Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2150330d-575d-4841-9216-26672be29637.roa
File: 2150330d-575d-4841-9216-26672be29637.roa (raw, json)
Hash identifier: GlxuPj3gZPZ8MdghTqFoGEE5/UvncYRBru/5cU2TcgM=
Subject key identifier: 1B:F2:5D:28:3F:9B:58:6C:B7:C9:F7:D9:64:A8:55:FD:90:0E:F7:86
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0841591385FF7BDC2599EFEE6A60E44F5CA96A89
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2150330d-575d-4841-9216-26672be29637.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:41:59:13:85:ff:7b:dc:25:99:ef:ee:6a:60:e4:4f:5c:a9:6a:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=dd371f1a7d02746773a83416034f4e4d408c92f4f60fe6eafdaef9b004f59e35, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c7:4b:3c:01:e9:95:de:45:24:de:54:8e:fe:
77:b5:14:a2:83:b7:fb:fc:c3:84:8e:28:43:ed:7e:
84:19:e7:e4:1a:0d:3d:4e:9d:cd:20:01:8a:cf:eb:
b3:c9:04:a9:7d:e6:a4:07:64:f6:f5:3b:bf:ed:12:
a9:74:af:af:99:f4:ff:cf:39:a1:61:78:c3:ad:27:
db:24:73:fa:a4:0c:b9:41:d1:48:6c:b3:22:e2:ec:
dd:17:1c:a3:d6:f7:62:48:8b:3d:9e:df:2a:bd:f5:
73:80:cd:7e:21:72:a0:60:b4:af:a4:67:10:c8:a5:
90:05:26:a4:b2:bb:a4:7d:bf:0a:f9:46:5a:e7:db:
82:46:5e:cd:30:cb:b1:c9:8e:91:42:2b:36:e2:5f:
72:a7:ae:29:ed:d9:a9:b7:95:ec:0e:8c:84:d0:17:
19:74:00:63:48:a7:8a:77:03:f0:f7:f8:ef:a9:75:
76:05:bb:76:4f:2e:e9:93:b6:27:7c:0f:b0:0a:1a:
aa:43:a2:1a:2a:32:91:22:f4:7d:a0:d6:f3:4f:e5:
b2:1a:09:8f:0c:37:0d:7e:e9:6b:75:2c:b5:ce:dd:
b8:31:c6:5f:25:7b:8c:1b:89:ed:16:6d:5c:43:75:
99:f5:b6:88:1c:a9:9a:f4:fc:6b:e3:2e:2e:99:74:
e7:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:F2:5D:28:3F:9B:58:6C:B7:C9:F7:D9:64:A8:55:FD:90:0E:F7:86
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2150330d-575d-4841-9216-26672be29637.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.64.0/18
Signature Algorithm: sha256WithRSAEncryption
bd:c1:90:e4:86:7e:be:b6:3a:b2:09:72:1d:1e:30:ba:20:76:
66:db:7d:f0:7b:69:76:ac:ec:24:17:a0:c1:fb:ad:d8:02:08:
7f:cf:10:10:8e:e5:2e:dc:57:c8:f8:b6:b9:1e:c9:d8:eb:09:
60:72:e9:45:eb:2d:81:2f:4b:e0:1a:dc:c9:b8:fa:86:96:6c:
7f:8f:6b:56:83:1f:5c:be:42:50:b8:f7:eb:67:f0:9f:92:68:
43:ed:18:8e:8a:3e:e3:c0:f5:33:a0:8b:0b:d2:88:2f:20:a7:
08:47:64:e5:0b:18:da:0c:7c:95:16:6e:03:62:15:3f:64:47:
95:da:76:6c:10:23:f2:de:63:b9:44:8a:86:63:8f:b8:60:5a:
4f:97:26:c2:c3:75:c5:32:c4:56:ea:a7:e4:3d:dc:e3:66:f6:
24:75:33:4f:0d:7b:69:05:f2:f2:96:d0:a8:98:f9:9e:32:a8:
f5:64:ee:7a:95:82:b8:e5:f6:b2:e7:bd:89:4e:cf:02:c5:65:
11:41:95:7a:50:56:c9:69:61:6c:c3:9e:29:96:22:13:f2:9f:
ef:b5:fa:3b:d6:c6:28:dd:25:e1:57:62:d1:18:8d:18:6d:66:
08:c9:0d:0c:1c:a4:ed:2d:f6:65:6d:70:f9:78:f3:aa:71:7d:
61:ca:ca:df
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUCEFZE4X/e9wlme/uamDkT1ypaokwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkMzcxZjFhN2QwMjc0Njc3M2E4MzQxNjAzNGY0ZTRkNDA4YzkyZjRmNjBm
ZTZlYWZkYWVmOWIwMDRmNTllMzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALDHSzwB6ZXeRSTeVI7+d7UUooO3+/zDhI4oQ+1+hBnn5BoNPU6dzSABis/r
s8kEqX3mpAdk9vU7v+0SqXSvr5n0/885oWF4w60n2yRz+qQMuUHRSGyzIuLs3Rcc
o9b3YkiLPZ7fKr31c4DNfiFyoGC0r6RnEMilkAUmpLK7pH2/CvlGWufbgkZezTDL
scmOkUIrNuJfcqeuKe3ZqbeV7A6MhNAXGXQAY0inincD8Pf476l1dgW7dk8u6ZO2
J3wPsAoaqkOiGioykSL0faDW80/lshoJjww3DX7pa3Ustc7duDHGXyV7jBuJ7RZt
XEN1mfW2iBypmvT8a+MuLpl05wMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQb8l0o
P5tYbLfJ99lkqFX9kA73hjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjE1MDMzMGQtNTc1ZC00ODQxLTkyMTYtMjY2NzJiZTI5NjM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBlN3QDAN
BgkqhkiG9w0BAQsFAAOCAQEAvcGQ5IZ+vrY6sglyHR4wuiB2Ztt98HtpdqzsJBeg
wfut2AIIf88QEI7lLtxXyPi2uR7J2OsJYHLpRestgS9L4Brcybj6hpZsf49rVoMf
XL5CULj362fwn5JoQ+0Yjoo+48D1M6CLC9KILyCnCEdk5QsY2gx8lRZuA2IVP2RH
ldp2bBAj8t5juUSKhmOPuGBaT5cmwsN1xTLEVuqn5D3c42b2JHUzTw17aQXy8pbQ
qJj5njKo9WTuepWCuOX2sue9iU7PAsVlEUGVelBWyWlhbMOeKZYiE/Kf77X6O9bG
KN0l4Vdi0RiNGG1mCMkNDByk7S32ZW1w+XjzqnF9YcrK3w==
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:27 2023 by rpki-client on console-ams.rpki-client.org