Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa
File: 9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa (raw, json)
Hash identifier: jhGg7lq7qpx0LLJGBiDPsIc+Nv9mwDu3vXw0Rjm9dX8=
Subject key identifier: 9A:7B:E8:5A:C6:B5:03:6D:69:D2:24:28:6A:C7:ED:22:8E:3A:6D:B3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 14D6ACCD65B5441B758BEEDAFB927147F82A8F6A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.188.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:d6:ac:cd:65:b5:44:1b:75:8b:ee:da:fb:92:71:47:f8:2a:8f:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=ef7e92ac042b19dbb713005dd4bf7d73a5c76868a5e14ffa688ea55ba137df86, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:57:24:53:09:ac:2f:c0:58:c4:6d:29:f3:cb:
b5:e2:c0:ee:28:2b:2b:86:15:dc:4d:20:5b:8c:e8:
c3:04:e2:ee:87:d9:cb:c3:85:d6:8e:2c:4f:3d:b4:
37:c8:84:e7:d9:e1:e9:36:86:54:a8:b4:c7:fd:80:
a2:9a:9c:bc:49:24:5e:24:93:c9:09:64:2b:88:97:
83:54:09:6e:fa:52:1f:ad:13:21:90:36:0c:76:9a:
57:78:34:e3:df:fa:62:67:b0:c9:f5:32:41:70:c2:
98:88:af:0a:e6:28:b1:39:f8:79:2c:87:b0:5f:6d:
a0:1c:9c:63:43:4f:65:e6:81:66:ec:8a:ad:46:6e:
61:d0:85:c5:a6:be:48:23:4b:9f:46:ae:80:bc:8c:
13:97:2d:a2:fe:0a:c4:4e:9d:d1:d0:3a:8b:89:12:
37:33:4a:c7:f3:b0:49:cb:b4:08:86:e3:79:8b:e3:
67:1c:bd:2f:92:30:d6:8a:62:57:fe:96:c5:a0:e7:
7e:18:cd:d2:5a:64:e8:d1:b9:3a:4b:bc:a3:ad:25:
d3:3f:2d:f5:d3:d6:52:df:d6:c7:64:3c:c5:ee:19:
a7:71:6d:ae:08:72:88:e2:af:da:09:5c:7e:a9:78:
4e:3a:3d:3c:ff:9f:76:65:35:e3:95:5b:40:05:43:
e1:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:7B:E8:5A:C6:B5:03:6D:69:D2:24:28:6A:C7:ED:22:8E:3A:6D:B3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.188.0.0/15
Signature Algorithm: sha256WithRSAEncryption
5f:90:70:ee:fe:6d:3e:47:07:f4:c4:00:97:e4:53:98:26:f1:
1d:8a:d2:45:b0:43:ac:c6:1c:35:87:fb:b2:77:57:7e:df:8f:
6f:ea:42:58:be:f3:ce:33:1e:2e:18:5b:75:1c:d1:c6:36:78:
87:58:85:ef:6e:f2:12:07:27:93:6a:65:94:ed:46:37:65:30:
cf:de:f2:32:16:b7:e2:b3:24:ed:f8:f7:5d:1f:53:2d:21:3d:
30:ef:25:73:a4:64:36:e7:7a:84:a5:c7:db:cc:ec:33:28:3e:
8f:d2:98:f7:46:da:59:b4:a3:1f:5c:ae:3d:a4:8e:80:b4:39:
d2:4e:27:8f:4e:4d:bb:15:ea:a6:6c:d1:6f:11:02:39:c6:a7:
d3:fd:28:35:cc:dd:ef:34:0c:a5:7d:77:ab:b2:c1:b7:47:ad:
c7:c4:ac:12:3f:40:cf:e6:3c:70:1e:fc:a3:e5:68:58:11:61:
bb:f9:13:7d:55:fe:5a:b3:b7:b7:a0:87:c2:1c:b5:cd:55:d6:
01:6a:45:1c:8f:33:21:b7:31:a9:63:f5:35:8c:7d:df:45:9a:
40:13:80:eb:ed:16:c0:4c:47:f0:19:c0:e7:c9:19:0b:99:f3:
68:74:92:3c:c8:08:01:0c:77:9b:cd:94:13:6d:5e:ca:df:46:
3f:52:88:35
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFNaszWW1RBt1i+7a+5JxR/gqj2owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmN2U5MmFjMDQyYjE5ZGJiNzEzMDA1ZGQ0YmY3ZDczYTVjNzY4NjhhNWUx
NGZmYTY4OGVhNTViYTEzN2RmODYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK5XJFMJrC/AWMRtKfPLteLA7igrK4YV3E0gW4zowwTi7ofZy8OF1o4sTz20
N8iE59nh6TaGVKi0x/2AopqcvEkkXiSTyQlkK4iXg1QJbvpSH60TIZA2DHaaV3g0
49/6YmewyfUyQXDCmIivCuYosTn4eSyHsF9toBycY0NPZeaBZuyKrUZuYdCFxaa+
SCNLn0augLyME5ctov4KxE6d0dA6i4kSNzNKx/OwScu0CIbjeYvjZxy9L5Iw1opi
V/6WxaDnfhjN0lpk6NG5Oku8o60l0z8t9dPWUt/Wx2Q8xe4Zp3FtrghyiOKv2glc
fql4Tjo9PP+fdmU145VbQAVD4dcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSae+ha
xrUDbWnSJChqx+0ijjptszAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWViZmEzNDgtNTkxMC00NjY3LWI0ZGItY2ZiNWJiM2FjYmM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO8MA0G
CSqGSIb3DQEBCwUAA4IBAQBfkHDu/m0+Rwf0xACX5FOYJvEditJFsEOsxhw1h/uy
d1d+349v6kJYvvPOMx4uGFt1HNHGNniHWIXvbvISByeTamWU7UY3ZTDP3vIyFrfi
syTt+PddH1MtIT0w7yVzpGQ253qEpcfbzOwzKD6P0pj3RtpZtKMfXK49pI6AtDnS
TiePTk27FeqmbNFvEQI5xqfT/Sg1zN3vNAylfXerssG3R63HxKwSP0DP5jxwHvyj
5WhYEWG7+RN9Vf5as7e3oIfCHLXNVdYBakUcjzMhtzGpY/U1jH3fRZpAE4Dr7RbA
TEfwGcDnyRkLmfNodJI8yAgBDHebzZQTbV7K30Y/Uog1
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:28 2023 by rpki-client on console-ams.rpki-client.org