Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
File: a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa (raw, json)
Hash identifier: /a+F1xNb+8ev3jyRr1q1+CNgyQybYD9EHYnM6+qqcZ8=
Subject key identifier: 36:1F:C3:28:B9:D3:EB:F9:23:F2:59:89:F5:9D:B0:D6:7E:31:4D:6B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 08D87CF5629D2F50075C233C5FB90E3F3AE39F85
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.206.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Sep 2023 23:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:d8:7c:f5:62:9d:2f:50:07:5c:23:3c:5f:b9:0e:3f:3a:e3:9f:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=319a793242ab4f38f0df73e3b256c34d6bd88e736b993ab8852f89526dca4fb7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:7b:0e:64:1f:29:a2:a4:38:e6:fe:72:9f:41:
44:6d:5e:10:52:79:35:c8:90:43:97:2c:2d:0a:d3:
8f:23:38:86:4f:25:a9:72:b6:42:f1:30:fd:95:0f:
4c:36:57:f6:45:e2:81:a0:5d:81:a8:ba:96:c2:cd:
08:b2:dd:c9:8b:f9:7a:ad:f1:18:c3:b8:fd:b8:73:
11:aa:7e:67:6e:7b:3e:33:50:6b:06:23:45:25:3e:
99:29:20:ae:bf:2b:00:c2:7f:16:eb:3e:65:a6:58:
e5:5b:a8:98:2d:f3:0b:0a:52:77:11:2d:f4:e6:e6:
4a:91:08:a6:7d:9d:58:df:de:1a:cc:26:a6:04:b9:
8c:74:8b:ba:8f:3c:83:34:5a:8f:6c:0f:83:4a:85:
25:7a:08:0b:b7:50:67:62:40:70:41:25:5e:12:a1:
a8:c0:74:8e:78:38:ad:19:27:f0:3d:be:f3:9c:8f:
df:75:aa:00:07:b2:d8:f1:54:66:96:10:60:63:d2:
93:fc:72:5a:3b:6d:61:eb:0d:e6:c2:a2:f6:37:8c:
93:f3:8b:61:50:da:f3:c5:23:a0:d4:af:93:ab:ad:
88:74:58:7b:31:d9:53:89:18:52:e8:85:67:1c:c4:
ed:63:d6:07:34:c6:f6:93:a4:31:87:72:7e:a9:e2:
04:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:1F:C3:28:B9:D3:EB:F9:23:F2:59:89:F5:9D:B0:D6:7E:31:4D:6B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.206.0.0/15
Signature Algorithm: sha256WithRSAEncryption
64:76:e9:ed:af:c7:0f:23:03:99:c2:fc:a3:ab:2a:d6:d8:ba:
b4:86:8a:3c:56:15:15:69:c4:d2:79:dd:a2:17:0d:62:1e:36:
71:07:7a:55:fd:fd:e6:c5:5d:2a:16:a6:e8:12:3c:35:65:88:
ec:d8:73:51:20:3c:78:60:b2:54:2a:a0:f1:99:9b:56:89:0a:
1e:a6:5a:86:8e:91:df:0e:9c:5f:13:25:3b:33:d3:a0:bf:7b:
2a:ba:de:7b:e8:7f:78:95:e8:87:a9:31:05:a6:67:67:8a:1b:
0d:31:0f:72:a3:dd:09:82:58:0a:2d:1a:71:0f:5e:e1:9c:6d:
a6:af:d8:ba:2e:8c:d9:bc:f2:82:f8:82:25:f7:86:11:b3:74:
9b:c9:3f:ac:d7:60:5a:6d:de:47:1a:81:67:e5:49:65:8d:f0:
02:fa:e1:d8:0e:d1:15:a1:81:c8:3a:62:23:32:ce:50:5e:c4:
d8:42:64:ed:b9:27:dd:2b:82:63:e3:7f:8e:e8:00:63:1a:40:
53:49:0e:35:43:60:23:d8:30:57:ba:f8:7f:76:8d:65:9e:7c:
25:cb:4f:4a:74:89:41:6f:3b:fb:3d:bb:f1:15:33:b3:31:1f:
96:78:26:bf:9b:e6:d8:b0:54:b1:35:32:c7:69:d7:67:bc:8c:
82:ec:6e:48
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCNh89WKdL1AHXCM8X7kOPzrjn4UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxOWE3OTMyNDJhYjRmMzhmMGRmNzNlM2IyNTZjMzRkNmJkODhlNzM2Yjk5
M2FiODg1MmY4OTUyNmRjYTRmYjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKV7DmQfKaKkOOb+cp9BRG1eEFJ5NciQQ5csLQrTjyM4hk8lqXK2QvEw/ZUP
TDZX9kXigaBdgai6lsLNCLLdyYv5eq3xGMO4/bhzEap+Z257PjNQawYjRSU+mSkg
rr8rAMJ/Fus+ZaZY5VuomC3zCwpSdxEt9ObmSpEIpn2dWN/eGswmpgS5jHSLuo88
gzRaj2wPg0qFJXoIC7dQZ2JAcEElXhKhqMB0jng4rRkn8D2+85yP33WqAAey2PFU
ZpYQYGPSk/xyWjttYesN5sKi9jeMk/OLYVDa88UjoNSvk6utiHRYezHZU4kYUuiF
ZxzE7WPWBzTG9pOkMYdyfqniBNMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ2H8Mo
udPr+SPyWYn1nbDWfjFNazAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTJkMTBlN2QtYTc4NC00NzZkLTlkZjUtZjdlZmViNTVjZjM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPOMA0G
CSqGSIb3DQEBCwUAA4IBAQBkduntr8cPIwOZwvyjqyrW2Lq0hoo8VhUVacTSed2i
Fw1iHjZxB3pV/f3mxV0qFqboEjw1ZYjs2HNRIDx4YLJUKqDxmZtWiQoeplqGjpHf
DpxfEyU7M9Ogv3squt576H94leiHqTEFpmdnihsNMQ9yo90JglgKLRpxD17hnG2m
r9i6LozZvPKC+IIl94YRs3SbyT+s12Babd5HGoFn5UlljfAC+uHYDtEVoYHIOmIj
Ms5QXsTYQmTtuSfdK4Jj43+O6ABjGkBTSQ41Q2Aj2DBXuvh/do1lnnwly09KdIlB
bzv7PbvxFTOzMR+WeCa/m+bYsFSxNTLHaddnvIyC7G5I
-----END CERTIFICATE-----
Generated at Fri Sep 8 00:23:34 2023 by rpki-client on console-fra.rpki-client.org