Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa
File: 2db57b82-f8e4-4b85-a46a-befecb4774c0.roa (raw, json)
Hash identifier: boOoqyHBY50Rqsr8zNO8tTILa3yUoSsb9R7AlExuxzw=
Subject key identifier: 8D:34:78:53:4B:60:54:C5:E9:8E:C8:1C:46:7F:68:82:D3:E4:D2:41
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 05045D075EED40C62D14676CF39BB219DDF49468
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa
Signing time: Thu 16 Mar 2023 00:00:00 +0000
ROA not before: Thu 16 Mar 2023 00:00:00 +0000
ROA not after: Thu 20 Apr 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.32.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 Mar 2023 21:42:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:04:5d:07:5e:ed:40:c6:2d:14:67:6c:f3:9b:b2:19:dd:f4:94:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 16 00:00:00 2023 GMT
Not After : Apr 20 23:59:59 2023 GMT
Subject: serialNumber=d3cbca4fe9894ada1fb5fcfd379e8e9525727cdf681ee097d7c747806cdaea88, CN=c336411a-6651-4f13-8ef9-de681c7c9444, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:22:d6:cb:b1:2c:78:5e:86:86:72:fc:c3:89:
41:23:a1:15:68:0a:31:ac:7d:7e:21:98:d2:2a:59:
6a:64:41:5a:af:46:5b:61:89:af:55:56:dd:cb:86:
c2:d9:c1:cd:59:2c:d9:ce:be:de:02:9b:0a:c0:43:
86:a1:75:a5:11:6e:5e:45:fb:9b:1e:9d:75:7b:6e:
b9:3f:3c:bf:71:0a:1d:95:03:64:fc:75:8a:1f:7c:
e5:66:92:a1:9b:70:87:96:44:79:a9:fe:2f:cb:42:
98:06:cf:c8:0f:e5:8e:c1:2d:2d:ef:0b:97:65:9c:
8a:9a:38:ba:88:89:20:c4:0e:80:89:6b:45:fe:36:
3c:cd:c1:7b:19:97:ef:8d:c9:3f:a8:94:cc:03:ea:
dc:7a:0e:5c:b3:d7:34:60:87:6c:b7:9c:5a:61:17:
f3:b3:0a:85:6c:71:90:66:18:5b:23:9c:06:9d:b7:
94:4d:5a:c3:4e:05:3c:7f:8d:b5:79:36:91:af:0f:
5d:95:e2:34:26:1d:f3:d1:ca:3c:31:6d:1f:40:25:
83:84:05:6b:19:d1:4d:fa:a5:b3:73:96:50:8b:f0:
5e:27:2f:cb:6f:41:8e:dd:a1:78:2e:0b:57:a3:0d:
05:b4:7f:7f:67:da:5d:d5:57:cf:a5:d7:03:e2:08:
c6:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:34:78:53:4B:60:54:C5:E9:8E:C8:1C:46:7F:68:82:D3:E4:D2:41
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.32.0.0/16
Signature Algorithm: sha256WithRSAEncryption
26:cd:bc:44:f2:47:f1:33:8c:a8:2e:8c:4b:e3:48:3f:8e:24:
12:bf:6b:0e:79:a2:8b:f2:be:63:ba:2d:50:4d:4f:73:d7:6d:
a3:1d:ac:52:af:ec:31:39:da:a0:e1:71:9b:45:c5:37:af:0d:
fa:fa:04:40:62:a9:bd:5f:95:9d:a3:f3:d8:01:67:5f:63:7b:
24:72:34:41:19:19:b0:85:bc:c3:5b:34:45:ce:bd:2f:3e:6b:
e8:6a:ac:bb:91:43:f3:1a:8c:2a:de:d4:81:df:c6:25:5f:2f:
ac:24:f4:05:a9:7b:6e:16:1f:6e:f5:50:88:75:7a:5c:09:d9:
c7:0b:b2:83:00:5a:44:3a:8b:db:5f:4f:4f:36:26:06:b0:78:
2d:af:11:9d:e0:8d:97:d3:4b:22:8f:42:37:86:a9:62:1f:e6:
2a:dd:ac:de:02:ab:31:b6:0d:92:ec:62:3d:cb:96:df:73:98:
e6:d9:56:f1:ca:b2:8b:8c:d1:63:24:22:00:fb:99:63:fc:bb:
69:b4:48:cf:2b:15:65:5b:46:a7:f6:8e:36:40:c5:d0:cf:70:
59:7e:a5:76:56:a2:73:00:4e:5f:e1:f1:a7:02:35:93:0e:6a:
b6:dd:99:4f:e1:0d:7e:03:cf:11:ce:23:7a:c5:a9:82:98:00:
a9:62:b5:7a
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIUBQRdB17tQMYtFGds85uyGd30lGgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzAzMTYwMDAwMDBaFw0yMzA0MjAyMzU5NTlaMIGlMUkwRwYD
VQQFE0BkM2NiY2E0ZmU5ODk0YWRhMWZiNWZjZmQzNzllOGU5NTI1NzI3Y2RmNjgx
ZWUwOTdkN2M3NDc4MDZjZGFlYTg4MS0wKwYDVQQDEyRjMzM2NDExYS02NjUxLTRm
MTMtOGVmOS1kZTY4MWM3Yzk0NDQxFDASBgNVBAsTC0FtYXpvbiBSUEtJMRMwEQYD
VQQKEwpBbWF6b24uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
vyLWy7EseF6GhnL8w4lBI6EVaAoxrH1+IZjSKllqZEFar0ZbYYmvVVbdy4bC2cHN
WSzZzr7eApsKwEOGoXWlEW5eRfubHp11e265Pzy/cQodlQNk/HWKH3zlZpKhm3CH
lkR5qf4vy0KYBs/ID+WOwS0t7wuXZZyKmji6iIkgxA6AiWtF/jY8zcF7GZfvjck/
qJTMA+rceg5cs9c0YIdst5xaYRfzswqFbHGQZhhbI5wGnbeUTVrDTgU8f421eTaR
rw9dleI0Jh3z0co8MW0fQCWDhAVrGdFN+qWzc5ZQi/BeJy/Lb0GO3aF4LgtXow0F
tH9/Z9pd1VfPpdcD4gjGZQIDAQABo4ICIDCCAhwwHQYDVR0OBBYEFI00eFNLYFTF
6Y7IHEZ/aILT5NJBMB8GA1UdIwQYMBaAFEU/R0Y1TirRXOfr2Nwh+WwOXIfPMA4G
A1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvUlQ5SFJqVk9LdEZj
NS12WTNDSDViQTVjaDg4LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsGAQUF
BzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5jb20v
dm9sdW1lLzk2N2EyNTVjLWQ2ODAtNDJkMy05ZWMzLWVjYjNmOWRhMDg4Yy8yZGI1
N2I4Mi1mOGU0LTRiODUtYTQ2YS1iZWZlY2I0Nzc0YzAucm9hMIGIBgNVHR8EgYAw
fjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
X2xBaTVUSERzUWRQWUE5bm1FVDZvbEh1VmM4LmNybDAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAMyAwDQYJKoZI
hvcNAQELBQADggEBACbNvETyR/EzjKgujEvjSD+OJBK/aw55oovyvmO6LVBNT3PX
baMdrFKv7DE52qDhcZtFxTevDfr6BEBiqb1flZ2j89gBZ19jeyRyNEEZGbCFvMNb
NEXOvS8+a+hqrLuRQ/MajCre1IHfxiVfL6wk9AWpe24WH271UIh1elwJ2ccLsoMA
WkQ6i9tfT082JgaweC2vEZ3gjZfTSyKPQjeGqWIf5irdrN4CqzG2DZLsYj3Llt9z
mObZVvHKsouM0WMkIgD7mWP8u2m0SM8rFWVbRqf2jjZAxdDPcFl+pXZWonMATl/h
8acCNZMOarbdmU/hDX4DzxHOI3rFqYKYAKlitXo=
-----END CERTIFICATE-----
Generated at Thu Mar 16 00:27:05 2023 by rpki-client on console-ams.rpki-client.org