
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0f648163-e886-4951-999f-6a050d9c305f.roa
File: 0f648163-e886-4951-999f-6a050d9c305f.roa (raw, json)
Hash identifier: 65iAATB8Qklj7K0Ujo2AnHQx421Dk94ziAcYr8aLfGI=
Subject key identifier: 2B:CA:92:E5:A3:78:D5:49:77:B3:BD:5D:C4:3A:9C:A9:BC:1C:7D:DF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6250A882CCF9E32D5E137A494EC389589FB65E11
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0f648163-e886-4951-999f-6a050d9c305f.roa
Signing time: Wed 15 Mar 2023 00:00:00 +0000
ROA not before: Wed 15 Mar 2023 00:00:00 +0000
ROA not after: Wed 19 Apr 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 Mar 2023 07:18:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:50:a8:82:cc:f9:e3:2d:5e:13:7a:49:4e:c3:89:58:9f:b6:5e:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 15 00:00:00 2023 GMT
Not After : Apr 19 23:59:59 2023 GMT
Subject: serialNumber=07f5a3bef361ad3ec3b66eabf5f56c7440f9bde216687a9877ecc31e25456338, CN=c336411a-6651-4f13-8ef9-de681c7c9444, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:f5:67:f5:3a:d9:a8:42:42:01:6f:84:cd:eb:
ee:50:34:f3:b5:85:32:be:60:af:93:c9:f9:88:55:
1c:0f:3a:7d:4f:b4:28:26:ff:9a:93:52:b0:0e:bb:
39:a9:4a:76:e7:f7:1e:77:7f:33:8d:1d:84:c7:fc:
93:98:6c:9f:9e:d9:cb:03:96:20:2a:66:0e:fd:22:
e2:71:06:e2:66:4d:d4:49:50:1a:bc:1b:17:b3:66:
b4:8a:2f:11:d6:91:37:98:2b:fc:dc:46:50:13:0f:
10:d7:c5:62:f1:ac:aa:82:f4:b7:9e:5f:e7:e1:16:
24:94:fb:c7:9b:87:cc:76:e2:f8:fa:2f:16:65:7f:
00:62:a3:6a:ff:44:d3:c0:20:6d:bd:d0:36:5b:4e:
85:56:9d:f5:20:3f:50:56:e4:63:38:b3:cf:b7:7a:
05:1d:d9:68:c0:cc:ab:d1:80:9d:44:af:2c:fc:d7:
ef:10:72:56:0b:ba:40:61:ae:9a:57:dd:60:af:be:
f3:4a:07:cf:11:78:3d:3c:7a:02:a1:05:26:8e:c4:
84:dd:d0:30:e4:d6:83:78:42:a6:15:b5:7d:c4:d1:
3d:7c:ca:91:0a:da:77:5c:fd:22:d1:7e:99:d6:7c:
b2:1e:d4:7b:8b:8b:fd:78:82:7d:78:e1:6a:78:39:
17:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:CA:92:E5:A3:78:D5:49:77:B3:BD:5D:C4:3A:9C:A9:BC:1C:7D:DF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0f648163-e886-4951-999f-6a050d9c305f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6a:3a:67:56:b8:6d:c0:01:27:6d:37:16:ef:3b:b0:94:f2:a9:
85:50:dd:1c:8e:f8:90:56:a9:31:20:55:af:d9:a1:47:30:6a:
39:a3:4f:fc:b2:aa:fc:1d:d4:bd:2c:41:86:86:6f:8d:1b:e7:
8a:ce:40:5a:61:e4:9b:4c:3e:eb:af:7c:03:fd:c4:fd:3b:c5:
87:69:0a:7f:ea:dc:fc:80:65:b8:5c:b3:80:3d:a6:9f:5d:67:
72:e5:44:2d:c5:61:07:c7:24:b7:5c:18:2e:5a:73:68:22:bc:
0a:54:de:72:79:35:1f:47:97:0d:96:65:4e:27:06:31:1e:d7:
b2:d5:44:e0:c9:9a:fb:55:49:8d:aa:9a:2a:91:b0:e2:d0:a1:
be:cd:a2:9d:32:fd:06:21:4b:52:ed:15:a6:fa:1b:d8:8f:64:
ff:f8:31:54:58:68:42:ac:bf:6e:d3:c8:ea:fd:9d:9f:82:ef:
e5:8a:33:25:6a:72:45:e5:f3:82:b6:34:56:23:fc:e2:9c:13:
3c:28:be:26:b2:60:bb:89:20:58:23:cf:64:50:16:21:0a:f3:
18:d7:0f:12:de:89:de:5f:94:09:01:71:35:ed:c7:2a:94:30:
ce:cd:d5:de:67:db:cd:66:17:ab:8b:22:24:bb:58:3b:44:f6:
0f:99:32:13
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIUYlCogsz54y1eE3pJTsOJWJ+2XhEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzAzMTUwMDAwMDBaFw0yMzA0MTkyMzU5NTlaMIGlMUkwRwYD
VQQFE0AwN2Y1YTNiZWYzNjFhZDNlYzNiNjZlYWJmNWY1NmM3NDQwZjliZGUyMTY2
ODdhOTg3N2VjYzMxZTI1NDU2MzM4MS0wKwYDVQQDEyRjMzM2NDExYS02NjUxLTRm
MTMtOGVmOS1kZTY4MWM3Yzk0NDQxFDASBgNVBAsTC0FtYXpvbiBSUEtJMRMwEQYD
VQQKEwpBbWF6b24uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
x/Vn9TrZqEJCAW+EzevuUDTztYUyvmCvk8n5iFUcDzp9T7QoJv+ak1KwDrs5qUp2
5/ced38zjR2Ex/yTmGyfntnLA5YgKmYO/SLicQbiZk3USVAavBsXs2a0ii8R1pE3
mCv83EZQEw8Q18Vi8ayqgvS3nl/n4RYklPvHm4fMduL4+i8WZX8AYqNq/0TTwCBt
vdA2W06FVp31ID9QVuRjOLPPt3oFHdlowMyr0YCdRK8s/NfvEHJWC7pAYa6aV91g
r77zSgfPEXg9PHoCoQUmjsSE3dAw5NaDeEKmFbV9xNE9fMqRCtp3XP0i0X6Z1nyy
HtR7i4v9eIJ9eOFqeDkXwwIDAQABo4ICIDCCAhwwHQYDVR0OBBYEFCvKkuWjeNVJ
d7O9XcQ6nKm8HH3fMB8GA1UdIwQYMBaAFEU/R0Y1TirRXOfr2Nwh+WwOXIfPMA4G
A1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvUlQ5SFJqVk9LdEZj
NS12WTNDSDViQTVjaDg4LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsGAQUF
BzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5jb20v
dm9sdW1lLzk2N2EyNTVjLWQ2ODAtNDJkMy05ZWMzLWVjYjNmOWRhMDg4Yy8wZjY0
ODE2My1lODg2LTQ5NTEtOTk5Zi02YTA1MGQ5YzMwNWYucm9hMIGIBgNVHR8EgYAw
fjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
X2xBaTVUSERzUWRQWUE5bm1FVDZvbEh1VmM4LmNybDAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAMwAwDQYJKoZI
hvcNAQELBQADggEBAGo6Z1a4bcABJ203Fu87sJTyqYVQ3RyO+JBWqTEgVa/ZoUcw
ajmjT/yyqvwd1L0sQYaGb40b54rOQFph5JtMPuuvfAP9xP07xYdpCn/q3PyAZbhc
s4A9pp9dZ3LlRC3FYQfHJLdcGC5ac2givApU3nJ5NR9Hlw2WZU4nBjEe17LVRODJ
mvtVSY2qmiqRsOLQob7Nop0y/QYhS1LtFab6G9iPZP/4MVRYaEKsv27TyOr9nZ+C
7+WKMyVqckXl84K2NFYj/OKcEzwoviayYLuJIFgjz2RQFiEK8xjXDxLeid5flAkB
cTXtxyqUMM7N1d5n281mF6uLIiS7WDtE9g+ZMhM=
-----END CERTIFICATE-----
Generated at Wed Mar 15 11:52:42 2023 by rpki-client on console-fra.rpki-client.org