Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
File: d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa (raw, json)
Hash identifier: o2GhsOg+eASXRtWqcodUuuJ6kkfkCkZUS2Ov7TlbygU=
Subject key identifier: FF:E2:70:71:EC:99:33:8C:F1:96:10:59:C0:92:B6:6C:16:DB:13:C0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5D0E1710AB594A924D1E730F58AC0A17462B4BA8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.129.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:0e:17:10:ab:59:4a:92:4d:1e:73:0f:58:ac:0a:17:46:2b:4b:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=3f1a42288c6f90824f554b12f79048d0f80d87d8fae67f22ed5786f3f798f509, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:fa:7c:c2:8a:a8:ec:52:37:8d:84:67:81:ec:
74:2e:89:b4:99:05:a5:15:03:50:c6:72:3f:f8:05:
41:59:1f:5d:c6:10:c2:66:b2:77:73:79:fb:8b:e9:
53:a5:3f:7e:77:07:ba:a9:18:be:6e:44:24:9d:6a:
0e:a9:8e:5d:53:4a:db:2c:96:d7:09:d3:c8:f8:9e:
15:47:f4:e5:10:a3:30:ec:20:15:24:ea:ea:5d:de:
60:57:d0:6b:75:9b:8b:28:5f:6b:47:b9:6f:d1:56:
96:00:e2:ea:ff:31:f7:99:12:f8:9b:eb:20:66:ac:
69:bc:10:2c:06:1c:91:f1:ca:85:62:a0:a8:33:12:
0e:29:d5:ec:3e:f6:d9:52:4d:07:58:9b:cb:ce:c2:
9c:7d:c0:5e:84:70:e1:1b:67:2c:e1:33:a8:8b:f9:
b8:8d:aa:6c:5b:f9:a5:71:57:ed:c6:94:4c:38:15:
ab:14:8b:76:bb:aa:93:b6:d8:c5:ee:1d:d3:c8:2d:
f2:cf:db:d1:91:e5:46:24:93:39:9b:c6:eb:d2:2c:
c7:e0:36:cf:2e:8d:6a:2e:01:1e:cb:ee:0d:d1:a4:
9f:af:55:0a:89:ae:ca:48:46:50:52:9d:8b:d5:ea:
ef:e7:38:a9:ec:f8:d6:9c:99:13:91:f5:c7:33:09:
b8:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:E2:70:71:EC:99:33:8C:F1:96:10:59:C0:92:B6:6C:16:DB:13:C0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d1:a0:6f:5d:0b:bb:18:65:fc:4b:2d:b3:d6:94:70:65:ee:e0:
5f:b4:bb:cd:ff:d7:7a:0c:15:d3:32:7b:57:67:bf:86:7d:47:
2b:b0:46:e3:b7:9b:23:cc:d1:fa:01:1f:f1:6d:9a:a7:da:fc:
83:8f:c5:4a:c8:b3:2a:95:e8:f5:54:b1:f8:92:16:c8:64:68:
79:09:46:03:35:e5:82:aa:a0:6a:6c:fa:5b:55:b8:44:48:21:
46:e5:d5:43:08:65:b3:22:9a:dc:1d:ee:10:30:d8:f7:b6:94:
b6:eb:84:e5:52:63:2c:52:17:de:55:30:83:94:63:44:a4:ef:
ff:2e:63:6b:4c:96:c6:f5:d7:8c:57:f1:7f:27:3c:08:4d:1a:
70:4d:45:1a:f3:09:7d:e7:d4:96:a0:b8:b7:33:cb:ed:d8:51:
c6:7d:93:2f:39:b4:95:9b:d7:47:7c:6c:a9:2c:06:bf:76:53:
e4:7b:3e:55:f1:92:e8:11:4f:c9:4a:a8:42:df:08:c4:60:5d:
cc:aa:b3:dc:fc:1d:03:5e:35:3f:c8:3b:4c:bb:53:fa:ad:53:
8f:1d:0e:c1:f8:8c:37:85:2c:aa:f4:7d:d3:8f:0a:65:95:9f:
74:87:77:d2:55:b5:77:cc:ef:b2:5b:d6:58:4d:16:f9:63:5c:
b6:73:34:98
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXQ4XEKtZSpJNHnMPWKwKF0YrS6gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmMWE0MjI4OGM2ZjkwODI0ZjU1NGIxMmY3OTA0OGQwZjgwZDg3ZDhmYWU2
N2YyMmVkNTc4NmYzZjc5OGY1MDkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALT6fMKKqOxSN42EZ4HsdC6JtJkFpRUDUMZyP/gFQVkfXcYQwmayd3N5+4vp
U6U/fncHuqkYvm5EJJ1qDqmOXVNK2yyW1wnTyPieFUf05RCjMOwgFSTq6l3eYFfQ
a3Wbiyhfa0e5b9FWlgDi6v8x95kS+JvrIGasabwQLAYckfHKhWKgqDMSDinV7D72
2VJNB1iby87CnH3AXoRw4RtnLOEzqIv5uI2qbFv5pXFX7caUTDgVqxSLdruqk7bY
xe4d08gt8s/b0ZHlRiSTOZvG69Isx+A2zy6Nai4BHsvuDdGkn69VComuykhGUFKd
i9Xq7+c4qez41pyZE5H1xzMJuJMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT/4nBx
7JkzjPGWEFnAkrZsFtsTwDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDEzZDI2YWUtMzZiMS00ODE1LWE3ZjAtNGRjMDkwZDE1Yjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOBMA0G
CSqGSIb3DQEBCwUAA4IBAQDRoG9dC7sYZfxLLbPWlHBl7uBftLvN/9d6DBXTMntX
Z7+GfUcrsEbjt5sjzNH6AR/xbZqn2vyDj8VKyLMqlej1VLH4khbIZGh5CUYDNeWC
qqBqbPpbVbhESCFG5dVDCGWzIprcHe4QMNj3tpS264TlUmMsUhfeVTCDlGNEpO//
LmNrTJbG9deMV/F/JzwITRpwTUUa8wl959SWoLi3M8vt2FHGfZMvObSVm9dHfGyp
LAa/dlPkez5V8ZLoEU/JSqhC3wjEYF3MqrPc/B0DXjU/yDtMu1P6rVOPHQ7B+Iw3
hSyq9H3TjwpllZ90h3fSVbV3zO+yW9ZYTRb5Y1y2czSY
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:28 2023 by rpki-client on console-ams.rpki-client.org