Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b540e59d-bfd2-4a72-9bb0-37e848d41cd6.roa
File: b540e59d-bfd2-4a72-9bb0-37e848d41cd6.roa (raw, json)
Hash identifier: LgWyAFnDmEBOrefsCKlW87vdwkoFIW7bRQi9IjpbweA=
Subject key identifier: E2:23:2E:26:52:53:EF:6B:8B:7A:53:6E:76:87:A5:9B:03:8A:8B:E1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 743AC20D7E481B145341D7899C9CD078C7495D97
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b540e59d-bfd2-4a72-9bb0-37e848d41cd6.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.34.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:3a:c2:0d:7e:48:1b:14:53:41:d7:89:9c:9c:d0:78:c7:49:5d:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=45d768016c62860603aeb3a107965e59e332a347b49aab57109f69e5bbd99d68, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:02:67:c7:86:a0:f7:35:b3:af:30:13:ce:a1:
f2:c0:bd:ce:20:b5:5c:be:79:ec:6c:e1:f3:7d:c5:
5d:9e:66:b5:f5:77:26:5f:de:ca:2e:65:54:25:ff:
ce:00:52:31:ab:c1:ea:ff:d3:21:fb:b9:f3:2b:b3:
f8:4c:8d:15:36:45:b5:87:e1:ef:3d:a8:af:66:03:
71:db:65:fa:96:d4:58:83:75:ce:aa:da:72:51:4b:
07:bd:d9:29:05:f9:cd:09:a6:5d:95:90:d7:91:c5:
a8:4f:47:76:02:4e:0d:38:ba:4b:fd:d6:c4:ff:0e:
2f:ca:03:f1:c4:f8:e4:53:23:ef:24:15:b8:e5:a6:
cc:87:0f:1d:87:c6:71:f2:74:9d:6c:1c:12:b4:af:
81:fe:4f:4b:61:50:51:c7:5f:7d:ba:68:67:17:d5:
3a:08:2f:f3:97:20:49:98:0d:e5:a3:0a:86:5e:28:
af:53:da:34:e0:d0:cf:fb:ec:a3:88:ba:e0:18:6d:
cc:e2:bb:d8:8a:68:81:be:f8:0e:95:7c:e9:50:48:
d0:43:11:f1:71:6a:58:29:91:68:9f:11:f7:09:68:
46:32:23:23:52:59:ef:c6:59:e1:47:de:ea:76:15:
0f:67:f0:14:29:5a:cf:7a:14:bf:8b:cc:f1:0c:da:
5f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:23:2E:26:52:53:EF:6B:8B:7A:53:6E:76:87:A5:9B:03:8A:8B:E1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b540e59d-bfd2-4a72-9bb0-37e848d41cd6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.34.0.0/15
Signature Algorithm: sha256WithRSAEncryption
57:3d:a6:54:ab:d1:15:0b:d7:aa:48:43:74:dc:86:f5:47:b8:
58:5b:8d:c9:7d:ef:c0:f4:1e:34:d0:3f:e4:ed:1c:61:0c:e0:
54:60:e7:1b:fb:1f:67:21:84:67:50:83:61:cb:a3:b1:70:5a:
37:a6:69:12:44:41:e4:ed:36:e2:c2:3b:7d:b3:81:a8:62:a5:
08:0a:01:11:9a:09:48:64:e1:01:3d:06:94:4d:ab:2f:2f:c9:
01:f4:d1:87:2d:63:16:53:24:d3:cf:93:54:91:4b:4b:11:8a:
44:3b:50:42:71:f5:51:c8:7a:36:a4:65:d6:37:60:2b:3f:64:
c0:29:3e:65:35:c4:a0:0a:99:e4:c2:93:9f:67:aa:ab:65:80:
60:ae:a1:7f:57:96:d4:4c:ce:41:95:27:43:07:4d:3d:56:94:
ba:a9:de:3d:bd:b0:d4:66:9d:09:0e:eb:7f:39:49:e3:9a:65:
e7:41:45:64:09:ef:c1:92:95:6b:39:8c:7c:17:b7:a3:00:4f:
31:8a:c3:ed:6d:85:3e:9b:20:8f:55:fc:c0:6b:a6:47:4c:74:
e5:9a:68:52:22:9f:bd:2e:f1:aa:d0:41:4e:7b:6b:d1:75:8b:
5d:db:dc:b2:e8:88:d1:21:fb:ed:54:35:61:89:ac:f0:8f:67:
9a:14:a0:c7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdDrCDX5IGxRTQdeJnJzQeMdJXZcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ1ZDc2ODAxNmM2Mjg2MDYwM2FlYjNhMTA3OTY1ZTU5ZTMzMmEzNDdiNDlh
YWI1NzEwOWY2OWU1YmJkOTlkNjgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKICZ8eGoPc1s68wE86h8sC9ziC1XL557Gzh833FXZ5mtfV3Jl/eyi5lVCX/
zgBSMavB6v/TIfu58yuz+EyNFTZFtYfh7z2or2YDcdtl+pbUWIN1zqraclFLB73Z
KQX5zQmmXZWQ15HFqE9HdgJODTi6S/3WxP8OL8oD8cT45FMj7yQVuOWmzIcPHYfG
cfJ0nWwcErSvgf5PS2FQUcdffbpoZxfVOggv85cgSZgN5aMKhl4or1PaNODQz/vs
o4i64BhtzOK72Ipogb74DpV86VBI0EMR8XFqWCmRaJ8R9wloRjIjI1JZ78ZZ4Ufe
6nYVD2fwFClaz3oUv4vM8QzaX70CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTiIy4m
UlPva4t6U252h6WbA4qL4TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjU0MGU1OWQtYmZkMi00YTcyLTliYjAtMzdlODQ4ZDQxY2Q2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMiMA0G
CSqGSIb3DQEBCwUAA4IBAQBXPaZUq9EVC9eqSEN03Ib1R7hYW43Jfe/A9B400D/k
7RxhDOBUYOcb+x9nIYRnUINhy6OxcFo3pmkSREHk7Tbiwjt9s4GoYqUICgERmglI
ZOEBPQaUTasvL8kB9NGHLWMWUyTTz5NUkUtLEYpEO1BCcfVRyHo2pGXWN2ArP2TA
KT5lNcSgCpnkwpOfZ6qrZYBgrqF/V5bUTM5BlSdDB009VpS6qd49vbDUZp0JDut/
OUnjmmXnQUVkCe/BkpVrOYx8F7ejAE8xisPtbYU+myCPVfzAa6ZHTHTlmmhSIp+9
LvGq0EFOe2vRdYtd29yy6IjRIfvtVDVhiazwj2eaFKDH
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:19:12 2023 by rpki-client on console-fra.rpki-client.org