Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d18fde79-f555-4173-b698-355d8129ae53.roa
File: d18fde79-f555-4173-b698-355d8129ae53.roa (raw, json)
Hash identifier: DsztjmTD2bYjsBrOS2DP2DgvcDVahkl8b/aONy0HPf0=
Subject key identifier: C6:3B:37:DB:01:9E:EE:26:A7:31:38:62:9B:FF:37:6D:A7:04:B8:D0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6B7019FC32A0DD9C33EAD5877E65D2BC59977442
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d18fde79-f555-4173-b698-355d8129ae53.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.0.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:70:19:fc:32:a0:dd:9c:33:ea:d5:87:7e:65:d2:bc:59:97:74:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=9d2ac8529a7be17ff139c24f45cf4b7d83fb940dac9773acf0c546a2245d0ed3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:88:f8:c5:fb:c7:bf:60:5f:c0:15:eb:1f:32:
80:14:f1:ea:6e:a3:c1:e1:ad:a5:a6:db:b5:08:8e:
b5:69:be:97:58:ba:29:1e:f5:b1:84:5d:ee:14:c8:
12:7a:60:45:1b:4f:55:36:4f:4f:6f:c4:11:97:66:
c2:78:a6:eb:ce:36:85:db:56:32:70:8e:14:cb:5c:
12:43:c1:98:14:2e:07:f2:00:18:35:f3:8d:c3:70:
e1:e5:9a:22:2b:9f:8b:95:5a:f5:72:f2:d4:84:40:
a0:28:94:42:ca:e5:ab:cb:ca:5c:4e:8f:de:f8:1d:
34:0e:94:bb:ae:07:56:c8:1a:40:b6:28:52:dd:96:
d6:68:e3:dd:42:44:d8:d8:c2:62:5e:47:72:03:61:
e5:52:fe:27:91:f2:0c:3b:60:cc:2c:91:f3:d1:75:
e4:3c:17:db:bd:8d:2c:f4:83:96:6f:25:eb:05:7e:
5f:3a:af:e9:9f:2b:d5:7a:1b:78:3a:e7:02:9e:a5:
7f:51:c8:fa:5f:85:87:e6:c6:bb:79:9a:84:a6:cc:
ee:8e:be:27:fa:6a:40:ed:1e:22:23:0d:15:07:a9:
a6:e2:c2:05:e9:5f:9d:34:22:d6:2b:97:74:b2:f0:
51:07:dc:b8:e7:b7:fa:ec:ce:71:36:d1:dc:8a:ba:
41:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:3B:37:DB:01:9E:EE:26:A7:31:38:62:9B:FF:37:6D:A7:04:B8:D0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d18fde79-f555-4173-b698-355d8129ae53.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.0.0/19
Signature Algorithm: sha256WithRSAEncryption
48:ef:23:9b:9b:e1:ae:c5:fa:6a:3d:77:36:f4:09:2a:f5:39:
6a:86:df:8e:4a:23:79:f5:b7:b0:53:7a:6c:8c:85:ac:f2:e2:
2f:44:d7:df:0b:93:f2:d6:aa:95:02:90:52:89:25:2c:ad:43:
ec:ef:f9:5c:d4:04:2a:29:47:76:a0:19:c1:3b:2d:9e:98:62:
a2:e0:cf:88:91:3a:23:cc:38:a9:03:3e:b6:b9:0b:06:e8:de:
12:a6:23:bf:f2:21:1b:55:59:6d:36:d3:9d:f5:d3:5a:5f:04:
d6:88:07:2a:53:3c:85:7c:4d:d8:31:40:bd:a2:d5:76:44:55:
b2:b7:cc:41:a3:54:f3:07:90:c1:81:0a:cc:f6:a7:27:69:8a:
a1:a7:82:79:8a:17:33:db:28:31:ea:f7:2c:23:51:5d:7c:f8:
57:6f:ba:9e:16:56:d2:8f:9f:32:5a:e0:06:a4:a2:33:db:31:
21:4a:4d:b7:a2:5b:73:61:c1:7e:be:be:4e:d6:07:66:41:ca:
0e:02:61:72:11:34:8f:5e:91:68:1e:8d:d1:f1:63:b2:b7:b9:
73:0e:b4:b4:8f:9c:f0:a8:a4:b1:ce:84:35:b3:ac:1b:2f:92:
b0:dd:01:6b:63:6a:83:1e:bd:39:c4:a0:14:ed:da:57:f3:ce:
53:28:7d:68
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUa3AZ/DKg3Zwz6tWHfmXSvFmXdEIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDlkMmFjODUyOWE3YmUxN2ZmMTM5YzI0ZjQ1Y2Y0YjdkODNmYjk0MGRhYzk3
NzNhY2YwYzU0NmEyMjQ1ZDBlZDMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6I+MX7x79gX8AV6x8ygBTx6m6jweGtpabbtQiOtWm+l1i6KR71sYRd7hTI
EnpgRRtPVTZPT2/EEZdmwnim6842hdtWMnCOFMtcEkPBmBQuB/IAGDXzjcNw4eWa
Iiufi5Va9XLy1IRAoCiUQsrlq8vKXE6P3vgdNA6Uu64HVsgaQLYoUt2W1mjj3UJE
2NjCYl5HcgNh5VL+J5HyDDtgzCyR89F15DwX272NLPSDlm8l6wV+Xzqv6Z8r1Xob
eDrnAp6lf1HI+l+Fh+bGu3mahKbM7o6+J/pqQO0eIiMNFQeppuLCBelfnTQi1iuX
dLLwUQfcuOe3+uzOcTbR3Iq6QQUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTGOzfb
AZ7uJqcxOGKb/zdtpwS40DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDE4ZmRlNzktZjU1NS00MTczLWI2OTgtMzU1ZDgxMjlhZTUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBTMAADAN
BgkqhkiG9w0BAQsFAAOCAQEASO8jm5vhrsX6aj13NvQJKvU5aobfjkojefW3sFN6
bIyFrPLiL0TX3wuT8taqlQKQUoklLK1D7O/5XNQEKilHdqAZwTstnphiouDPiJE6
I8w4qQM+trkLBujeEqYjv/IhG1VZbTbTnfXTWl8E1ogHKlM8hXxN2DFAvaLVdkRV
srfMQaNU8weQwYEKzPanJ2mKoaeCeYoXM9soMer3LCNRXXz4V2+6nhZW0o+fMlrg
BqSiM9sxIUpNt6Jbc2HBfr6+TtYHZkHKDgJhchE0j16RaB6N0fFjsre5cw60tI+c
8Kiksc6ENbOsGy+SsN0Ba2Nqgx69OcSgFO3aV/POUyh9aA==
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:28 2023 by rpki-client on console-ams.rpki-client.org