Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
File: 9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa (raw, json)
Hash identifier: lPAcMsxgX/tMRt/LBVBpPyYbEOEYy0Bx8+o1P3fx1F0=
Subject key identifier: CA:97:9C:6C:02:AD:74:94:4B:1D:88:EE:AE:F6:60:89:08:50:7A:C4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 01D1071F1E58E025BE8DDB83E92962FA7B0AF394
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.50.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:d1:07:1f:1e:58:e0:25:be:8d:db:83:e9:29:62:fa:7b:0a:f3:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=8bc5680cb801680c8ddb4152dbd2a2266d89167c7188d0bc8bcc1b0b92de15e3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:dc:b0:b7:47:47:22:88:5b:01:bc:da:97:3f:
53:5e:69:76:1e:ce:e1:c0:a2:e5:53:19:da:50:f7:
32:64:28:21:f5:f7:ad:be:51:a0:fc:77:82:14:75:
73:d7:b8:c8:1f:72:2c:1e:2d:0e:79:56:1c:2f:64:
57:f6:d8:b7:96:0c:cf:18:54:28:f1:ab:1e:89:90:
67:53:93:50:34:be:92:b8:36:75:cd:7a:80:60:8a:
8e:f0:eb:78:32:f5:23:fe:f2:cf:07:1b:b8:77:fb:
f0:8a:48:ec:72:21:b0:a0:fb:5d:1b:f8:68:64:5d:
06:56:bd:f9:e4:ca:b1:25:06:3b:59:50:f7:88:8e:
81:48:08:f6:a1:25:6a:39:82:7b:c6:ab:d7:0c:e3:
27:dc:c3:a7:4a:ec:bf:44:51:19:3c:2a:c5:80:4e:
07:45:90:82:da:fa:c2:b7:98:35:ab:41:92:ce:5f:
29:5d:b7:c8:1f:18:70:90:bd:2c:c4:10:48:27:68:
16:38:71:19:85:6d:fb:3b:65:d5:3d:0a:d8:3d:b4:
25:35:df:f7:3f:63:b0:85:be:bd:a5:73:7c:91:bc:
ec:34:60:a0:f2:f6:8f:0d:04:de:70:17:62:56:6f:
97:3e:a2:a5:c0:c0:2e:d4:04:cc:ac:59:ad:d6:4f:
1e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:97:9C:6C:02:AD:74:94:4B:1D:88:EE:AE:F6:60:89:08:50:7A:C4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.50.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b4:92:06:d3:67:5f:e1:fc:e5:0b:14:64:f2:18:7a:2c:8e:55:
82:0e:8a:b8:a7:d5:5d:f2:06:f7:3a:d3:01:70:75:82:b7:de:
c9:b2:5e:91:ec:59:7c:b5:e1:73:d1:b1:5d:96:bf:5f:bd:9c:
95:58:8a:ee:75:d6:e0:0c:b6:64:c7:23:05:8a:e5:24:8d:9e:
e1:5c:10:a9:d7:e0:39:31:f1:68:26:a0:e8:5a:0b:1d:cc:ae:
d9:32:5e:9e:06:f5:19:8b:fe:6b:ba:e2:56:cd:b5:ee:51:37:
f0:cc:ce:1c:29:45:a1:e4:b0:a7:6c:b4:6a:89:58:91:86:47:
26:2c:64:16:f4:67:ae:5d:29:ab:7b:48:ff:78:2e:cd:3a:00:
e4:61:80:dd:7f:8e:e5:7f:a6:4b:ff:80:7c:f9:ef:6a:c5:23:
ee:9e:9d:56:3a:2f:a8:25:b9:16:c5:9a:7b:45:a0:91:b8:10:
6b:61:d1:3e:42:5f:66:3f:13:f0:36:e9:2c:3d:2b:8e:88:69:
4f:0c:87:e7:0a:b9:e5:7a:6f:bf:3c:9b:cf:68:af:44:c1:85:
94:2d:d5:05:33:eb:02:28:89:a4:e9:ba:48:48:4b:e9:ed:93:
26:e4:41:52:65:16:3f:9e:c2:b6:fd:b4:90:4e:62:0c:81:c1:
a9:13:ba:80
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUAdEHHx5Y4CW+jduD6Sli+nsK85QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDhiYzU2ODBjYjgwMTY4MGM4ZGRiNDE1MmRiZDJhMjI2NmQ4OTE2N2M3MTg4
ZDBiYzhiY2MxYjBiOTJkZTE1ZTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKLcsLdHRyKIWwG82pc/U15pdh7O4cCi5VMZ2lD3MmQoIfX3rb5RoPx3ghR1
c9e4yB9yLB4tDnlWHC9kV/bYt5YMzxhUKPGrHomQZ1OTUDS+krg2dc16gGCKjvDr
eDL1I/7yzwcbuHf78IpI7HIhsKD7XRv4aGRdBla9+eTKsSUGO1lQ94iOgUgI9qEl
ajmCe8ar1wzjJ9zDp0rsv0RRGTwqxYBOB0WQgtr6wreYNatBks5fKV23yB8YcJC9
LMQQSCdoFjhxGYVt+ztl1T0K2D20JTXf9z9jsIW+vaVzfJG87DRgoPL2jw0E3nAX
YlZvlz6ipcDALtQEzKxZrdZPHhMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTKl5xs
Aq10lEsdiO6u9mCJCFB6xDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWViN2RmYjMtNWNiMy00ODRhLWI1NTAtNDE4ZmM1NDBlYTI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMyMA0G
CSqGSIb3DQEBCwUAA4IBAQC0kgbTZ1/h/OULFGTyGHosjlWCDoq4p9Vd8gb3OtMB
cHWCt97Jsl6R7Fl8teFz0bFdlr9fvZyVWIruddbgDLZkxyMFiuUkjZ7hXBCp1+A5
MfFoJqDoWgsdzK7ZMl6eBvUZi/5ruuJWzbXuUTfwzM4cKUWh5LCnbLRqiViRhkcm
LGQW9GeuXSmre0j/eC7NOgDkYYDdf47lf6ZL/4B8+e9qxSPunp1WOi+oJbkWxZp7
RaCRuBBrYdE+Ql9mPxPwNuksPSuOiGlPDIfnCrnlem+/PJvPaK9EwYWULdUFM+sC
KImk6bpISEvp7ZMm5EFSZRY/nsK2/bSQTmIMgcGpE7qA
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:28 2023 by rpki-client on console-ams.rpki-client.org