:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=7a74b91419bd04c67e89a5fe88ceb43ab82eb0f8b7ead6bac1fbdf098c1bc86e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:49:62:5c:59:2e:9f:cb:5b:c1:d4:2b:43:1d:
98:c4:e0:fc:b7:a0:1c:29:fb:b4:b2:ab:d5:79:6d:
36:7e:2e:d8:33:c4:6d:3f:a3:83:5a:52:f6:81:87:
bc:7d:c4:b7:41:9c:b5:e9:36:43:20:e2:b7:fb:cb:
85:29:3b:7d:87:a2:48:f8:8f:8a:16:a4:e5:28:c4:
10:46:05:d7:68:ea:b4:29:4a:01:fb:f3:c3:5a:84:
e0:21:57:bf:ed:71:99:1a:14:e7:c9:cb:3c:79:aa:
ed:e1:fb:43:fd:ff:1d:ce:78:7d:12:66:57:92:2a:
00:9c:f6:af:da:78:1c:f7:49:9d:f6:2e:a8:02:12:
c9:88:f1:ff:58:6e:2b:24:a4:e5:8f:74:46:b7:12:
f0:22:a8:e2:b5:0c:97:66:e6:93:97:8f:26:67:ed:
98:82:d8:92:f9:43:d7:56:ee:38:7c:ed:ff:65:20:
ae:d5:5e:3c:4c:98:ae:03:84:49:ab:ad:cc:93:43:
78:a4:67:60:6a:a3:63:9c:70:f5:9c:3b:9d:26:77:
47:ab:1c:33:65:bb:86:95:1c:3b:06:c7:93:e0:cb:
6f:23:ea:6f:06:7a:9e:9e:73:99:66:f4:1b:13:51:
d1:1d:4b:a2:6a:43:b8:5f:68:bd:a5:cc:79:5c:96:
83:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:2B:20:F0:64:8F:6E:1B:C3:E9:74:02:39:5E:FC:40:D1:76:1A:9B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.176.0.0/15
Signature Algorithm: sha256WithRSAEncryption
63:ed:00:e6:a1:32:cf:5f:ac:a0:54:ea:0f:c2:4c:58:41:9b:
8c:a8:90:a0:99:47:5d:42:73:e2:8a:95:15:60:fa:94:1b:4c:
33:99:10:ee:d4:6d:53:1a:fb:ab:55:82:1f:14:f0:7b:37:ea:
c3:f4:7e:49:96:f2:a4:4f:b5:d7:41:91:c0:8b:ae:8b:55:6d:
a1:ed:55:25:1c:da:77:4b:67:63:ec:4a:81:a3:c9:f3:a5:3a:
95:ac:bd:4a:73:eb:d0:64:08:d9:b8:22:57:e2:fb:50:ff:64:
9b:cb:2e:a8:a4:56:03:13:7d:0f:99:13:9a:bf:75:20:a3:5c:
10:9c:c8:b2:5f:8a:cb:8e:c4:57:0a:c4:4b:7f:95:de:a3:32:
ac:0e:ca:d7:fd:e7:08:71:03:88:cf:77:57:ec:00:43:db:a4:
a6:41:25:cb:25:22:0c:a3:72:e6:fb:f1:af:d2:a7:fd:6b:61:
8e:11:5c:96:b5:b8:7a:f0:b1:75:23:a9:85:4f:1b:94:16:88:
ff:6e:14:9b:28:6f:9b:a5:19:9a:9c:3b:93:8d:53:01:09:ac:
25:10:8f:2c:a3:65:f6:bb:1a:b7:85:09:7b:8c:5f:30:6d:be:
9f:e2:b4:13:ec:e6:cc:f7:ca:8e:e6:15:12:71:8a:27:01:7c:
9c:87:57:7d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUDXdlw/OH7XtKQAHW3gfZmWlYBSgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhNzRiOTE0MTliZDA0YzY3ZTg5YTVmZTg4Y2ViNDNhYjgyZWIwZjhiN2Vh
ZDZiYWMxZmJkZjA5OGMxYmM4NmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKFJYlxZLp/LW8HUK0MdmMTg/LegHCn7tLKr1XltNn4u2DPEbT+jg1pS9oGH
vH3Et0Gctek2QyDit/vLhSk7fYeiSPiPihak5SjEEEYF12jqtClKAfvzw1qE4CFX
v+1xmRoU58nLPHmq7eH7Q/3/Hc54fRJmV5IqAJz2r9p4HPdJnfYuqAISyYjx/1hu
KySk5Y90RrcS8CKo4rUMl2bmk5ePJmftmILYkvlD11buOHzt/2UgrtVePEyYrgOE
SautzJNDeKRnYGqjY5xw9Zw7nSZ3R6scM2W7hpUcOwbHk+DLbyPqbwZ6np5zmWb0
GxNR0R1LompDuF9ovaXMeVyWg8cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS0KyDw
ZI9uG8PpdAI5XvxA0XYamzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODU1MTI2NmMtZWY5OC00ZGQ3LTgwMWYtZDgxNmVlMmVlYWRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOwMA0G
CSqGSIb3DQEBCwUAA4IBAQBj7QDmoTLPX6ygVOoPwkxYQZuMqJCgmUddQnPiipUV
YPqUG0wzmRDu1G1TGvurVYIfFPB7N+rD9H5JlvKkT7XXQZHAi66LVW2h7VUlHNp3
S2dj7EqBo8nzpTqVrL1Kc+vQZAjZuCJX4vtQ/2Sbyy6opFYDE30PmROav3Ugo1wQ
nMiyX4rLjsRXCsRLf5XeozKsDsrX/ecIcQOIz3dX7ABD26SmQSXLJSIMo3Lm+/Gv
0qf9a2GOEVyWtbh68LF1I6mFTxuUFoj/bhSbKG+bpRmanDuTjVMBCawlEI8so2X2
uxq3hQl7jF8wbb6f4rQT7ObM98qO5hUScYonAXych1d9
-----END CERTIFICATE-----
Generated at Fri Sep 8 16:38:26 2023 by rpki-client on console-fra.rpki-client.org