Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
File: b1f2e92a-59bb-45af-9b7f-630a07248560.roa (raw, json)
Hash identifier: HJUbhhEjmdxY3v6/JCcpctB5WbzXBhdvjASd7aZ8b+0=
Subject key identifier: EB:C3:73:30:CF:56:66:F2:5C:8D:05:5F:24:B6:66:D7:EC:A1:2A:1F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7D2CEF72B7119191A07740883131CE5822EE8568
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
Signing time: Wed 06 Sep 2023 00:00:00 +0000
ROA not before: Wed 06 Sep 2023 00:00:00 +0000
ROA not after: Wed 11 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.240.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Sep 2023 17:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:2c:ef:72:b7:11:91:91:a0:77:40:88:31:31:ce:58:22:ee:85:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 6 00:00:00 2023 GMT
Not After : Oct 11 23:59:59 2023 GMT
Subject: serialNumber=745341ab03245490f49e8676aa64ed641fa4bcd1a98ab7ca9142c6565120b806, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:bc:14:a7:c4:aa:c0:8f:34:ac:12:b1:4b:c5:
8a:8d:70:ac:e8:1b:42:3f:94:af:de:58:8a:e2:03:
6e:92:79:3f:4d:77:44:cf:87:a4:8a:1b:4b:66:1f:
e4:4b:56:54:82:8b:46:b5:16:f0:84:33:ae:b5:bf:
d9:d1:db:cc:d7:51:e3:6f:61:50:19:d6:5f:34:81:
5a:1c:f3:b4:ed:ac:d8:65:b7:df:d6:cf:61:d9:5c:
20:c2:f5:d7:bf:55:72:48:80:4e:0c:bd:68:47:b3:
1c:83:63:9a:69:4e:f9:5d:4e:c1:d5:6d:17:45:3b:
a8:d4:0a:81:c2:11:9f:5a:55:86:73:ec:5e:25:f2:
fc:2f:2a:e1:ee:f9:6a:04:b9:6d:1c:8c:66:91:67:
d2:94:1b:e5:f3:1b:6e:26:33:06:68:4b:54:ea:9f:
8d:2b:83:b2:85:db:3a:5e:8b:33:d4:8b:83:b3:f2:
3e:46:14:64:82:63:31:74:78:3d:cc:fe:3f:d8:cc:
df:e4:db:f7:1b:b0:3c:70:c1:41:33:8a:63:52:dd:
90:be:45:6e:56:db:d7:ca:0d:2c:19:28:c5:81:54:
a9:fc:e6:b5:18:4d:e4:33:95:01:ac:a7:8c:a7:44:
61:7b:6c:55:78:3a:8e:f6:82:17:65:0b:4a:99:d8:
8e:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:C3:73:30:CF:56:66:F2:5C:8D:05:5F:24:B6:66:D7:EC:A1:2A:1F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.240.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9e:a2:b2:39:45:26:40:91:b7:56:53:32:00:15:78:ad:d1:b9:
4a:e6:04:97:fc:80:b9:5d:cf:82:f6:ef:b8:8d:12:42:05:d0:
4d:6a:01:d8:25:27:65:df:61:11:fd:a4:26:31:07:fd:6f:c0:
76:d5:53:43:15:6a:f4:0e:aa:11:7c:ea:f8:8a:55:16:c3:76:
06:f9:e7:af:0a:ca:ce:f2:04:94:40:c7:43:ce:33:ff:6b:f4:
b7:38:ec:1e:dd:68:fa:e7:56:16:b4:09:78:97:cb:26:80:e6:
d9:cf:c6:c1:2e:2e:9d:56:ae:49:75:5e:0d:ce:96:77:ef:b3:
77:e6:1e:43:4b:e8:c7:09:e3:b1:b6:65:f7:e1:b5:98:6e:21:
0a:c5:06:e9:05:a0:69:18:03:6c:d6:a0:ce:e4:a1:7a:c5:5c:
44:b2:81:8e:b8:84:0b:94:35:c2:af:da:99:7e:89:87:64:a7:
44:8c:e0:7d:22:af:86:49:9c:f7:80:58:b4:1b:ba:d4:ec:01:
6b:2c:2a:b3:02:73:3b:df:d0:e3:3c:d9:26:97:ab:6f:db:4e:
b1:93:6e:f0:5a:f6:69:4b:30:46:5b:5f:76:bd:d4:27:66:c0:
37:d8:1a:63:7f:6c:b7:96:22:38:fc:56:85:71:99:54:43:61:
06:a9:bc:06
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfSzvcrcRkZGgd0CIMTHOWCLuhWgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDYwMDAwMDBaFw0yMzEwMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0NTM0MWFiMDMyNDU0OTBmNDllODY3NmFhNjRlZDY0MWZhNGJjZDFhOThh
YjdjYTkxNDJjNjU2NTEyMGI4MDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJm8FKfEqsCPNKwSsUvFio1wrOgbQj+Ur95YiuIDbpJ5P013RM+HpIobS2Yf
5EtWVIKLRrUW8IQzrrW/2dHbzNdR429hUBnWXzSBWhzztO2s2GW339bPYdlcIML1
179VckiATgy9aEezHINjmmlO+V1OwdVtF0U7qNQKgcIRn1pVhnPsXiXy/C8q4e75
agS5bRyMZpFn0pQb5fMbbiYzBmhLVOqfjSuDsoXbOl6LM9SLg7PyPkYUZIJjMXR4
Pcz+P9jM3+Tb9xuwPHDBQTOKY1LdkL5Fblbb18oNLBkoxYFUqfzmtRhN5DOVAayn
jKdEYXtsVXg6jvaCF2ULSpnYjm8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTrw3Mw
z1Zm8lyNBV8ktmbX7KEqHzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjFmMmU5MmEtNTliYi00NWFmLTliN2YtNjMwYTA3MjQ4NTYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADPwMA0G
CSqGSIb3DQEBCwUAA4IBAQCeorI5RSZAkbdWUzIAFXit0blK5gSX/IC5Xc+C9u+4
jRJCBdBNagHYJSdl32ER/aQmMQf9b8B21VNDFWr0DqoRfOr4ilUWw3YG+eevCsrO
8gSUQMdDzjP/a/S3OOwe3Wj651YWtAl4l8smgObZz8bBLi6dVq5JdV4NzpZ377N3
5h5DS+jHCeOxtmX34bWYbiEKxQbpBaBpGANs1qDO5KF6xVxEsoGOuIQLlDXCr9qZ
fomHZKdEjOB9Iq+GSZz3gFi0G7rU7AFrLCqzAnM739DjPNkml6tv206xk27wWvZp
SzBGW192vdQnZsA32Bpjf2y3liI4/FaFcZlUQ2EGqbwG
-----END CERTIFICATE-----
Generated at Wed Sep 6 00:20:49 2023 by rpki-client on console-fra.rpki-client.org