Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f9c2130f-6f88-42ac-853e-f39d188adb6d.roa
File: f9c2130f-6f88-42ac-853e-f39d188adb6d.roa (raw, json)
Hash identifier: L73QpX/yfnZNeuDBB+Wd5hVYr6n6U0g2j7LaNe4boZ0=
Subject key identifier: DB:5D:66:84:ED:66:DB:03:EA:70:FA:F1:93:DD:36:73:DF:10:E2:D4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 73AD2E968E85D57CEDD99498750F06A2A7887547
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f9c2130f-6f88-42ac-853e-f39d188adb6d.roa
Signing time: Wed 06 Sep 2023 00:00:00 +0000
ROA not before: Wed 06 Sep 2023 00:00:00 +0000
ROA not after: Wed 11 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.232.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Sep 2023 17:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:ad:2e:96:8e:85:d5:7c:ed:d9:94:98:75:0f:06:a2:a7:88:75:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 6 00:00:00 2023 GMT
Not After : Oct 11 23:59:59 2023 GMT
Subject: serialNumber=aae73f392feb735d452f74882b7fbba7c9442b028bfd63cea77f82848b1c94d0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:2a:2f:0b:52:17:bb:5d:8e:f4:69:c3:33:bc:
10:10:5f:82:32:d4:f5:f2:1f:67:1f:5c:12:58:e3:
f7:c4:a8:15:6b:65:c0:b7:ca:18:05:d2:26:ec:c2:
3c:80:91:cd:78:e3:06:db:86:06:6b:cc:02:b0:84:
97:44:8a:f1:23:88:8d:bf:66:30:e1:06:39:2e:0e:
0d:73:12:cf:67:04:16:1f:35:12:b8:6a:54:ae:e4:
f1:3c:59:58:ee:f5:ff:0f:fc:a4:3b:b6:e7:0a:1c:
34:c2:18:b8:a7:9b:7a:91:69:08:bb:15:4a:c9:c5:
21:b1:49:ed:f2:92:a4:9c:00:e1:4d:af:fe:46:22:
34:f0:f5:eb:fe:b2:0d:28:bb:a8:15:3d:e3:a8:cb:
a7:f4:cd:81:4b:b4:3f:46:59:e3:9a:6e:50:dd:15:
db:57:9f:cc:cc:c7:56:33:8a:b1:d1:0b:88:13:fe:
0f:9a:f1:56:90:37:16:d8:56:d4:12:41:c0:93:29:
38:50:e8:78:12:d5:01:7f:d0:07:1c:19:79:59:a4:
3c:5e:8d:22:60:f8:a3:e7:83:62:d7:52:b6:6b:1a:
68:07:78:45:a9:03:dc:a5:72:92:a6:f0:c9:9c:24:
38:02:81:0b:05:4f:51:58:38:51:7a:5f:1f:f7:ac:
f9:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:5D:66:84:ED:66:DB:03:EA:70:FA:F1:93:DD:36:73:DF:10:E2:D4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f9c2130f-6f88-42ac-853e-f39d188adb6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.232.0.0/15
Signature Algorithm: sha256WithRSAEncryption
11:3b:84:9d:61:da:11:20:ea:67:98:2c:15:95:e9:0e:b7:f0:
20:82:5a:18:d6:f4:2b:35:2c:59:51:d3:73:57:6c:87:dd:ed:
b6:78:90:6d:c4:ac:47:e0:11:f5:d3:64:34:c3:8f:1f:f7:2d:
c6:62:d2:96:94:8c:ec:e1:a4:58:df:12:fd:2d:f1:3a:28:7a:
cc:34:ed:5b:cd:9a:cd:84:2c:82:db:3d:53:31:1e:9a:0b:36:
01:d8:42:07:61:e6:65:3f:f3:3d:0c:35:f7:28:03:78:74:f5:
f3:cf:44:03:cf:06:43:86:38:cf:aa:ec:78:94:d2:e3:fe:20:
1b:5f:90:b1:50:b8:94:4d:47:ad:ce:0d:bb:4b:47:8c:f1:53:
24:c0:f0:e2:78:78:7f:05:d4:7c:2c:c1:70:b3:a1:8d:62:02:
28:ce:2e:12:05:43:0a:f8:e2:56:7c:0a:ef:54:9c:a6:4a:bb:
68:1e:30:9d:85:cc:14:04:c3:84:d0:e1:4c:ca:d6:ae:be:cd:
98:16:e2:bb:19:4f:ae:9a:9c:72:2d:a4:40:bc:03:62:aa:ac:
dc:27:5d:fb:bc:4b:40:f5:33:ed:8b:e7:8e:fc:5b:69:42:77:
60:63:0d:35:66:af:1f:3c:21:8e:18:93:09:d8:8a:46:7d:a1:
01:5c:05:a7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUc60ulo6F1Xzt2ZSYdQ8GoqeIdUcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDYwMDAwMDBaFw0yMzEwMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGFhZTczZjM5MmZlYjczNWQ0NTJmNzQ4ODJiN2ZiYmE3Yzk0NDJiMDI4YmZk
NjNjZWE3N2Y4Mjg0OGIxYzk0ZDAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKAqLwtSF7tdjvRpwzO8EBBfgjLU9fIfZx9cEljj98SoFWtlwLfKGAXSJuzC
PICRzXjjBtuGBmvMArCEl0SK8SOIjb9mMOEGOS4ODXMSz2cEFh81ErhqVK7k8TxZ
WO71/w/8pDu25wocNMIYuKebepFpCLsVSsnFIbFJ7fKSpJwA4U2v/kYiNPD16/6y
DSi7qBU946jLp/TNgUu0P0ZZ45puUN0V21efzMzHVjOKsdELiBP+D5rxVpA3FthW
1BJBwJMpOFDoeBLVAX/QBxwZeVmkPF6NImD4o+eDYtdStmsaaAd4RakD3KVykqbw
yZwkOAKBCwVPUVg4UXpfH/es+acCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTbXWaE
7WbbA+pw+vGT3TZz3xDi1DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjljMjEzMGYtNmY4OC00MmFjLTg1M2UtZjM5ZDE4OGFkYjZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPoMA0G
CSqGSIb3DQEBCwUAA4IBAQARO4SdYdoRIOpnmCwVlekOt/AggloY1vQrNSxZUdNz
V2yH3e22eJBtxKxH4BH102Q0w48f9y3GYtKWlIzs4aRY3xL9LfE6KHrMNO1bzZrN
hCyC2z1TMR6aCzYB2EIHYeZlP/M9DDX3KAN4dPXzz0QDzwZDhjjPqux4lNLj/iAb
X5CxULiUTUetzg27S0eM8VMkwPDieHh/BdR8LMFws6GNYgIozi4SBUMK+OJWfArv
VJymSrtoHjCdhcwUBMOE0OFMytauvs2YFuK7GU+umpxyLaRAvANiqqzcJ137vEtA
9TPti+eO/FtpQndgYw01Zq8fPCGOGJMJ2IpGfaEBXAWn
-----END CERTIFICATE-----
Generated at Wed Sep 6 00:32:41 2023 by rpki-client on console-ams.rpki-client.org