Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa
File: f0b62efe-867d-4733-9b0c-8354a04195f8.roa (raw, json)
Hash identifier: GvXOircgXTt3pgrclCO0sA/i671U59Hqpri50rEWJjg=
Subject key identifier: 34:40:EF:B2:98:F9:03:80:57:33:58:7B:D7:76:88:31:F6:C9:9F:DA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3C5DB21496D71E5DC1F00044E016AD941715661E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.128.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:5d:b2:14:96:d7:1e:5d:c1:f0:00:44:e0:16:ad:94:17:15:66:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=c73b5d0ee4eab75962cfc1272f95b745f029ba3695b260b6fcc3c6a4a583083e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:7d:89:26:ba:96:07:ea:fa:eb:04:0b:23:dc:
6c:dd:1c:2c:ab:0d:03:84:44:cc:ef:31:b3:7b:a2:
e9:0e:d0:ec:92:73:81:72:cc:f2:26:2c:df:4a:08:
8e:fe:ab:e8:82:1a:dd:d4:db:23:0b:43:b3:70:08:
c3:c4:d3:d8:88:f9:23:83:3e:ee:08:43:58:58:26:
4b:7c:eb:4a:c1:08:c4:7d:a1:00:71:a2:69:25:bd:
e8:0d:1f:66:89:0a:96:89:70:36:35:73:a9:56:6d:
b6:05:9f:6e:d2:94:9f:2d:24:41:8b:85:5a:00:10:
1d:63:ff:81:bc:cd:4b:0a:4a:d4:de:6f:f1:0f:79:
e3:3e:91:8a:d9:c6:d5:7e:08:88:a8:54:98:ce:34:
b1:2c:db:52:a3:f5:ea:fb:15:2f:eb:75:f0:b3:5a:
e3:6e:c1:1b:57:7c:bb:62:7c:67:f4:6b:07:77:fb:
b2:98:69:a4:1d:d1:e8:0d:8d:93:34:9d:52:20:b1:
08:f3:00:76:4d:ea:22:91:e6:c0:8a:b7:8f:57:43:
61:c3:06:d1:fb:e6:6a:51:79:f2:96:33:48:95:8e:
cc:8f:49:23:5e:1e:11:ac:81:14:0a:2d:d6:d3:90:
94:af:78:49:43:1e:c1:cb:bc:6b:96:bb:77:78:4b:
8e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:40:EF:B2:98:F9:03:80:57:33:58:7B:D7:76:88:31:F6:C9:9F:DA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.128.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8a:4d:cd:37:ed:27:28:a0:d3:7d:42:e6:58:38:c1:81:bb:59:
74:b8:f6:c5:3f:71:70:f7:4b:42:46:49:7f:de:06:f5:84:be:
1c:98:95:6b:19:03:67:45:46:17:62:fd:82:11:ca:24:84:03:
2c:85:c4:b6:e9:c4:50:ea:03:5d:7f:ef:29:85:b9:71:4d:ce:
25:25:f7:4b:78:91:45:8f:b2:e5:91:35:35:fa:fe:6f:70:e3:
24:90:bb:3f:7a:7f:ca:57:d3:b1:e3:52:05:bd:cb:3c:99:53:
8f:34:29:d7:8e:47:a4:c9:58:70:b9:ff:97:ae:06:ec:c0:bd:
4f:7a:15:07:13:68:9f:af:b0:d8:94:f9:8a:62:0e:06:ee:63:
11:40:09:8d:7b:a0:e4:ea:d0:e2:52:e2:50:30:8c:3e:9d:92:
6f:1d:d1:31:a3:58:11:94:ca:72:80:46:e4:f3:91:63:09:2b:
55:46:d4:23:9b:9f:3c:30:b6:00:80:6c:1f:64:6f:7b:9f:62:
7a:b9:d5:9c:9b:19:1a:90:56:de:5f:b9:cd:b8:ba:66:84:3d:
49:b0:45:1b:68:e9:39:c7:e5:b9:5c:27:8f:8b:bb:d0:c7:dc:
83:8b:33:b5:b8:11:f7:26:60:82:57:30:1c:ae:a8:30:a1:e9:
73:ca:99:9a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPF2yFJbXHl3B8ABE4BatlBcVZh4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGM3M2I1ZDBlZTRlYWI3NTk2MmNmYzEyNzJmOTViNzQ1ZjAyOWJhMzY5NWIy
NjBiNmZjYzNjNmE0YTU4MzA4M2UxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANB9iSa6lgfq+usECyPcbN0cLKsNA4REzO8xs3ui6Q7Q7JJzgXLM8iYs30oI
jv6r6IIa3dTbIwtDs3AIw8TT2Ij5I4M+7ghDWFgmS3zrSsEIxH2hAHGiaSW96A0f
ZokKlolwNjVzqVZttgWfbtKUny0kQYuFWgAQHWP/gbzNSwpK1N5v8Q954z6RitnG
1X4IiKhUmM40sSzbUqP16vsVL+t18LNa427BG1d8u2J8Z/RrB3f7sphppB3R6A2N
kzSdUiCxCPMAdk3qIpHmwIq3j1dDYcMG0fvmalF58pYzSJWOzI9JI14eEayBFAot
1tOQlK94SUMewcu8a5a7d3hLjo0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ0QO+y
mPkDgFczWHvXdogx9smf2jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjBiNjJlZmUtODY3ZC00NzMzLTliMGMtODM1NGEwNDE5NWY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOAMA0G
CSqGSIb3DQEBCwUAA4IBAQCKTc037ScooNN9QuZYOMGBu1l0uPbFP3Fw90tCRkl/
3gb1hL4cmJVrGQNnRUYXYv2CEcokhAMshcS26cRQ6gNdf+8phblxTc4lJfdLeJFF
j7LlkTU1+v5vcOMkkLs/en/KV9Ox41IFvcs8mVOPNCnXjkekyVhwuf+XrgbswL1P
ehUHE2ifr7DYlPmKYg4G7mMRQAmNe6Dk6tDiUuJQMIw+nZJvHdExo1gRlMpygEbk
85FjCStVRtQjm588MLYAgGwfZG97n2J6udWcmxkakFbeX7nNuLpmhD1JsEUbaOk5
x+W5XCePi7vQx9yDizO1uBH3JmCCVzAcrqgwoelzypma
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:28 2023 by rpki-client on console-ams.rpki-client.org