Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef3e6945-57bf-41fe-9e98-2db6c2800547.roa
File: ef3e6945-57bf-41fe-9e98-2db6c2800547.roa (raw, json)
Hash identifier: GC2KtybcAorYNQdb9aCbDxdZxzggHI9TAs7zOXG924w=
Subject key identifier: 07:E6:C2:71:43:72:8D:56:33:1B:25:8B:C8:A1:F7:D2:F5:98:F5:45
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6A0D9DA320FC301165CE2347038083F80245C041
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef3e6945-57bf-41fe-9e98-2db6c2800547.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.208.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:0d:9d:a3:20:fc:30:11:65:ce:23:47:03:80:83:f8:02:45:c0:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=4de9430000db924b2f3263bfa470d2ed42d8e6a4f11c892a84fe8892246bd1d2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ad:fb:c2:61:df:44:80:84:0d:d1:30:00:16:
0a:38:5b:26:78:e9:24:07:10:23:81:af:5b:19:6e:
81:52:1b:33:c6:6e:d1:7b:9c:01:02:2f:a5:ef:f2:
01:7c:7e:ce:06:ff:84:92:b1:a8:cc:16:94:18:40:
4a:01:fb:b4:82:78:df:c3:64:25:bc:96:9a:9a:bc:
cc:b4:94:df:cd:c6:b3:b2:77:9a:e9:6f:47:df:97:
73:8f:ef:2c:d2:c2:40:80:64:12:6d:9d:40:69:85:
7e:68:9f:aa:b7:b7:6f:85:e4:85:a5:ef:77:c9:c3:
6d:a0:ea:77:76:7c:85:6d:53:2b:4d:46:70:38:5b:
7f:38:87:34:ee:61:0e:27:e7:33:5e:b6:45:59:84:
d2:ad:17:fe:20:b7:97:75:fe:8a:07:da:60:d5:2c:
34:cb:27:ea:3a:77:94:d7:26:e2:7b:1b:c6:50:b7:
2c:9f:d8:12:ac:f0:d0:7b:f6:49:ea:93:63:7d:48:
b1:82:a5:49:83:7f:71:77:c2:08:dc:ab:ef:31:62:
c6:fa:99:98:77:76:00:5b:d2:6b:08:cf:99:46:5a:
68:7f:93:7b:5d:f4:fe:d6:23:6a:53:c4:86:19:68:
8d:8a:71:80:67:01:06:c1:40:4f:cc:7f:80:17:94:
52:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:E6:C2:71:43:72:8D:56:33:1B:25:8B:C8:A1:F7:D2:F5:98:F5:45
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef3e6945-57bf-41fe-9e98-2db6c2800547.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.208.0.0/15
Signature Algorithm: sha256WithRSAEncryption
75:44:83:2d:96:ad:9c:30:de:9e:ce:fd:af:d8:9a:84:f9:28:
55:f4:61:a8:36:de:05:b7:98:67:91:24:6e:7b:73:00:d4:a9:
c5:96:98:77:00:1b:41:79:47:e1:fd:8e:64:4c:f3:48:09:85:
96:85:b9:6f:0b:56:a0:83:4b:45:4f:1f:ea:bd:b0:7a:b1:60:
d7:8c:8f:ca:e4:b0:97:c9:7c:62:ca:cb:0e:e0:12:63:4f:e8:
f0:a4:9a:92:ec:c8:7e:2d:ae:de:7a:3d:ea:6b:95:7e:02:14:
53:2c:ca:d8:a0:4b:06:77:6c:f2:8e:99:f6:d0:39:d5:50:18:
b5:a5:e4:83:3e:94:30:4d:a7:6d:c3:50:90:2f:75:0a:bf:99:
29:e0:f3:1c:23:0c:5f:eb:86:e2:2a:77:aa:d2:36:7e:49:cc:
a0:d2:be:10:5d:9f:5a:c1:ac:91:bc:bc:58:f9:49:c2:24:b1:
14:ec:7e:1b:30:f7:c3:a0:22:1f:92:0c:ca:f9:03:1d:07:24:
2b:d8:74:2b:f3:a9:10:6b:26:96:0b:28:b8:fe:93:c0:62:26:
b4:ff:72:30:8e:e1:7d:84:86:10:4b:57:45:c3:c9:d2:21:10:
fc:33:c4:15:fa:03:70:67:7f:ce:3e:ef:71:b4:b2:b1:31:17:
7d:5b:93:31
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUag2doyD8MBFlziNHA4CD+AJFwEEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDRkZTk0MzAwMDBkYjkyNGIyZjMyNjNiZmE0NzBkMmVkNDJkOGU2YTRmMTFj
ODkyYTg0ZmU4ODkyMjQ2YmQxZDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKOt+8Jh30SAhA3RMAAWCjhbJnjpJAcQI4GvWxlugVIbM8Zu0XucAQIvpe/y
AXx+zgb/hJKxqMwWlBhASgH7tIJ438NkJbyWmpq8zLSU383Gs7J3mulvR9+Xc4/v
LNLCQIBkEm2dQGmFfmifqre3b4XkhaXvd8nDbaDqd3Z8hW1TK01GcDhbfziHNO5h
DifnM162RVmE0q0X/iC3l3X+igfaYNUsNMsn6jp3lNcm4nsbxlC3LJ/YEqzw0Hv2
SeqTY31IsYKlSYN/cXfCCNyr7zFixvqZmHd2AFvSawjPmUZaaH+Te130/tYjalPE
hhlojYpxgGcBBsFAT8x/gBeUUr0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQH5sJx
Q3KNVjMbJYvIoffS9Zj1RTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWYzZTY5NDUtNTdiZi00MWZlLTllOTgtMmRiNmMyODAwNTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPQMA0G
CSqGSIb3DQEBCwUAA4IBAQB1RIMtlq2cMN6ezv2v2JqE+ShV9GGoNt4Ft5hnkSRu
e3MA1KnFlph3ABtBeUfh/Y5kTPNICYWWhblvC1agg0tFTx/qvbB6sWDXjI/K5LCX
yXxiyssO4BJjT+jwpJqS7Mh+La7eej3qa5V+AhRTLMrYoEsGd2zyjpn20DnVUBi1
peSDPpQwTadtw1CQL3UKv5kp4PMcIwxf64biKneq0jZ+Scyg0r4QXZ9awayRvLxY
+UnCJLEU7H4bMPfDoCIfkgzK+QMdByQr2HQr86kQayaWCyi4/pPAYia0/3IwjuF9
hIYQS1dFw8nSIRD8M8QV+gNwZ3/OPu9xtLKxMRd9W5Mx
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:28 2023 by rpki-client on console-ams.rpki-client.org