Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
File: 8d2d588e-ac05-4633-acba-4d5705f7071e.roa (raw, json)
Hash identifier: uZacxG9aPnVWst2rioNfPkkmkY856CWP4wg3LwNiwG8=
Subject key identifier: EA:10:AD:6E:D6:90:63:2E:0C:60:2C:55:00:1F:3E:E3:05:D5:90:01
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6209E328F768218DAE08E52A4AB7A22D03F9EC23
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.180.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:09:e3:28:f7:68:21:8d:ae:08:e5:2a:4a:b7:a2:2d:03:f9:ec:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=8edb40187bf548022b0f949070b1a88c13b8325d001c18bd263df64b8048d5eb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c8:2f:05:0b:fe:1a:06:dc:4f:9a:0f:13:10:
a3:00:5f:4b:09:68:67:9a:0f:22:3d:d7:23:c6:36:
68:91:cd:89:e0:4e:00:dc:6a:d9:b8:9b:a8:63:3e:
c8:b9:a3:1a:bc:7a:5c:70:63:88:95:7e:a6:47:86:
6b:d3:60:c6:a3:50:d5:a3:09:3c:c4:d4:5c:6e:c6:
53:5a:44:88:48:d4:92:16:ed:0b:05:51:97:96:1f:
4f:a9:06:0f:8a:b6:c5:a6:99:73:29:30:71:a0:4b:
69:c1:9b:e1:71:3f:ef:9f:d4:fd:d5:1f:77:bf:c9:
06:06:fe:1a:b1:0f:d9:d6:9a:8d:3a:90:60:f1:52:
f8:23:4a:1c:6c:b2:6c:ac:64:94:8f:77:8c:43:c6:
9e:f3:59:8f:c7:3e:fa:55:17:ca:64:e9:5a:66:ff:
38:3e:3c:6d:02:ca:ce:cb:bd:f2:7b:25:7c:cb:ad:
69:85:ef:a4:66:14:08:98:7e:f8:38:9f:ec:54:2e:
89:a7:55:35:a5:64:4a:dd:c7:b1:ca:4b:aa:eb:b1:
fe:11:dc:3f:31:10:8a:2a:97:83:1d:a3:f3:45:95:
d1:40:63:3b:37:71:d7:39:d5:44:25:61:b8:3e:fe:
46:b5:f6:fc:10:83:46:da:be:6a:b8:27:78:1f:b8:
9d:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:10:AD:6E:D6:90:63:2E:0C:60:2C:55:00:1F:3E:E3:05:D5:90:01
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.180.0.0/15
Signature Algorithm: sha256WithRSAEncryption
4e:d2:7a:4d:ad:0a:ae:76:c4:4f:2b:38:9f:0d:dc:34:7c:c5:
b2:3b:51:cc:7b:49:cb:c2:8a:46:d9:9f:f8:1e:48:cb:ed:49:
13:66:0f:74:fb:f3:05:85:24:ea:2d:a5:eb:31:4c:ac:01:26:
96:a2:c3:6f:79:d9:4e:00:0d:95:3a:f2:1d:8c:2a:bf:c0:67:
9a:c7:f7:26:d6:ed:bd:d8:85:9d:ae:ad:86:30:e5:91:96:d6:
a2:9e:e5:ec:68:13:65:11:5a:5b:b5:30:f9:e6:2b:d3:95:07:
4a:57:2b:10:61:82:45:62:09:92:90:ea:94:77:7d:43:54:5f:
8f:14:86:20:4d:74:94:16:48:28:09:06:9c:c1:88:53:ad:00:
ee:e9:b9:73:68:3d:e2:8f:22:67:96:27:b3:e4:c8:53:a8:61:
25:48:f1:11:e6:4b:66:00:30:94:f7:88:79:c5:2a:aa:03:ff:
5f:20:43:82:09:a5:52:5e:00:28:b5:85:1f:de:1a:79:b7:3a:
50:a9:fb:5f:25:69:5b:de:e4:94:ae:ee:09:d0:6b:c6:f6:58:
9d:d2:e5:e5:a5:cb:91:93:9c:ac:47:b4:62:11:74:96:01:37:
f1:8c:2e:e8:23:20:eb:45:9f:03:68:e5:d1:21:b7:60:39:47:
88:4a:f0:c6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYgnjKPdoIY2uCOUqSreiLQP57CMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlZGI0MDE4N2JmNTQ4MDIyYjBmOTQ5MDcwYjFhODhjMTNiODMyNWQwMDFj
MThiZDI2M2RmNjRiODA0OGQ1ZWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALrILwUL/hoG3E+aDxMQowBfSwloZ5oPIj3XI8Y2aJHNieBOANxq2bibqGM+
yLmjGrx6XHBjiJV+pkeGa9NgxqNQ1aMJPMTUXG7GU1pEiEjUkhbtCwVRl5YfT6kG
D4q2xaaZcykwcaBLacGb4XE/75/U/dUfd7/JBgb+GrEP2daajTqQYPFS+CNKHGyy
bKxklI93jEPGnvNZj8c++lUXymTpWmb/OD48bQLKzsu98nslfMutaYXvpGYUCJh+
+Dif7FQuiadVNaVkSt3HscpLquux/hHcPzEQiiqXgx2j80WV0UBjOzdx1znVRCVh
uD7+RrX2/BCDRtq+argneB+4nZcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTqEK1u
1pBjLgxgLFUAHz7jBdWQATAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGQyZDU4OGUtYWMwNS00NjMzLWFjYmEtNGQ1NzA1ZjcwNzFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO0MA0G
CSqGSIb3DQEBCwUAA4IBAQBO0npNrQqudsRPKzifDdw0fMWyO1HMe0nLwopG2Z/4
HkjL7UkTZg90+/MFhSTqLaXrMUysASaWosNvedlOAA2VOvIdjCq/wGeax/cm1u29
2IWdrq2GMOWRltainuXsaBNlEVpbtTD55ivTlQdKVysQYYJFYgmSkOqUd31DVF+P
FIYgTXSUFkgoCQacwYhTrQDu6blzaD3ijyJnliez5MhTqGElSPER5ktmADCU94h5
xSqqA/9fIEOCCaVSXgAotYUf3hp5tzpQqftfJWlb3uSUru4J0GvG9lid0uXlpcuR
k5ysR7RiEXSWATfxjC7oIyDrRZ8DaOXRIbdgOUeISvDG
-----END CERTIFICATE-----
Generated at Fri Sep 8 16:41:10 2023 by rpki-client on console-ams.rpki-client.org