Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9e56510b-5f1c-47f6-8a54-2ef9c96c572c.roa
File: 9e56510b-5f1c-47f6-8a54-2ef9c96c572c.roa (raw, json)
Hash identifier: z44aX133Wsmjb9U8s2vjgCUR/+Fih6bTlNrLrK6QJyQ=
Subject key identifier: 7A:4E:F6:DC:D0:C9:B8:DB:32:A7:21:F5:EB:E4:62:A5:87:23:5E:B1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6C9AEAF5574390C24998BDA17DD2D0AD81EB5638
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9e56510b-5f1c-47f6-8a54-2ef9c96c572c.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.74.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Sep 2023 23:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:9a:ea:f5:57:43:90:c2:49:98:bd:a1:7d:d2:d0:ad:81:eb:56:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=8f3ce5db704b7363467d6a00e75912a7325e1f27e91de39cf24604925bf801ba, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d4:22:88:22:71:4b:8a:a3:61:45:79:a0:cf:
de:90:80:52:07:21:f9:19:dd:30:a9:b8:76:6e:1b:
ca:11:55:af:ac:36:0b:0c:c4:25:a2:01:5f:6a:76:
7a:ed:de:d2:ba:03:ef:57:66:29:07:ec:05:56:2f:
59:66:64:01:ed:6c:7f:b1:49:e5:88:31:d5:1c:3d:
f2:2c:da:0b:06:a9:08:0b:7b:34:99:ad:58:c7:b7:
6c:fa:2b:c6:b4:48:36:30:85:70:90:dc:48:d2:db:
7d:b1:3f:fe:93:f4:3d:ff:7e:f4:2a:f9:a6:6e:a4:
fe:09:f5:2b:6f:66:95:cb:e1:b8:36:f5:33:70:3d:
88:f2:e0:57:5b:5d:2d:72:b5:fd:dd:72:d3:78:0f:
68:dc:f8:09:26:b3:ed:ab:cb:18:bf:a3:df:bd:26:
46:45:49:86:10:62:90:4c:81:64:a8:ed:50:5e:15:
78:d7:1c:1a:00:38:e0:1d:8d:eb:c7:54:f2:b6:a3:
ec:9b:6b:76:38:f0:88:fd:e4:8c:1b:16:18:07:5c:
18:d8:c9:9f:74:78:e2:cf:de:63:4f:a0:37:d2:2c:
8b:5d:db:fa:2a:cc:e1:57:82:56:27:82:cd:37:b2:
ae:1a:41:7f:77:f8:10:78:10:0a:03:8e:81:de:af:
63:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:4E:F6:DC:D0:C9:B8:DB:32:A7:21:F5:EB:E4:62:A5:87:23:5E:B1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9e56510b-5f1c-47f6-8a54-2ef9c96c572c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.74.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1e:ad:5e:b7:0e:a1:5c:7a:7e:3c:3f:20:d1:7a:0b:04:77:40:
b7:b4:43:41:56:3f:b7:4b:7f:d4:15:e7:5e:1a:dc:be:a0:63:
e0:31:3a:1f:d5:5b:df:3d:ca:c1:ce:71:a8:86:d3:c7:8a:5a:
d6:ae:3e:65:cb:67:dc:df:4e:55:b6:4a:8f:83:af:e8:27:f5:
eb:9e:99:7f:ce:fd:60:18:d0:a1:9d:bb:53:d7:10:d1:66:da:
ee:5c:80:b8:db:2a:24:c2:37:2e:05:80:fb:6a:57:3e:03:ab:
7c:a7:0e:d5:be:d5:2d:6c:1c:06:d2:1e:b2:16:f8:a1:a5:65:
25:11:73:96:a9:82:b8:e5:ab:f0:78:5c:6f:40:be:d5:a5:a5:
b5:ca:c1:0f:d4:52:fc:9f:4d:22:76:df:0e:d4:2c:97:e8:ae:
70:7a:6f:56:9d:21:df:47:14:e4:98:2b:ec:5f:01:c1:90:fc:
8f:44:39:db:19:26:bd:70:69:42:6c:f3:d8:ae:3c:19:ef:a4:
e2:d3:ab:a6:aa:e8:59:93:d6:68:ea:12:0e:f9:7c:bb:82:8d:
8b:90:8e:1f:bd:b6:d7:0c:83:9c:00:b9:98:af:0d:53:ec:59:
e1:0f:c7:9d:39:da:c8:e4:be:55:bc:ae:51:6d:ab:23:f7:45:
62:65:d3:3a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbJrq9VdDkMJJmL2hfdLQrYHrVjgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDhmM2NlNWRiNzA0YjczNjM0NjdkNmEwMGU3NTkxMmE3MzI1ZTFmMjdlOTFk
ZTM5Y2YyNDYwNDkyNWJmODAxYmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANDUIogicUuKo2FFeaDP3pCAUgch+RndMKm4dm4byhFVr6w2CwzEJaIBX2p2
eu3e0roD71dmKQfsBVYvWWZkAe1sf7FJ5Ygx1Rw98izaCwapCAt7NJmtWMe3bPor
xrRINjCFcJDcSNLbfbE//pP0Pf9+9Cr5pm6k/gn1K29mlcvhuDb1M3A9iPLgV1td
LXK1/d1y03gPaNz4CSaz7avLGL+j370mRkVJhhBikEyBZKjtUF4VeNccGgA44B2N
68dU8raj7JtrdjjwiP3kjBsWGAdcGNjJn3R44s/eY0+gN9Isi13b+irM4VeCVieC
zTeyrhpBf3f4EHgQCgOOgd6vYzECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR6Tvbc
0Mm42zKnIfXr5GKlhyNesTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWU1NjUxMGItNWYxYy00N2Y2LThhNTQtMmVmOWM5NmM1NzJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNKMA0G
CSqGSIb3DQEBCwUAA4IBAQAerV63DqFcen48PyDRegsEd0C3tENBVj+3S3/UFede
Gty+oGPgMTof1VvfPcrBznGohtPHilrWrj5ly2fc305VtkqPg6/oJ/Xrnpl/zv1g
GNChnbtT1xDRZtruXIC42yokwjcuBYD7alc+A6t8pw7VvtUtbBwG0h6yFvihpWUl
EXOWqYK45avweFxvQL7VpaW1ysEP1FL8n00idt8O1CyX6K5wem9WnSHfRxTkmCvs
XwHBkPyPRDnbGSa9cGlCbPPYrjwZ76Ti06umquhZk9Zo6hIO+Xy7go2LkI4fvbbX
DIOcALmYrw1T7FnhD8edOdrI5L5VvK5Rbasj90ViZdM6
-----END CERTIFICATE-----
Generated at Fri Sep 8 00:38:22 2023 by rpki-client on console-ams.rpki-client.org