Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
File: 9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa (raw, json)
Hash identifier: KgZUA14WikEXekf4Jkw2n/uG+CQpjqPgK616KeszSUw=
Subject key identifier: 47:B5:E6:2F:4A:63:EF:07:2B:DD:3D:61:76:FA:8B:06:BE:E8:DE:2A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6F010BBEE0AF357EAC5B7F76755EAB39AFD4C38E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.70.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Sep 2023 23:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:01:0b:be:e0:af:35:7e:ac:5b:7f:76:75:5e:ab:39:af:d4:c3:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=60cd629c5dc267ce35fe64a0b4ade31c951d967417353a07ade4c787ff7449f0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:46:d0:dd:4f:b5:45:30:95:f0:dc:60:6d:92:
19:40:ff:7e:31:31:40:30:49:27:ee:27:51:fb:0a:
90:ea:12:04:90:84:7a:1d:ce:34:1f:54:e1:11:03:
bf:40:48:4a:60:69:a5:8c:ee:a0:30:7e:62:85:66:
e5:5c:eb:e0:cd:a1:49:5c:01:db:7f:3f:26:f0:ac:
9b:75:df:00:6d:5e:68:a8:bf:df:25:43:4e:d3:ee:
00:ea:56:9e:09:d7:b8:8e:00:6b:00:b3:f1:15:6a:
81:1c:9b:32:39:ae:83:89:f6:b8:e4:d1:df:88:5f:
76:d8:0b:1e:3b:c5:c7:fa:c4:25:f7:df:c8:46:ee:
3b:49:31:cb:73:0b:bf:69:15:d4:d7:44:f5:8b:0b:
0b:27:b5:27:0c:40:a6:6a:d6:c5:46:da:4f:a9:01:
68:b1:5b:e3:98:03:c8:7f:97:25:7d:c5:f3:55:fe:
b1:39:f2:45:6a:ed:53:94:e7:4c:76:40:a6:a7:b3:
7f:0d:0e:82:a7:8f:5f:34:59:d5:53:77:ab:4e:56:
6e:4e:e8:7a:5f:d0:27:64:2a:2e:23:3d:26:96:26:
7b:49:cf:e7:d5:c3:d5:95:4e:2c:11:6d:62:a7:ac:
c7:6a:4a:f6:b8:49:c1:c3:ba:43:72:c8:3a:d1:aa:
30:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:B5:E6:2F:4A:63:EF:07:2B:DD:3D:61:76:FA:8B:06:BE:E8:DE:2A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.70.0.0/16
Signature Algorithm: sha256WithRSAEncryption
57:3c:5b:9f:88:9a:8c:c6:f6:3e:1f:3e:df:1b:8e:c8:26:78:
80:10:cb:34:0b:aa:6b:d1:71:11:20:6d:f6:3d:da:96:88:8b:
d0:cb:f9:04:d2:c4:40:30:d5:c7:3a:78:ce:65:8f:82:14:e7:
da:5d:31:20:c4:1b:78:05:32:08:d5:f4:45:fa:aa:f2:23:36:
9a:66:93:a7:c4:f2:14:c1:b4:0a:5b:05:06:24:39:58:7c:8a:
bf:89:8b:49:3b:17:d3:fc:b9:b5:be:9d:ea:c5:0e:d3:06:94:
88:55:39:a4:de:f6:24:b9:46:da:ec:9f:66:3a:01:a8:33:06:
4d:ce:8b:d5:86:99:c6:79:37:8c:75:1d:b6:d8:d7:d4:d5:24:
81:14:28:83:23:94:4c:6f:a3:bb:99:84:4d:8a:2a:cb:ea:da:
84:76:72:00:05:ea:23:c5:f9:db:c6:10:84:d2:92:82:ac:6d:
25:6b:37:f3:97:7c:fe:e8:17:3f:61:fe:c1:96:a8:9d:9c:fb:
20:e5:32:a1:c7:c6:bf:05:63:bf:df:29:02:ae:e3:9b:2a:92:
35:01:0b:8b:1d:63:96:18:60:18:a9:f6:04:14:1d:b0:2c:9d:
30:cd:c1:03:70:49:86:10:3c:e1:e1:e2:0b:1d:39:56:53:3d:
f5:ca:12:4e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbwELvuCvNX6sW392dV6rOa/Uw44wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDYwY2Q2MjljNWRjMjY3Y2UzNWZlNjRhMGI0YWRlMzFjOTUxZDk2NzQxNzM1
M2EwN2FkZTRjNzg3ZmY3NDQ5ZjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJZG0N1PtUUwlfDcYG2SGUD/fjExQDBJJ+4nUfsKkOoSBJCEeh3ONB9U4RED
v0BISmBppYzuoDB+YoVm5Vzr4M2hSVwB238/JvCsm3XfAG1eaKi/3yVDTtPuAOpW
ngnXuI4AawCz8RVqgRybMjmug4n2uOTR34hfdtgLHjvFx/rEJfffyEbuO0kxy3ML
v2kV1NdE9YsLCye1JwxApmrWxUbaT6kBaLFb45gDyH+XJX3F81X+sTnyRWrtU5Tn
THZApqezfw0OgqePXzRZ1VN3q05Wbk7oel/QJ2QqLiM9JpYme0nP59XD1ZVOLBFt
Yqesx2pK9rhJwcO6Q3LIOtGqMEcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRHteYv
SmPvByvdPWF2+osGvujeKjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWM1YTFhMTQtNzNjMS00YzQ5LThiMjItN2QxMGM0Mzc5ZTA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNGMA0G
CSqGSIb3DQEBCwUAA4IBAQBXPFufiJqMxvY+Hz7fG47IJniAEMs0C6pr0XERIG32
PdqWiIvQy/kE0sRAMNXHOnjOZY+CFOfaXTEgxBt4BTII1fRF+qryIzaaZpOnxPIU
wbQKWwUGJDlYfIq/iYtJOxfT/Lm1vp3qxQ7TBpSIVTmk3vYkuUba7J9mOgGoMwZN
zovVhpnGeTeMdR222NfU1SSBFCiDI5RMb6O7mYRNiirL6tqEdnIABeojxfnbxhCE
0pKCrG0lazfzl3z+6Bc/Yf7BlqidnPsg5TKhx8a/BWO/3ykCruObKpI1AQuLHWOW
GGAYqfYEFB2wLJ0wzcEDcEmGEDzh4eILHTlWUz31yhJO
-----END CERTIFICATE-----
Generated at Fri Sep 8 00:38:22 2023 by rpki-client on console-ams.rpki-client.org