Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a4d0611b-6ace-49c7-bbb6-ff031993f658.roa
File: a4d0611b-6ace-49c7-bbb6-ff031993f658.roa (raw, json)
Hash identifier: lZdaYgN+qB2kZgayTQ+MrAv2bY3B0vECaRcWHJD0LyY=
Subject key identifier: 7B:F9:6E:D2:1E:B3:DE:6A:E7:34:D1:C8:4F:46:4A:96:2F:3E:BD:62
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2E930B811D203E947061A2854D70BFE5981E5BF2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a4d0611b-6ace-49c7-bbb6-ff031993f658.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.112.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:93:0b:81:1d:20:3e:94:70:61:a2:85:4d:70:bf:e5:98:1e:5b:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=4720cb74ebbddee87dce9b1879b85c00a060d5702a3e1e8228ca144787edd1f3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:1d:2b:27:3f:13:44:70:bd:b9:7c:84:fe:0f:
78:15:1b:40:09:5e:ac:91:77:0e:f8:9b:9f:ac:2f:
16:9d:a8:4f:18:1c:ae:c4:9b:f8:ed:26:c9:aa:4d:
5b:b4:e6:0b:a7:52:dc:62:79:15:cf:33:6d:fa:35:
2d:e1:70:d5:4f:ca:10:31:50:b9:67:47:13:14:4c:
3e:23:c2:1e:a4:32:eb:65:29:a7:72:9c:ca:54:ca:
24:ce:bf:ec:8d:c2:c2:1b:1b:07:96:31:fb:30:34:
76:b1:d2:56:a5:c6:56:f0:d3:fd:63:b7:c8:63:cd:
8b:55:bb:fd:2d:8c:5e:0b:c0:36:d4:1f:de:34:99:
99:1a:81:18:3e:58:f9:55:ee:75:ba:ea:02:67:8e:
c4:13:b1:e6:f9:1a:33:0b:79:be:9e:61:11:1e:ca:
e2:69:18:d2:56:00:c7:e6:4f:80:a2:72:fb:0b:77:
ab:47:ad:75:6d:9c:ad:e3:2c:9e:f8:5b:1e:70:89:
c5:ad:5c:2f:2f:26:86:ae:6a:b0:64:d6:63:24:00:
b5:8e:5f:c9:ae:67:b1:da:67:41:94:09:ce:ba:b3:
82:85:4d:41:db:98:0f:b1:8e:cf:b3:97:96:de:65:
5f:60:92:fb:ae:9b:7c:ad:e4:e9:52:7b:9f:04:ea:
1f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:F9:6E:D2:1E:B3:DE:6A:E7:34:D1:C8:4F:46:4A:96:2F:3E:BD:62
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a4d0611b-6ace-49c7-bbb6-ff031993f658.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.112.0.0/15
Signature Algorithm: sha256WithRSAEncryption
8c:74:ff:8d:c8:02:7b:49:6b:51:8c:7d:fb:b8:d7:d4:5f:0d:
5e:2a:af:ca:4d:94:d5:45:5d:e3:28:5a:12:e9:97:a5:e0:c8:
1c:f2:a1:4e:46:5f:31:a8:2e:23:d7:b2:06:21:b2:80:99:78:
68:c9:80:cc:83:57:a3:55:54:e5:c9:35:65:a7:31:72:e0:f8:
80:3e:f2:53:60:65:d7:cb:b6:62:d1:e0:18:b0:ff:79:c3:73:
7f:91:7c:15:4f:36:c9:c4:a6:15:e2:c5:e5:62:e6:f2:f6:0e:
5d:b7:64:5c:0e:e2:fd:ad:30:86:38:44:6c:4a:bd:03:89:2b:
10:b0:00:ac:71:01:00:1f:19:2e:df:d2:bb:8f:e6:d7:c9:5f:
f2:a6:b6:bd:17:f8:ef:1a:77:f8:3b:44:9a:d1:67:db:b6:da:
16:0f:49:ff:7a:1b:6a:93:1b:9b:82:da:1f:7b:dc:34:bc:96:
50:31:3b:f6:8a:5a:2e:a3:f6:e6:f3:0d:a9:cf:02:7c:6a:60:
b1:b9:79:2b:26:37:2d:ab:ff:1a:4a:69:51:fb:43:94:61:94:
7a:62:2f:ec:fb:13:7a:1f:52:1c:82:b1:b2:2d:11:f2:c9:78:
6d:d7:d9:54:43:d0:a4:ef:13:3b:13:6a:fa:a6:1c:41:c0:7c:
23:8f:18:4b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULpMLgR0gPpRwYaKFTXC/5ZgeW/IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ3MjBjYjc0ZWJiZGRlZTg3ZGNlOWIxODc5Yjg1YzAwYTA2MGQ1NzAyYTNl
MWU4MjI4Y2ExNDQ3ODdlZGQxZjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANMdKyc/E0Rwvbl8hP4PeBUbQAlerJF3Dvibn6wvFp2oTxgcrsSb+O0myapN
W7TmC6dS3GJ5Fc8zbfo1LeFw1U/KEDFQuWdHExRMPiPCHqQy62Upp3KcylTKJM6/
7I3CwhsbB5Yx+zA0drHSVqXGVvDT/WO3yGPNi1W7/S2MXgvANtQf3jSZmRqBGD5Y
+VXudbrqAmeOxBOx5vkaMwt5vp5hER7K4mkY0lYAx+ZPgKJy+wt3q0etdW2creMs
nvhbHnCJxa1cLy8mhq5qsGTWYyQAtY5fya5nsdpnQZQJzrqzgoVNQduYD7GOz7OX
lt5lX2CS+66bfK3k6VJ7nwTqH+kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR7+W7S
HrPeauc00chPRkqWLz69YjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTRkMDYxMWItNmFjZS00OWM3LWJiYjYtZmYwMzE5OTNmNjU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNwMA0G
CSqGSIb3DQEBCwUAA4IBAQCMdP+NyAJ7SWtRjH37uNfUXw1eKq/KTZTVRV3jKFoS
6Zel4Mgc8qFORl8xqC4j17IGIbKAmXhoyYDMg1ejVVTlyTVlpzFy4PiAPvJTYGXX
y7Zi0eAYsP95w3N/kXwVTzbJxKYV4sXlYuby9g5dt2RcDuL9rTCGOERsSr0DiSsQ
sACscQEAHxku39K7j+bXyV/ypra9F/jvGnf4O0Sa0WfbttoWD0n/ehtqkxubgtof
e9w0vJZQMTv2ilouo/bm8w2pzwJ8amCxuXkrJjctq/8aSmlR+0OUYZR6Yi/s+xN6
H1IcgrGyLRHyyXht19lUQ9Ck7xM7E2r6phxBwHwjjxhL
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:47:32 2023 by rpki-client on console-fra.rpki-client.org