Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/935d325c-d62b-4e93-873c-47222d71e32c.roa
File: 935d325c-d62b-4e93-873c-47222d71e32c.roa (raw, json)
Hash identifier: k++UDpMXONI39T1mzjwF8+qkNV651byETftNyyIeXv8=
Subject key identifier: 4A:64:D6:CF:B1:CE:A6:07:38:CF:F9:2E:2A:0C:3D:AE:B9:A6:99:B8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7464B2093A1A05B53DC7C475BD28F21646FA7016
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/935d325c-d62b-4e93-873c-47222d71e32c.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.96.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Sep 2023 23:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:64:b2:09:3a:1a:05:b5:3d:c7:c4:75:bd:28:f2:16:46:fa:70:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=1a9d5322ee233a9336503819f3ef2a474b50dc7a83b09992e92d93f1f7207d0b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:19:9e:e8:12:bb:b3:a4:6e:5d:0d:4f:6a:4c:
1b:4d:37:13:2c:b4:fd:be:21:bc:d1:a4:8f:22:bd:
18:a1:f8:a7:ef:1c:aa:08:7d:bf:be:ed:0d:89:30:
5c:97:38:fe:21:67:ab:fa:34:73:e4:5e:43:8c:d3:
e5:ae:bd:0e:75:cf:41:50:7d:6c:3f:9a:d7:d2:f3:
a1:94:86:aa:46:f8:e6:44:8b:39:e5:0c:a1:17:1d:
95:8b:5b:12:77:df:37:f3:95:76:11:46:bc:fa:45:
9b:d2:c4:d8:16:02:3e:57:09:09:53:1e:30:7e:40:
54:73:63:cd:ec:ee:a5:d5:6a:cd:7c:20:c6:bf:4d:
4f:02:15:da:32:80:8f:48:02:e2:fa:e2:69:ee:bf:
c1:bb:d2:4f:39:5e:8a:4f:ba:6e:44:0a:97:47:e8:
62:49:bc:ed:9a:12:b9:3d:92:3c:88:b6:27:60:f2:
9b:52:72:d4:e1:8c:70:89:13:ad:32:1a:6c:f2:b7:
52:47:0d:e8:e9:2f:d2:60:a7:47:3f:91:7b:2e:42:
66:5c:c4:92:cd:8d:0b:f7:b0:70:cd:dc:45:73:42:
f3:e3:be:05:af:a8:68:3c:84:95:c7:ac:ec:8a:dd:
a5:c6:18:2c:5f:b4:04:a9:93:81:6d:1b:85:e8:c9:
72:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:64:D6:CF:B1:CE:A6:07:38:CF:F9:2E:2A:0C:3D:AE:B9:A6:99:B8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/935d325c-d62b-4e93-873c-47222d71e32c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.96.0.0/14
Signature Algorithm: sha256WithRSAEncryption
8d:4e:45:61:d4:75:c4:65:42:02:b7:39:ad:55:fb:2f:35:e7:
9c:cd:d9:1e:22:f2:29:79:7c:00:ce:41:ce:09:33:58:01:c2:
f1:20:4c:98:44:fd:b9:4c:78:04:d4:ef:2d:6c:c2:62:0c:2c:
75:99:c2:70:41:53:96:69:ee:2c:37:1d:90:a5:94:8c:dc:dd:
0a:22:3b:4e:25:2d:9a:ae:2e:59:ed:ef:53:df:1e:5f:78:af:
dd:6e:18:77:3f:ee:e6:5b:20:4a:f0:8a:4f:74:45:43:98:6a:
a6:26:60:01:bc:79:1a:b5:18:9e:39:28:1d:88:53:e8:9b:0a:
26:93:47:51:2a:71:d2:07:2d:31:a2:76:0a:b3:36:03:fe:1c:
bf:96:6e:a1:a0:fe:92:41:81:53:89:6f:9a:32:1a:bb:77:60:
4c:27:25:0e:ae:82:c7:94:8d:53:8c:0c:82:04:fc:24:a3:43:
96:38:38:62:e6:a3:ad:86:fe:8a:b6:b5:4e:aa:65:59:a7:1d:
e0:ca:d8:d1:b9:46:2b:73:d1:f0:96:ae:59:18:28:c2:b6:0a:
a5:d3:b8:72:8b:e8:28:74:af:8b:32:b6:84:6d:3a:fb:65:db:
05:72:9f:ca:2c:e0:5a:ae:84:0f:5c:73:fe:cc:f5:54:31:a0:
a6:c6:c8:39
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdGSyCToaBbU9x8R1vSjyFkb6cBYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhOWQ1MzIyZWUyMzNhOTMzNjUwMzgxOWYzZWYyYTQ3NGI1MGRjN2E4M2Iw
OTk5MmU5MmQ5M2YxZjcyMDdkMGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOQZnugSu7Okbl0NT2pMG003Eyy0/b4hvNGkjyK9GKH4p+8cqgh9v77tDYkw
XJc4/iFnq/o0c+ReQ4zT5a69DnXPQVB9bD+a19LzoZSGqkb45kSLOeUMoRcdlYtb
EnffN/OVdhFGvPpFm9LE2BYCPlcJCVMeMH5AVHNjzezupdVqzXwgxr9NTwIV2jKA
j0gC4vriae6/wbvSTzleik+6bkQKl0foYkm87ZoSuT2SPIi2J2Dym1Jy1OGMcIkT
rTIabPK3UkcN6Okv0mCnRz+Rey5CZlzEks2NC/ewcM3cRXNC8+O+Ba+oaDyElces
7IrdpcYYLF+0BKmTgW0bhejJcrsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRKZNbP
sc6mBzjP+S4qDD2uuaaZuDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTM1ZDMyNWMtZDYyYi00ZTkzLTg3M2MtNDcyMjJkNzFlMzJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNgMA0G
CSqGSIb3DQEBCwUAA4IBAQCNTkVh1HXEZUICtzmtVfsvNeeczdkeIvIpeXwAzkHO
CTNYAcLxIEyYRP25THgE1O8tbMJiDCx1mcJwQVOWae4sNx2QpZSM3N0KIjtOJS2a
ri5Z7e9T3x5feK/dbhh3P+7mWyBK8IpPdEVDmGqmJmABvHkatRieOSgdiFPomwom
k0dRKnHSBy0xonYKszYD/hy/lm6hoP6SQYFTiW+aMhq7d2BMJyUOroLHlI1TjAyC
BPwko0OWODhi5qOthv6KtrVOqmVZpx3gytjRuUYrc9Hwlq5ZGCjCtgql07hyi+go
dK+LMraEbTr7ZdsFcp/KLOBaroQPXHP+zPVUMaCmxsg5
-----END CERTIFICATE-----
Generated at Fri Sep 8 00:38:22 2023 by rpki-client on console-ams.rpki-client.org