Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa
File: 3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa (raw, json)
Hash identifier: mfRhQhc0wou5fxUgDo6ASY3kU+otZIhHzNfcG4dNT7w=
Subject key identifier: 1A:A7:16:EB:11:1E:D1:7D:FF:D7:5F:C6:DB:0B:91:A8:E0:20:95:72
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3D75BA2F253C27F58F4FC7B7CEC69FC90A7E6345
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 57.104.0.0/13 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Sep 2023 23:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:75:ba:2f:25:3c:27:f5:8f:4f:c7:b7:ce:c6:9f:c9:0a:7e:63:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=bb6b38b5e5fb4cc20e022c01cfef4ca7f9f689516a5ada11f96eab9bd440b3e5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f5:12:ba:fa:31:e8:4f:9d:11:f8:05:9b:f6:
1c:41:58:53:6c:e0:3b:d0:76:8a:ff:e4:66:16:97:
5a:4b:67:49:23:aa:44:df:f8:75:ec:a5:76:2c:dc:
b7:7e:3c:dc:d9:71:1f:2b:19:ec:be:c9:17:2c:4c:
72:76:83:07:a1:ed:ef:61:c6:f8:51:5d:6e:40:8b:
9e:1f:12:ca:1f:b2:43:64:8d:28:07:07:aa:f2:fb:
ba:d1:ed:f2:a2:59:66:f0:65:cc:2d:ef:91:ca:8f:
48:c0:af:35:5e:a7:b6:47:7b:7b:83:21:bb:e7:72:
14:ff:ef:6a:c0:c9:5d:f8:0a:09:08:89:aa:cb:8d:
91:31:44:07:11:25:22:3f:5c:ec:03:05:eb:bd:9b:
56:0c:43:a8:d6:ef:86:46:9f:54:73:68:49:14:19:
5a:87:26:0c:a9:f5:c7:a7:e8:94:48:33:be:7e:90:
10:4c:0f:66:57:e8:22:24:b9:48:55:4b:21:4f:7a:
3c:8a:9d:75:98:9e:e7:79:73:98:0d:3c:a5:6f:40:
4d:dd:31:00:a6:ee:ac:1c:a1:b4:01:e4:23:41:8c:
38:5a:09:3e:60:75:72:6e:33:03:62:78:ad:48:46:
5e:c0:ad:da:ce:44:37:d6:38:81:69:18:89:e9:59:
bc:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:A7:16:EB:11:1E:D1:7D:FF:D7:5F:C6:DB:0B:91:A8:E0:20:95:72
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.104.0.0/13
Signature Algorithm: sha256WithRSAEncryption
53:ca:5d:be:6b:03:5a:23:ac:a7:5c:ad:89:fb:3a:41:ed:03:
c9:96:64:ec:29:86:d0:ee:ee:36:d3:67:a4:25:05:73:7d:13:
71:aa:c9:d9:aa:1b:a6:6b:24:65:34:17:f6:d3:6a:8b:e2:1a:
a1:50:c2:08:78:71:99:07:4f:49:10:17:00:e4:98:ca:31:3f:
54:46:ff:7c:6e:0f:1e:85:58:0b:f4:02:13:a8:53:b8:81:e6:
14:c7:87:db:0c:fd:34:f2:94:e4:e2:55:f8:8f:19:9d:38:2e:
71:dd:6c:d6:94:7d:aa:00:d9:69:c3:7b:88:a0:ca:12:ad:c2:
5e:46:4d:1c:fa:35:9a:05:7e:34:d8:10:0a:3e:e4:e8:83:dc:
cf:cd:62:d4:74:c8:0c:24:89:bb:87:0c:00:b4:8e:ae:fa:53:
dd:dc:61:1d:48:5f:80:cb:54:2a:65:87:d2:13:2e:ed:cf:dd:
2d:2b:aa:78:d1:cf:58:56:47:39:bd:03:31:83:3d:64:f0:fa:
35:20:c7:75:30:23:aa:e2:aa:ca:18:3a:31:79:72:0f:86:6d:
a0:bb:41:a3:5a:68:15:39:9f:a5:54:4f:fe:50:31:d9:57:4a:
16:32:50:62:87:84:df:78:50:5c:8e:d6:04:ee:69:67:3b:5c:
0e:b9:a1:f9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPXW6LyU8J/WPT8e3zsafyQp+Y0UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGJiNmIzOGI1ZTVmYjRjYzIwZTAyMmMwMWNmZWY0Y2E3ZjlmNjg5NTE2YTVh
ZGExMWY5NmVhYjliZDQ0MGIzZTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJD1Err6MehPnRH4BZv2HEFYU2zgO9B2iv/kZhaXWktnSSOqRN/4deyldizc
t3483NlxHysZ7L7JFyxMcnaDB6Ht72HG+FFdbkCLnh8Syh+yQ2SNKAcHqvL7utHt
8qJZZvBlzC3vkcqPSMCvNV6ntkd7e4Mhu+dyFP/vasDJXfgKCQiJqsuNkTFEBxEl
Ij9c7AMF672bVgxDqNbvhkafVHNoSRQZWocmDKn1x6folEgzvn6QEEwPZlfoIiS5
SFVLIU96PIqddZie53lzmA08pW9ATd0xAKburByhtAHkI0GMOFoJPmB1cm4zA2J4
rUhGXsCt2s5EN9Y4gWkYielZvPsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQapxbr
ER7Rff/XX8bbC5Go4CCVcjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
M2JiYTU4NGUtMmUwYi00NDkyLTk0YjAtZTcwMTc3YzhmMmNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzloMA0G
CSqGSIb3DQEBCwUAA4IBAQBTyl2+awNaI6ynXK2J+zpB7QPJlmTsKYbQ7u4202ek
JQVzfRNxqsnZqhumayRlNBf202qL4hqhUMIIeHGZB09JEBcA5JjKMT9URv98bg8e
hVgL9AITqFO4geYUx4fbDP008pTk4lX4jxmdOC5x3WzWlH2qANlpw3uIoMoSrcJe
Rk0c+jWaBX402BAKPuTog9zPzWLUdMgMJIm7hwwAtI6u+lPd3GEdSF+Ay1QqZYfS
Ey7tz90tK6p40c9YVkc5vQMxgz1k8Po1IMd1MCOq4qrKGDoxeXIPhm2gu0GjWmgV
OZ+lVE/+UDHZV0oWMlBih4TfeFBcjtYE7mlnO1wOuaH5
-----END CERTIFICATE-----
Generated at Fri Sep 8 00:38:22 2023 by rpki-client on console-ams.rpki-client.org