Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa
File: ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa (raw, json)
Hash identifier: Cn4owy+AvIQwEi3C+1A94xj1xoA8pXPuoik61RUpihA=
Subject key identifier: 5A:F7:30:C8:3D:6D:CF:A0:B2:60:F0:29:05:08:CB:5B:C4:B8:F6:54
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1477E0F3E1A44412B28428B89CC692479C14A3F5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.200.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:77:e0:f3:e1:a4:44:12:b2:84:28:b8:9c:c6:92:47:9c:14:a3:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=8533398b32496dc1842a15940f86f094ea512c7a25325e05f02b9e040f509ea1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:c9:e8:0d:c8:b4:8b:98:ae:31:22:e8:23:1b:
e1:b6:73:ed:63:a1:21:dc:05:b3:3c:c8:eb:d9:13:
d3:f9:ab:40:aa:bd:45:05:77:8b:b2:6e:01:f4:20:
1e:07:a5:70:15:5d:c2:eb:70:b0:e2:d6:c6:f7:d1:
cf:78:de:93:d3:5a:4f:94:b3:4b:c6:ee:be:f5:c6:
de:6b:a7:f8:33:0a:25:4c:5b:ed:d2:af:1a:28:29:
d1:96:7c:1e:c8:53:57:ea:92:9a:57:0a:75:f2:ee:
18:41:5a:51:af:d6:c5:07:46:97:b8:6e:0c:8e:a5:
ff:9b:e2:1c:27:07:52:d9:0b:f3:7d:f8:29:cf:71:
30:5c:1b:08:9b:f8:b3:95:01:84:c2:1d:32:d6:d5:
e6:45:6c:e6:e6:2c:5b:e6:aa:2d:1e:72:b3:26:11:
42:1f:79:8a:83:8f:df:1e:b6:d0:df:81:e5:54:b1:
c8:e1:61:24:44:8b:6c:86:7c:84:27:44:65:f1:43:
b7:fb:61:6e:e4:80:10:5b:b7:96:fb:ef:85:2c:87:
f4:43:dd:94:75:61:a0:a8:ef:5c:2d:1d:36:05:1f:
61:29:b5:94:a3:63:97:92:37:89:2f:97:54:5d:6a:
36:e3:03:09:42:13:60:30:ab:a8:87:4a:0f:4d:63:
ad:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:F7:30:C8:3D:6D:CF:A0:B2:60:F0:29:05:08:CB:5B:C4:B8:F6:54
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.200.0.0/15
Signature Algorithm: sha256WithRSAEncryption
8e:c7:8a:d4:98:d5:f0:ac:b3:c0:13:0e:81:2d:b3:c3:5b:fe:
e8:c5:cf:0d:9d:36:26:25:9e:2d:e4:20:29:8e:2f:fc:75:2a:
98:f3:67:4c:4b:4a:bb:16:ef:46:23:db:10:ea:dd:b1:f7:d5:
f3:59:a4:5b:52:dc:f5:34:54:ae:d7:5e:62:1e:5b:a3:57:21:
de:66:60:97:f8:38:18:4f:fa:86:c9:1e:e8:bc:ba:ec:45:f4:
c3:6f:4d:7a:1b:c5:72:3a:33:8f:b9:94:9d:51:76:a4:09:2b:
3c:61:c6:3a:ee:f8:06:a6:d7:fd:27:d8:30:e7:94:15:91:b4:
fc:bf:12:14:1d:c5:dc:65:e1:5c:0f:43:8d:bd:fc:d7:75:6e:
c9:23:5e:07:25:99:af:a5:95:31:29:3e:9c:da:4f:cb:1f:dc:
12:f6:d1:e0:86:11:be:b6:b2:d8:a0:2c:87:6f:ca:08:97:0b:
28:15:75:95:57:a5:93:57:f3:d6:c1:4f:7e:02:68:fc:63:f3:
36:50:fe:13:5b:f2:7b:17:c6:b8:5f:70:bd:ef:8c:be:30:9d:
52:3a:a6:a9:5d:82:ef:bf:1f:35:f2:28:b9:7d:df:2e:9d:3c:
7b:3d:9e:a2:d1:62:67:8c:1c:d3:8c:02:02:03:b2:51:90:ca:
44:6c:4f:fe
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFHfg8+GkRBKyhCi4nMaSR5wUo/UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1MzMzOThiMzI0OTZkYzE4NDJhMTU5NDBmODZmMDk0ZWE1MTJjN2EyNTMy
NWUwNWYwMmI5ZTA0MGY1MDllYTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPzJ6A3ItIuYrjEi6CMb4bZz7WOhIdwFszzI69kT0/mrQKq9RQV3i7JuAfQg
HgelcBVdwutwsOLWxvfRz3jek9NaT5SzS8buvvXG3mun+DMKJUxb7dKvGigp0ZZ8
HshTV+qSmlcKdfLuGEFaUa/WxQdGl7huDI6l/5viHCcHUtkL8334Kc9xMFwbCJv4
s5UBhMIdMtbV5kVs5uYsW+aqLR5ysyYRQh95ioOP3x620N+B5VSxyOFhJESLbIZ8
hCdEZfFDt/thbuSAEFu3lvvvhSyH9EPdlHVhoKjvXC0dNgUfYSm1lKNjl5I3iS+X
VF1qNuMDCUITYDCrqIdKD01jrZ8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRa9zDI
PW3PoLJg8CkFCMtbxLj2VDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWNmYTNjMTMtY2JhOS00NTI5LTg0Y2YtN2I2YmY4ZTVjZDRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPIMA0G
CSqGSIb3DQEBCwUAA4IBAQCOx4rUmNXwrLPAEw6BLbPDW/7oxc8NnTYmJZ4t5CAp
ji/8dSqY82dMS0q7Fu9GI9sQ6t2x99XzWaRbUtz1NFSu115iHlujVyHeZmCX+DgY
T/qGyR7ovLrsRfTDb016G8VyOjOPuZSdUXakCSs8YcY67vgGptf9J9gw55QVkbT8
vxIUHcXcZeFcD0ONvfzXdW7JI14HJZmvpZUxKT6c2k/LH9wS9tHghhG+trLYoCyH
b8oIlwsoFXWVV6WTV/PWwU9+Amj8Y/M2UP4TW/J7F8a4X3C974y+MJ1SOqapXYLv
vx818ii5fd8unTx7PZ6i0WJnjBzTjAICA7JRkMpEbE/+
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:28 2023 by rpki-client on console-ams.rpki-client.org