Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa
File: 9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa (raw, json)
Hash identifier: cz33Vh748y0xtlpdnuXbqBks/5nLZQlp6xbFrhW3Hq0=
Subject key identifier: 0C:25:FD:9E:B0:38:26:72:38:C8:A4:19:E4:5B:F5:FC:D6:9C:71:6C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4E60BDE658514BF880AAD5DC34668B6E4104E3FA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.139.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:60:bd:e6:58:51:4b:f8:80:aa:d5:dc:34:66:8b:6e:41:04:e3:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=8708c143708a3ce09f95b0acf480e5538a465231c9b51f882f244454922cc795, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5d:fd:85:9c:d9:93:6f:3c:77:f3:45:73:b3:
3e:1a:89:fe:40:dc:55:71:05:2b:05:85:32:2a:1a:
55:b7:a8:74:34:ee:8a:0e:b9:0b:68:5f:3c:68:12:
21:30:9a:09:e0:ea:29:47:26:8a:40:df:e1:46:7a:
bf:48:92:02:4b:ed:e7:ff:12:00:e3:df:f5:c8:9d:
e2:13:c5:db:4f:8f:ed:b8:c6:fd:b7:7b:c0:73:0a:
b9:d1:56:5e:d7:94:a5:ec:69:fb:44:26:c6:17:3c:
ff:04:1a:a1:46:d0:3c:8f:b4:1e:7f:83:f9:12:52:
91:28:e6:90:fb:eb:02:6a:f8:a8:0c:68:50:4d:e3:
7e:75:87:19:41:c5:22:21:b1:a8:b1:07:b9:3e:7f:
6b:ff:d1:f2:94:65:ce:02:71:b1:e7:55:37:e9:99:
a9:9d:8d:7d:5e:0a:11:5f:35:0a:68:86:e2:b9:42:
e4:c6:03:cc:45:e7:54:03:23:a1:25:a5:e3:3a:df:
14:ad:e8:50:3a:ea:d0:94:14:d0:ad:0c:55:db:c7:
b8:f4:d3:6f:8c:88:bb:9e:a5:ff:a2:13:46:bf:bb:
c4:cf:ca:e4:b2:db:91:58:d5:83:3a:c8:8b:79:5d:
ee:9f:42:21:08:17:25:be:5a:18:06:a9:38:6f:67:
03:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:25:FD:9E:B0:38:26:72:38:C8:A4:19:E4:5B:F5:FC:D6:9C:71:6C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.139.0.0/16
Signature Algorithm: sha256WithRSAEncryption
72:0f:d0:9a:a5:71:ba:04:18:c5:0a:0f:ec:c2:d8:56:6d:59:
2d:d4:0e:1c:ea:7a:34:ef:6f:62:6d:a9:7a:4e:ff:06:8d:77:
72:a4:e3:c8:90:9c:91:5f:a3:ea:9b:a2:ad:80:b9:1c:97:1e:
3b:13:fd:e9:26:8f:2c:2d:9c:27:63:42:d9:f5:5f:6c:91:3a:
0b:88:4e:23:5f:fc:7c:15:d6:33:53:e3:46:a2:f0:e4:6e:5a:
61:1a:57:44:31:b4:9b:1e:55:0f:65:97:cc:a8:05:36:f0:6f:
dc:68:9b:cb:ea:63:8f:5a:dd:6c:74:0f:42:f0:8d:28:27:a1:
f6:83:49:a6:57:fb:77:19:f1:a0:85:93:79:bf:ff:03:63:51:
88:14:ea:20:d3:e5:c7:c8:a8:ea:69:d5:1c:7e:7b:54:5c:77:
43:73:f1:13:de:70:25:20:b8:98:a9:16:aa:ec:56:65:00:90:
40:85:a9:25:59:9d:8d:b0:ab:eb:31:d8:14:a6:ec:e3:dc:69:
7a:6d:ce:d2:34:83:80:fb:9d:75:6e:ae:82:00:22:3e:e3:25:
e6:64:ec:0c:f3:5a:31:69:5d:e1:c8:51:20:b7:2b:99:ad:51:
d7:a5:3b:e2:8f:03:d1:14:4c:2c:64:b5:9a:1e:e2:91:1d:18:
41:be:57:a5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTmC95lhRS/iAqtXcNGaLbkEE4/owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDg3MDhjMTQzNzA4YTNjZTA5Zjk1YjBhY2Y0ODBlNTUzOGE0NjUyMzFjOWI1
MWY4ODJmMjQ0NDU0OTIyY2M3OTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJd/YWc2ZNvPHfzRXOzPhqJ/kDcVXEFKwWFMioaVbeodDTuig65C2hfPGgS
ITCaCeDqKUcmikDf4UZ6v0iSAkvt5/8SAOPf9cid4hPF20+P7bjG/bd7wHMKudFW
XteUpexp+0Qmxhc8/wQaoUbQPI+0Hn+D+RJSkSjmkPvrAmr4qAxoUE3jfnWHGUHF
IiGxqLEHuT5/a//R8pRlzgJxsedVN+mZqZ2NfV4KEV81CmiG4rlC5MYDzEXnVAMj
oSWl4zrfFK3oUDrq0JQU0K0MVdvHuPTTb4yIu56l/6ITRr+7xM/K5LLbkVjVgzrI
i3ld7p9CIQgXJb5aGAapOG9nA6MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQMJf2e
sDgmcjjIpBnkW/X81pxxbDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWEzZWFlNWMtMDI3ZS00YzM4LWFiOGUtMzMwYjNlNWJhZDk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOLMA0G
CSqGSIb3DQEBCwUAA4IBAQByD9CapXG6BBjFCg/swthWbVkt1A4c6no0729ibal6
Tv8GjXdypOPIkJyRX6Pqm6KtgLkclx47E/3pJo8sLZwnY0LZ9V9skToLiE4jX/x8
FdYzU+NGovDkblphGldEMbSbHlUPZZfMqAU28G/caJvL6mOPWt1sdA9C8I0oJ6H2
g0mmV/t3GfGghZN5v/8DY1GIFOog0+XHyKjqadUcfntUXHdDc/ET3nAlILiYqRaq
7FZlAJBAhaklWZ2NsKvrMdgUpuzj3Gl6bc7SNIOA+511bq6CACI+4yXmZOwM81ox
aV3hyFEgtyuZrVHXpTvijwPRFEwsZLWaHuKRHRhBvlel
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:28 2023 by rpki-client on console-ams.rpki-client.org