Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/383c1f6d-4e0e-4e33-a2ce-f49386dcc1f1.roa
File: 383c1f6d-4e0e-4e33-a2ce-f49386dcc1f1.roa (raw, json)
Hash identifier: gwZKwPDM71eBdUO9tHC2QP1ChpIQNsQDPGExus4T+YE=
Subject key identifier: B7:42:C9:66:77:0E:59:47:E0:BB:AD:A4:2C:36:61:67:E5:0B:62:1C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 29C557B350CBE3ACC736D099CCB26181675B60FD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/383c1f6d-4e0e-4e33-a2ce-f49386dcc1f1.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 200.224.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:c5:57:b3:50:cb:e3:ac:c7:36:d0:99:cc:b2:61:81:67:5b:60:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=7a841c365b035a4f9feb619fbcbc318bcc4e86b316efe06ff50e90c3649d7f39, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:df:88:ee:8b:4c:bb:19:65:ce:a8:d2:6b:89:
a4:ce:a3:66:61:44:c7:a9:8c:42:0e:8b:74:91:11:
d8:ae:40:3b:ec:12:36:0e:c7:14:c4:85:04:e6:90:
6a:e1:c1:b8:ff:e4:e1:8f:4f:d1:5a:f5:14:ec:69:
01:b8:2f:e0:e8:5e:06:43:b9:11:21:fd:31:2e:ca:
83:00:40:f0:0a:0f:01:31:b0:9c:06:08:27:4b:bb:
a8:84:1c:a7:c1:1c:41:00:b8:6b:53:6f:37:14:5e:
71:cc:50:e3:2c:75:09:19:a4:cf:21:df:9d:fd:8a:
88:d0:65:d8:f9:1a:b9:85:28:de:36:6f:46:b4:ae:
de:e8:45:71:ef:bc:7c:38:2f:5b:90:1a:3d:a3:28:
03:8d:c9:15:ec:e6:ee:6c:75:5d:2f:ee:55:42:b6:
b1:b9:55:b0:96:b1:85:d2:29:7f:4c:c0:1e:6e:26:
f1:eb:69:85:04:ec:a2:4d:25:80:56:d8:0a:e2:f8:
8e:75:6c:7d:ce:ae:67:e3:b5:dc:dc:fa:5b:e8:ab:
37:1b:92:89:95:61:a6:dc:02:35:51:27:34:e0:00:
1f:9f:ed:e3:15:a4:bf:d6:27:9b:9f:aa:df:cc:d1:
62:2a:f8:2b:c4:dc:08:02:a3:70:31:88:3f:be:50:
cc:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:42:C9:66:77:0E:59:47:E0:BB:AD:A4:2C:36:61:67:E5:0B:62:1C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/383c1f6d-4e0e-4e33-a2ce-f49386dcc1f1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.224.0.0/16
Signature Algorithm: sha256WithRSAEncryption
89:47:67:ee:29:27:78:4a:2f:38:f2:9a:00:1f:f5:26:eb:30:
9e:94:d3:ba:5a:65:23:0c:08:4b:c9:9f:a3:09:97:da:15:d8:
4d:2e:ea:05:0f:1b:4d:9c:b2:fd:c4:58:2d:76:96:c6:4f:55:
29:68:3f:ad:1e:6d:81:36:e1:20:79:5e:b7:fc:08:d7:f5:ff:
25:da:20:3a:33:f3:e7:09:69:12:e6:ef:a2:4d:e2:1d:df:a0:
b0:36:0a:4b:2e:82:67:f7:0e:7e:1b:a4:9f:f1:7b:01:ed:2b:
a5:be:42:4f:c3:55:44:40:ec:3c:cd:dc:fb:17:e7:a1:9f:42:
0c:b2:27:ff:89:53:59:59:25:68:56:56:f8:fb:fb:98:97:64:
d0:1d:db:fb:d8:d1:55:c9:7a:52:53:78:8f:87:55:ed:fc:49:
cd:73:bb:5b:9c:f4:0b:30:06:1f:71:8b:79:40:1e:a9:54:d5:
4a:9b:2e:5c:7d:83:fd:44:a2:e7:39:a1:61:e0:de:58:6c:bd:
40:16:b3:f7:b3:86:f4:97:74:12:93:06:33:c8:d7:3e:c2:c5:
0d:c3:45:9f:aa:af:cc:e9:cb:cc:ee:ab:33:2f:85:0f:dc:07:
cc:f2:71:04:25:ec:e4:77:cf:42:c6:b6:c0:0f:68:7f:a8:f0:
11:25:be:16
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKcVXs1DL46zHNtCZzLJhgWdbYP0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhODQxYzM2NWIwMzVhNGY5ZmViNjE5ZmJjYmMzMThiY2M0ZTg2YjMxNmVm
ZTA2ZmY1MGU5MGMzNjQ5ZDdmMzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKjfiO6LTLsZZc6o0muJpM6jZmFEx6mMQg6LdJER2K5AO+wSNg7HFMSFBOaQ
auHBuP/k4Y9P0Vr1FOxpAbgv4OheBkO5ESH9MS7KgwBA8AoPATGwnAYIJ0u7qIQc
p8EcQQC4a1NvNxReccxQ4yx1CRmkzyHfnf2KiNBl2PkauYUo3jZvRrSu3uhFce+8
fDgvW5AaPaMoA43JFezm7mx1XS/uVUK2sblVsJaxhdIpf0zAHm4m8etphQTsok0l
gFbYCuL4jnVsfc6uZ+O13Nz6W+irNxuSiZVhptwCNVEnNOAAH5/t4xWkv9Ynm5+q
38zRYir4K8TcCAKjcDGIP75QzO0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS3Qslm
dw5ZR+C7raQsNmFn5QtiHDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MzgzYzFmNmQtNGUwZS00ZTMzLWEyY2UtZjQ5Mzg2ZGNjMWYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjgMA0G
CSqGSIb3DQEBCwUAA4IBAQCJR2fuKSd4Si848poAH/Um6zCelNO6WmUjDAhLyZ+j
CZfaFdhNLuoFDxtNnLL9xFgtdpbGT1UpaD+tHm2BNuEgeV63/AjX9f8l2iA6M/Pn
CWkS5u+iTeId36CwNgpLLoJn9w5+G6Sf8XsB7SulvkJPw1VEQOw8zdz7F+ehn0IM
sif/iVNZWSVoVlb4+/uYl2TQHdv72NFVyXpSU3iPh1Xt/EnNc7tbnPQLMAYfcYt5
QB6pVNVKmy5cfYP9RKLnOaFh4N5YbL1AFrP3s4b0l3QSkwYzyNc+wsUNw0Wfqq/M
6cvM7qszL4UP3AfM8nEEJezkd89CxrbAD2h/qPARJb4W
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:47:31 2023 by rpki-client on console-fra.rpki-client.org