Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a461a201-5dfd-4f29-b790-759ae6e51a1f.roa
File: a461a201-5dfd-4f29-b790-759ae6e51a1f.roa (raw, json)
Hash identifier: 3/vDFWRBUxpXy7UHeRYToLuL8gFS6v5qj0d3vyJMwLw=
Subject key identifier: 19:D2:94:93:53:D9:9C:88:6E:A1:5D:33:62:A7:E4:36:57:74:A7:D4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 71FCDB27C93F2B087A68A9C520EC96E0CC7490C7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a461a201-5dfd-4f29-b790-759ae6e51a1f.roa
Signing time: Fri 22 Sep 2023 00:00:00 +0000
ROA not before: Fri 22 Sep 2023 00:00:00 +0000
ROA not after: Fri 27 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.104.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Sep 2023 11:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:fc:db:27:c9:3f:2b:08:7a:68:a9:c5:20:ec:96:e0:cc:74:90:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 22 00:00:00 2023 GMT
Not After : Oct 27 23:59:59 2023 GMT
Subject: serialNumber=a693ff9b06e8ef5455d5880add2e286af18ead63a94994568c0cb7d528f90c36, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ae:a9:6f:a3:2e:e8:29:6c:c2:d2:b6:e3:dd:
e2:74:4e:6b:5e:48:0a:dd:f6:49:8d:82:d3:40:ed:
e7:c3:61:47:c1:6c:b0:82:e8:d1:31:0b:93:8d:1e:
48:16:d9:e1:54:2f:d0:f8:7a:66:31:07:d9:8b:11:
51:52:fc:41:83:5e:fb:66:02:b5:2c:bd:71:74:67:
e6:e8:f7:84:4c:64:60:be:fe:12:67:25:a4:fb:94:
7a:90:ad:46:0c:22:39:a4:32:e2:38:54:76:c5:b9:
8b:79:4f:64:de:e8:52:3b:4b:21:12:92:20:ca:d6:
d9:82:b0:3a:6c:af:7b:e9:79:c6:bb:99:bd:26:77:
19:7d:7e:bf:56:89:00:60:c8:3c:eb:6a:e0:81:bc:
5e:41:aa:67:e6:f9:56:cb:5c:d9:fa:ea:4a:03:3f:
91:c9:fe:62:3b:e1:72:f3:f2:3e:12:be:20:7c:16:
b8:ee:79:32:e1:22:3f:8a:94:80:9e:3b:37:f9:c7:
7a:38:01:b6:2b:ee:05:81:66:ba:14:f5:ac:8c:6a:
a2:34:aa:0f:4b:10:83:1c:4b:01:8b:98:c3:67:28:
d6:f4:84:ba:86:d1:b4:e6:7a:58:e0:0b:3c:e1:f1:
a5:f6:c2:69:2a:54:62:9d:fb:a0:a0:ad:f3:18:57:
cc:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:D2:94:93:53:D9:9C:88:6E:A1:5D:33:62:A7:E4:36:57:74:A7:D4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a461a201-5dfd-4f29-b790-759ae6e51a1f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.104.0/21
Signature Algorithm: sha256WithRSAEncryption
23:cd:02:8e:0e:0e:63:b2:61:90:42:12:a6:d1:42:af:30:40:
bb:d1:fd:c3:cc:74:e8:9d:ac:e2:aa:d3:00:93:30:8b:bd:8a:
0e:25:52:5a:c1:0e:90:42:ab:5c:a5:19:e4:0b:93:28:5d:8b:
40:88:18:4b:52:70:c8:65:12:a8:bf:1d:67:f8:8c:34:2a:ab:
7a:56:f6:b9:51:05:94:8d:a4:45:3b:5c:c9:8e:d9:66:ff:89:
90:12:31:77:01:aa:b7:28:e8:0c:f7:10:56:d3:de:00:c6:3f:
6d:5a:c0:7a:c4:90:4b:f0:1d:c7:15:f1:64:1a:74:20:f4:4d:
42:48:82:89:04:31:13:6e:9d:84:86:18:d7:2c:cd:71:fc:11:
4f:59:7f:6a:e4:8c:99:90:f0:3e:5f:9c:d0:08:cb:e0:aa:28:
01:15:02:66:36:6f:69:63:2e:91:62:e3:6c:5f:4c:3b:ae:60:
60:06:e0:96:75:53:4b:7a:b0:10:1a:4b:6b:fb:89:98:c4:59:
dc:13:7b:bf:f9:ec:46:ed:3a:86:78:14:6e:88:1f:d8:5d:20:
ed:ca:75:a8:4c:3a:e6:3b:f9:ca:bd:5d:b2:0b:84:b9:30:a2:
2a:91:89:63:a1:28:39:3e:76:07:b5:6f:21:7a:fb:c3:87:c1:
72:8f:07:d1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUcfzbJ8k/Kwh6aKnFIOyW4Mx0kMcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MjIwMDAwMDBaFw0yMzEwMjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGE2OTNmZjliMDZlOGVmNTQ1NWQ1ODgwYWRkMmUyODZhZjE4ZWFkNjNhOTQ5
OTQ1NjhjMGNiN2Q1MjhmOTBjMzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMWuqW+jLugpbMLStuPd4nROa15ICt32SY2C00Dt58NhR8FssILo0TELk40e
SBbZ4VQv0Ph6ZjEH2YsRUVL8QYNe+2YCtSy9cXRn5uj3hExkYL7+EmclpPuUepCt
RgwiOaQy4jhUdsW5i3lPZN7oUjtLIRKSIMrW2YKwOmyve+l5xruZvSZ3GX1+v1aJ
AGDIPOtq4IG8XkGqZ+b5Vstc2frqSgM/kcn+YjvhcvPyPhK+IHwWuO55MuEiP4qU
gJ47N/nHejgBtivuBYFmuhT1rIxqojSqD0sQgxxLAYuYw2co1vSEuobRtOZ6WOAL
POHxpfbCaSpUYp37oKCt8xhXzO0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQZ0pST
U9mciG6hXTNip+Q2V3Sn1DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTQ2MWEyMDEtNWRmZC00ZjI5LWI3OTAtNzU5YWU2ZTUxYTFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAaDAN
BgkqhkiG9w0BAQsFAAOCAQEAI80Cjg4OY7JhkEISptFCrzBAu9H9w8x06J2s4qrT
AJMwi72KDiVSWsEOkEKrXKUZ5AuTKF2LQIgYS1JwyGUSqL8dZ/iMNCqrelb2uVEF
lI2kRTtcyY7ZZv+JkBIxdwGqtyjoDPcQVtPeAMY/bVrAesSQS/AdxxXxZBp0IPRN
QkiCiQQxE26dhIYY1yzNcfwRT1l/auSMmZDwPl+c0AjL4KooARUCZjZvaWMukWLj
bF9MO65gYAbglnVTS3qwEBpLa/uJmMRZ3BN7v/nsRu06hngUbogf2F0g7cp1qEw6
5jv5yr1dsguEuTCiKpGJY6EoOT52B7VvIXr7w4fBco8H0Q==
-----END CERTIFICATE-----
Generated at Fri Sep 22 15:45:17 2023 by rpki-client on console-ams.rpki-client.org