Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
File: cf51afdd-468d-4999-b2cd-4c6517505aee.roa (raw, json)
Hash identifier: mIddeFZ7Ui4sgyA4uubpeRIpf27YYah3HMZftsC0Vag=
Subject key identifier: AF:84:90:D8:7E:FA:54:D6:76:32:13:64:46:18:97:2B:8C:50:47:55
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 773EB625C60281E595F27CE4525848FE3CE52AC3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.202.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:3e:b6:25:c6:02:81:e5:95:f2:7c:e4:52:58:48:fe:3c:e5:2a:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=e819b24e75317c84c9fbbf56e757ec70383c788175ebaefb16aecf377a01f39f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:2c:47:68:cc:ca:f4:7d:f5:55:7e:d0:f8:e6:
63:42:ab:9c:3b:34:fd:b5:f9:9e:65:60:64:d5:1f:
65:b8:14:a1:de:f4:28:eb:3b:38:b2:1a:69:c2:4c:
4e:79:d5:f5:53:84:c6:85:95:e4:27:2d:95:8b:84:
b7:f0:5e:47:3c:c5:9e:ad:45:0c:75:3a:c7:74:ff:
d3:c2:97:21:b3:ac:6a:ee:b3:8f:b3:71:b9:5a:5a:
6e:99:b4:ca:91:61:77:bf:51:a5:2a:14:23:db:93:
e8:15:0c:31:37:b6:c8:de:e7:71:05:37:c1:01:56:
31:a0:98:cc:36:41:4c:5b:7d:c8:44:4b:fa:59:12:
ff:c4:bb:7f:83:58:ef:af:3a:7f:77:55:b3:50:7c:
e4:12:7c:c9:6b:69:f9:ee:24:4b:c0:0f:b0:60:f6:
ea:cb:77:1b:d8:d2:b3:5d:25:00:87:9c:6b:ee:56:
b8:37:dc:f5:ae:4b:d4:78:42:78:d8:93:40:46:a8:
65:ef:e9:c3:91:24:51:6a:28:d3:c1:aa:1f:7d:ef:
b6:8a:51:5f:59:1c:f1:3e:15:87:0b:01:d0:3f:83:
34:c4:17:6c:1f:cc:81:fd:00:4d:4c:70:80:b5:3a:
ac:4e:52:a5:b6:c3:8c:d9:e7:03:63:9a:eb:dd:ff:
98:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:84:90:D8:7E:FA:54:D6:76:32:13:64:46:18:97:2B:8C:50:47:55
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.202.0.0/15
Signature Algorithm: sha256WithRSAEncryption
37:34:bf:d0:b0:1b:08:b4:68:c3:b4:f5:c6:b5:2c:89:ae:58:
6b:cf:58:d9:fc:a5:7c:d3:51:4a:86:43:d8:cf:f4:7f:d4:2a:
21:ba:88:97:15:7f:ad:16:46:3b:51:62:93:11:a4:09:e8:b4:
87:e5:b1:e9:ab:6d:17:5f:15:3f:27:97:50:96:4e:80:be:43:
57:1e:91:30:09:f4:79:57:2f:47:7f:5a:7e:59:b5:54:0e:c6:
ce:29:bd:42:2f:d2:eb:a6:05:28:d9:9e:9b:cc:e3:7b:a8:87:
48:41:ce:c6:13:fd:db:40:2f:97:80:48:90:d3:12:2b:b3:7e:
fe:fe:42:cd:a7:41:d9:55:6b:37:7f:42:09:08:4e:66:a3:f5:
63:53:1b:4c:5b:c9:cc:79:62:4b:4d:a4:19:61:77:c1:a5:21:
2e:c1:65:b1:e8:94:2d:15:d1:8f:fc:4b:23:55:23:b1:4a:07:
f3:26:53:1f:3c:29:44:d0:e4:4e:40:e0:00:bf:16:ad:f4:51:
8c:57:7f:00:35:74:01:a4:a3:76:0a:f6:26:2a:81:9a:28:60:
a7:07:7e:e9:34:7e:ef:f7:dc:a5:57:ca:55:0c:65:1e:03:c5:
ce:0c:b8:c8:9d:24:61:43:35:64:22:1b:9f:7d:a6:46:98:e8:
0e:b9:4e:f2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdz62JcYCgeWV8nzkUlhI/jzlKsMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGU4MTliMjRlNzUzMTdjODRjOWZiYmY1NmU3NTdlYzcwMzgzYzc4ODE3NWVi
YWVmYjE2YWVjZjM3N2EwMWYzOWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMosR2jMyvR99VV+0PjmY0KrnDs0/bX5nmVgZNUfZbgUod70KOs7OLIaacJM
TnnV9VOExoWV5CctlYuEt/BeRzzFnq1FDHU6x3T/08KXIbOsau6zj7NxuVpabpm0
ypFhd79RpSoUI9uT6BUMMTe2yN7ncQU3wQFWMaCYzDZBTFt9yERL+lkS/8S7f4NY
7686f3dVs1B85BJ8yWtp+e4kS8APsGD26st3G9jSs10lAIeca+5WuDfc9a5L1HhC
eNiTQEaoZe/pw5EkUWoo08GqH33vtopRX1kc8T4VhwsB0D+DNMQXbB/Mgf0ATUxw
gLU6rE5SpbbDjNnnA2Oa693/mGcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSvhJDY
fvpU1nYyE2RGGJcrjFBHVTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2Y1MWFmZGQtNDY4ZC00OTk5LWIyY2QtNGM2NTE3NTA1YWVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPKMA0G
CSqGSIb3DQEBCwUAA4IBAQA3NL/QsBsItGjDtPXGtSyJrlhrz1jZ/KV801FKhkPY
z/R/1CohuoiXFX+tFkY7UWKTEaQJ6LSH5bHpq20XXxU/J5dQlk6AvkNXHpEwCfR5
Vy9Hf1p+WbVUDsbOKb1CL9LrpgUo2Z6bzON7qIdIQc7GE/3bQC+XgEiQ0xIrs37+
/kLNp0HZVWs3f0IJCE5mo/VjUxtMW8nMeWJLTaQZYXfBpSEuwWWx6JQtFdGP/Esj
VSOxSgfzJlMfPClE0OROQOAAvxat9FGMV38ANXQBpKN2CvYmKoGaKGCnB37pNH7v
99ylV8pVDGUeA8XODLjInSRhQzVkIhuffaZGmOgOuU7y
-----END CERTIFICATE-----
Generated at Fri Sep 8 16:41:10 2023 by rpki-client on console-ams.rpki-client.org