Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16337db0-8420-40f0-982b-9d50c20f4e08.roa
File: 16337db0-8420-40f0-982b-9d50c20f4e08.roa (raw, json)
Hash identifier: r0un93cds9qMvr0AERTQBS6d4XtHq2tbHnQXvrA+DrQ=
Subject key identifier: C2:17:71:6A:C8:8B:AD:E6:47:3B:5F:AA:83:3A:3A:20:2A:7D:C7:9E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1ED514BD2BA391804287EC25B87F35FC8A35B8A0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16337db0-8420-40f0-982b-9d50c20f4e08.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.254.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:d5:14:bd:2b:a3:91:80:42:87:ec:25:b8:7f:35:fc:8a:35:b8:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=dc41f65560a8321ae83b48ec432d18733e49e27e12b832bf4977d8933cb123c6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:66:4e:3f:3c:de:7c:2c:ec:d8:1f:3c:98:dd:
12:a5:ef:40:75:6d:c7:b4:8b:29:5f:44:21:81:50:
79:a6:b3:ba:c2:8b:e6:e9:cb:a4:19:0f:d9:b8:17:
92:db:b3:dc:fe:54:9a:24:ea:b0:2f:ee:80:ec:cd:
eb:c7:e5:35:de:0f:6e:96:1e:30:18:bc:89:c9:15:
88:f8:e5:4d:a1:b8:ae:7b:ad:63:2b:71:0f:68:6f:
f7:7d:8d:fe:98:84:5d:1e:24:67:69:95:e5:ec:48:
99:7a:f6:20:40:03:39:e3:ea:ca:12:c9:cc:36:97:
3a:8f:00:d3:8d:bd:e0:48:e8:ca:2d:10:70:0f:1b:
4b:5e:6a:ff:48:4b:a8:a4:b0:47:13:01:ed:35:55:
f3:c8:9b:e2:95:d3:ba:93:45:56:5e:b7:f5:68:ea:
d4:03:36:e6:50:94:4d:5c:ef:56:40:a5:0e:cd:9f:
5b:3a:b9:1e:5d:3a:96:00:24:fa:f5:0a:e0:eb:43:
9f:cc:a5:7c:62:57:01:6d:9e:51:ea:f0:a5:5e:ea:
87:a5:b1:3d:df:62:51:8d:0b:2e:38:d5:8a:81:a1:
b9:2b:88:29:26:84:56:1c:96:cf:35:2c:d3:a8:46:
6d:c5:3a:1d:9f:70:99:20:db:14:46:df:cd:b5:f4:
88:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:17:71:6A:C8:8B:AD:E6:47:3B:5F:AA:83:3A:3A:20:2A:7D:C7:9E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16337db0-8420-40f0-982b-9d50c20f4e08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.254.0/23
Signature Algorithm: sha256WithRSAEncryption
34:aa:65:fc:01:28:67:17:74:35:65:0f:48:6c:85:f0:bf:99:
fc:04:52:ac:2e:40:7f:ea:ea:01:01:b0:84:ee:09:05:97:7d:
8d:3f:f1:13:6e:2b:de:e0:98:c4:52:a0:a2:ef:aa:61:c4:db:
22:2b:b7:50:58:bd:35:b1:5c:e7:bd:66:ce:39:ca:d1:de:6e:
3a:e1:0b:9a:90:e5:cb:19:ad:77:e4:b4:5a:ab:bd:83:40:e0:
cf:85:29:e4:3d:4d:57:d5:cd:64:48:d0:a9:bb:32:1b:b4:b3:
6f:32:c5:a9:99:1b:a6:84:57:5f:d4:39:ae:78:0e:0f:bd:bd:
28:f0:d3:bb:f6:3c:89:4b:f6:b5:be:12:96:6e:23:68:5d:67:
1f:b7:1e:d2:d8:dc:65:bd:f8:bf:45:61:e6:58:cc:80:ca:59:
3b:21:03:30:ef:62:59:69:4c:90:55:cc:cb:d0:cc:2f:9f:ea:
ec:32:cd:94:3c:16:20:dc:e7:1e:9d:73:99:a8:61:30:1b:2c:
26:93:43:31:77:59:95:2c:59:13:d3:42:a2:12:48:44:de:d1:
8b:4f:92:8f:b4:33:00:3c:9d:c3:3f:30:fd:09:5c:5d:a0:8e:
ee:a2:f8:e1:e3:98:2d:c6:09:32:d9:01:5a:44:65:94:0d:22:
71:5a:22:f9
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUHtUUvSujkYBCh+wluH81/Io1uKAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjNDFmNjU1NjBhODMyMWFlODNiNDhlYzQzMmQxODczM2U0OWUyN2UxMmI4
MzJiZjQ5NzdkODkzM2NiMTIzYzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKFmTj883nws7NgfPJjdEqXvQHVtx7SLKV9EIYFQeaazusKL5unLpBkP2bgX
ktuz3P5UmiTqsC/ugOzN68flNd4PbpYeMBi8ickViPjlTaG4rnutYytxD2hv932N
/piEXR4kZ2mV5exImXr2IEADOePqyhLJzDaXOo8A04294Ejoyi0QcA8bS15q/0hL
qKSwRxMB7TVV88ib4pXTupNFVl639Wjq1AM25lCUTVzvVkClDs2fWzq5Hl06lgAk
+vUK4OtDn8ylfGJXAW2eUerwpV7qh6WxPd9iUY0LLjjVioGhuSuIKSaEVhyWzzUs
06hGbcU6HZ9wmSDbFEbfzbX0iC0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTCF3Fq
yIut5kc7X6qDOjogKn3HnjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTYzMzdkYjAtODQyMC00MGYwLTk4MmItOWQ1MGMyMGY0ZTA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5/jAN
BgkqhkiG9w0BAQsFAAOCAQEANKpl/AEoZxd0NWUPSGyF8L+Z/ARSrC5Af+rqAQGw
hO4JBZd9jT/xE24r3uCYxFKgou+qYcTbIiu3UFi9NbFc571mzjnK0d5uOuELmpDl
yxmtd+S0Wqu9g0Dgz4Up5D1NV9XNZEjQqbsyG7SzbzLFqZkbpoRXX9Q5rngOD729
KPDTu/Y8iUv2tb4Slm4jaF1nH7ce0tjcZb34v0Vh5ljMgMpZOyEDMO9iWWlMkFXM
y9DML5/q7DLNlDwWINznHp1zmahhMBssJpNDMXdZlSxZE9NCohJIRN7Ri0+Sj7Qz
ADydwz8w/QlcXaCO7qL44eOYLcYJMtkBWkRllA0icVoi+Q==
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:47:31 2023 by rpki-client on console-fra.rpki-client.org