Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa
File: af8582f5-d209-4e12-aacf-31186289c430.roa (raw, json)
Hash identifier: 8BmxZ9lIwzCf1/3uncooB4I3nu9N5z9sMfRPup/8538=
Subject key identifier: CC:DF:CB:17:FB:27:08:CC:D3:80:41:0F:E0:A3:2F:F5:D2:5A:F6:0A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4BDB8337DB7C1C686676772F114F685C33A60F40
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.216.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:db:83:37:db:7c:1c:68:66:76:77:2f:11:4f:68:5c:33:a6:0f:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=d00e457ecc413f59eac1893835e447f8276427d95514a8cbcf2b50e0c6fa6e05, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:27:2a:2c:b9:11:51:42:d3:a7:98:65:95:3f:
c1:3c:86:47:28:5b:6d:ca:20:a9:3e:0e:f7:12:87:
d3:e7:19:68:b2:8e:0a:60:1a:af:ae:21:0f:84:67:
50:d8:60:36:7a:4a:03:be:1c:c7:53:7f:12:89:5e:
c0:87:31:2e:63:10:33:f2:70:54:b4:4f:59:79:21:
de:b1:c4:92:7e:10:b6:49:bd:6e:31:f7:b2:7f:de:
b3:b4:c3:5f:c8:22:53:08:14:fc:ae:01:29:af:06:
93:9c:8a:20:30:1f:08:78:fd:fb:54:00:cd:a1:df:
5b:39:1d:b6:2e:df:3a:2a:64:a7:53:b2:24:ef:49:
f8:73:9a:76:11:71:61:21:c7:71:4b:bb:e7:4c:ae:
b6:a9:c2:60:05:02:0c:9c:8b:d3:d1:6b:bd:9a:db:
98:c2:06:14:37:7b:97:93:2b:65:c6:3e:9d:a8:c5:
7d:2a:e6:1e:b8:34:94:3b:19:15:7f:c6:ed:90:a1:
b7:00:b2:f7:79:c5:58:65:bf:72:af:a4:d6:43:3f:
ff:9a:b8:29:0d:a4:e1:0e:c7:c9:ab:f4:b1:8c:5c:
81:29:b4:ae:83:8c:39:cc:ce:39:65:53:25:9a:6c:
00:26:24:be:7e:f4:a0:05:55:b9:5b:03:e1:c8:2c:
78:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:DF:CB:17:FB:27:08:CC:D3:80:41:0F:E0:A3:2F:F5:D2:5A:F6:0A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.216.0.0/15
Signature Algorithm: sha256WithRSAEncryption
8e:d2:c7:b4:1b:70:ad:c4:02:b4:93:e4:92:b6:f1:1d:df:52:
61:81:1a:3d:98:67:61:34:53:b9:72:52:f0:02:0e:9d:6d:05:
68:80:d0:f3:3c:fd:7d:91:25:7e:19:30:ae:00:a0:ff:29:3a:
a9:64:65:24:73:cb:d7:43:83:8c:64:e7:f4:44:ec:2e:68:59:
c0:86:93:6d:e0:44:d4:97:f3:b9:93:5f:35:6c:e9:fc:25:1a:
ff:6a:c8:7a:10:37:3b:ff:9f:c5:fb:33:cb:fc:05:eb:4d:5d:
0a:a3:17:b6:e9:3a:f4:9a:35:3e:e0:f1:c7:7d:a4:78:86:7a:
6a:04:f1:b0:4a:92:a0:e4:fb:2b:76:33:54:08:d9:75:32:3d:
c2:4e:ce:74:fb:04:18:c1:5d:89:10:c9:94:d8:ae:68:cf:76:
f4:2f:df:d4:ad:0b:29:a7:ed:41:56:85:7c:64:74:2e:1d:30:
58:1a:39:46:ca:50:be:42:9a:56:b6:2f:73:65:0d:21:6b:72:
74:ad:08:11:b5:85:b6:da:0b:38:9b:4d:1a:95:e8:31:2b:ba:
45:1d:e0:79:5d:f9:51:1d:78:65:4a:28:22:2c:d7:ee:db:e5:
55:70:d9:8b:d4:6c:b3:51:fc:ad:93:b5:9b:09:59:0f:ac:c4:
69:45:d4:ca
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUS9uDN9t8HGhmdncvEU9oXDOmD0AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQwMGU0NTdlY2M0MTNmNTllYWMxODkzODM1ZTQ0N2Y4Mjc2NDI3ZDk1NTE0
YThjYmNmMmI1MGUwYzZmYTZlMDUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMAnKiy5EVFC06eYZZU/wTyGRyhbbcogqT4O9xKH0+cZaLKOCmAar64hD4Rn
UNhgNnpKA74cx1N/EolewIcxLmMQM/JwVLRPWXkh3rHEkn4Qtkm9bjH3sn/es7TD
X8giUwgU/K4BKa8Gk5yKIDAfCHj9+1QAzaHfWzkdti7fOipkp1OyJO9J+HOadhFx
YSHHcUu750yutqnCYAUCDJyL09FrvZrbmMIGFDd7l5MrZcY+najFfSrmHrg0lDsZ
FX/G7ZChtwCy93nFWGW/cq+k1kM//5q4KQ2k4Q7Hyav0sYxcgSm0roOMOczOOWVT
JZpsACYkvn70oAVVuVsD4cgseCUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTM38sX
+ycIzNOAQQ/goy/10lr2CjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWY4NTgyZjUtZDIwOS00ZTEyLWFhY2YtMzExODYyODljNDMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPYMA0G
CSqGSIb3DQEBCwUAA4IBAQCO0se0G3CtxAK0k+SStvEd31JhgRo9mGdhNFO5clLw
Ag6dbQVogNDzPP19kSV+GTCuAKD/KTqpZGUkc8vXQ4OMZOf0ROwuaFnAhpNt4ETU
l/O5k181bOn8JRr/ash6EDc7/5/F+zPL/AXrTV0Koxe26Tr0mjU+4PHHfaR4hnpq
BPGwSpKg5PsrdjNUCNl1Mj3CTs50+wQYwV2JEMmU2K5oz3b0L9/UrQspp+1BVoV8
ZHQuHTBYGjlGylC+QppWti9zZQ0ha3J0rQgRtYW22gs4m00alegxK7pFHeB5XflR
HXhlSigiLNfu2+VVcNmL1GyzUfytk7WbCVkPrMRpRdTK
-----END CERTIFICATE-----
Generated at Fri Sep 8 16:41:10 2023 by rpki-client on console-ams.rpki-client.org