Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
File: d51a4935-8601-4ebd-a099-1d61b0a661b3.roa (raw, json)
Hash identifier: rDNUUWJnFE90RCssNVLaRI4pOOR8mzlVLwqqg/dHoUM=
Subject key identifier: F5:3C:07:C1:2A:AD:10:6B:6C:D6:6F:5F:4D:16:3B:64:F7:AD:46:CC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 31CCAD849A743269D3BD2889B37410E0DD22A20D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.228.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:cc:ad:84:9a:74:32:69:d3:bd:28:89:b3:74:10:e0:dd:22:a2:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=3564d7e69b992f6867f09a8b71bd81a6f5368678416453673f8e564bf3d571fb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:7a:33:fa:fb:e5:0c:4a:d6:c4:de:42:c8:0e:
14:62:74:a8:40:7e:c9:5d:13:08:19:25:35:69:62:
67:5f:ed:e3:bc:6f:61:77:1b:29:44:fd:75:28:fe:
9e:bb:6e:96:63:08:fd:03:68:3a:af:06:bc:d1:e5:
4e:51:68:3f:61:f5:56:83:6e:dc:cf:59:2a:11:3d:
35:8b:64:04:d5:ce:45:13:5a:f0:fe:52:ac:b1:d7:
58:f0:9a:dd:0a:6a:dc:7b:4c:84:ec:8e:ae:20:50:
e0:db:e7:44:72:c7:e9:7d:1a:03:af:23:c4:2a:2b:
af:58:38:6c:91:34:4a:07:85:aa:61:89:b7:71:68:
49:bc:f2:1b:15:c1:9b:f6:30:b4:d8:eb:22:0c:6b:
81:07:57:9c:71:b1:bf:bd:a0:db:06:ec:58:f3:2e:
0e:f5:86:2d:4e:d4:bd:ff:ab:a6:8b:28:f1:f3:25:
5c:ad:4b:f5:46:a7:f1:0c:49:2e:7f:66:f8:b1:f6:
6a:77:6b:c3:16:61:be:05:c1:22:ad:f6:e1:17:96:
cf:be:37:1e:1a:d1:cb:94:2f:53:31:dd:15:83:2c:
f1:b5:8d:b8:32:ab:62:9e:36:f5:40:30:e5:b7:dc:
0c:0e:ad:0a:c9:0b:a0:5f:82:81:4d:04:91:ff:cb:
8e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:3C:07:C1:2A:AD:10:6B:6C:D6:6F:5F:4D:16:3B:64:F7:AD:46:CC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.228.0.0/15
Signature Algorithm: sha256WithRSAEncryption
7f:16:b1:4f:2e:47:d3:96:72:b3:a0:1d:dc:ed:55:7e:45:a8:
76:8d:93:89:23:8e:56:b9:e9:cd:ee:2d:f9:ad:5f:01:6e:eb:
32:97:13:f9:90:1a:70:17:d2:a1:aa:2a:5b:b0:eb:7a:48:b5:
18:a6:e1:8c:56:1a:46:a8:50:59:01:67:f2:2b:d2:4a:6b:88:
9e:2c:b4:5b:9d:9f:5d:ea:82:3d:04:8e:1f:dc:bd:ab:91:6c:
58:72:ad:1f:3a:0c:6e:03:83:bf:20:ba:05:4a:29:82:0b:9e:
d7:6e:c3:1e:cf:f2:46:8f:ca:8e:25:df:ef:a5:ad:4b:e8:e6:
11:f3:d7:76:69:b4:c1:5e:b7:78:e1:73:97:50:6a:68:eb:a1:
ce:1b:b4:21:17:9e:40:db:6a:16:25:3a:7d:6f:f1:17:1d:fa:
b0:cc:1d:52:99:a8:7b:83:15:ca:63:d1:8d:ed:03:32:aa:dc:
93:23:8c:11:46:ba:7b:2b:75:39:c5:66:97:92:60:04:e5:33:
90:ee:f4:cd:ca:6a:75:05:1c:a3:c3:cd:03:75:1d:ed:c3:fe:
d0:c3:b1:ed:29:0a:9c:57:a7:35:00:bd:e4:27:29:c8:05:ad:
76:67:73:ae:d5:3b:a5:50:06:a5:fa:26:02:f6:e4:ef:6b:54:
b9:0b:7c:db
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMcythJp0MmnTvSiJs3QQ4N0iog0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1NjRkN2U2OWI5OTJmNjg2N2YwOWE4YjcxYmQ4MWE2ZjUzNjg2Nzg0MTY0
NTM2NzNmOGU1NjRiZjNkNTcxZmIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIt6M/r75QxK1sTeQsgOFGJ0qEB+yV0TCBklNWliZ1/t47xvYXcbKUT9dSj+
nrtulmMI/QNoOq8GvNHlTlFoP2H1VoNu3M9ZKhE9NYtkBNXORRNa8P5SrLHXWPCa
3Qpq3HtMhOyOriBQ4NvnRHLH6X0aA68jxCorr1g4bJE0SgeFqmGJt3FoSbzyGxXB
m/YwtNjrIgxrgQdXnHGxv72g2wbsWPMuDvWGLU7Uvf+rposo8fMlXK1L9Uan8QxJ
Ln9m+LH2andrwxZhvgXBIq324ReWz743HhrRy5QvUzHdFYMs8bWNuDKrYp429UAw
5bfcDA6tCskLoF+CgU0Ekf/LjoECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT1PAfB
Kq0Qa2zWb19NFjtk961GzDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDUxYTQ5MzUtODYwMS00ZWJkLWEwOTktMWQ2MWIwYTY2MWIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPkMA0G
CSqGSIb3DQEBCwUAA4IBAQB/FrFPLkfTlnKzoB3c7VV+Rah2jZOJI45WuenN7i35
rV8BbusylxP5kBpwF9KhqipbsOt6SLUYpuGMVhpGqFBZAWfyK9JKa4ieLLRbnZ9d
6oI9BI4f3L2rkWxYcq0fOgxuA4O/ILoFSimCC57XbsMez/JGj8qOJd/vpa1L6OYR
89d2abTBXrd44XOXUGpo66HOG7QhF55A22oWJTp9b/EXHfqwzB1Smah7gxXKY9GN
7QMyqtyTI4wRRrp7K3U5xWaXkmAE5TOQ7vTNymp1BRyjw80DdR3tw/7Qw7HtKQqc
V6c1AL3kJynIBa12Z3Ou1TulUAal+iYC9uTva1S5C3zb
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:28 2023 by rpki-client on console-ams.rpki-client.org