Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/43c182d6-87cf-4ea0-9709-b661212b9631.roa
File: 43c182d6-87cf-4ea0-9709-b661212b9631.roa (raw, json)
Hash identifier: CYwAJ1uyrgceTShX03djyCXvfEdcZcwzqXASr5ziwEI=
Subject key identifier: 3E:5E:6B:62:EB:88:6E:1B:BB:DA:8C:4D:F7:92:60:B0:1D:C7:78:A9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 28A29C5CE33E8CB5C6915C2AC69A9DC40D657180
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/43c182d6-87cf-4ea0-9709-b661212b9631.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Sep 2023 23:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:a2:9c:5c:e3:3e:8c:b5:c6:91:5c:2a:c6:9a:9d:c4:0d:65:71:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=61922250c7c444445ae1718174b971ed1383b75904dac0610f72470aed0d4590, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e5:a0:a6:15:84:1d:a2:d5:d7:29:e2:8b:14:
42:3b:fa:9b:68:40:65:74:b5:7f:e7:d2:fc:50:fe:
cb:6a:53:0a:e1:c4:6b:60:b7:30:59:06:78:d7:ef:
8a:e4:1e:31:4c:8e:65:9b:cb:f8:53:c0:55:e5:fc:
da:60:3d:5a:ed:48:80:7b:9e:92:18:ae:84:ee:62:
5b:60:c6:ca:95:b2:c3:8a:b2:da:b8:ef:4d:d1:e8:
2b:88:aa:cf:0c:aa:e3:e1:4f:e3:24:ad:3e:9c:3d:
53:b9:15:b7:e0:ff:22:5f:48:99:7c:97:6e:99:e7:
b2:47:0c:e3:b6:19:db:8b:04:8a:90:e3:99:dd:7e:
99:d1:bb:61:06:af:80:4b:15:e3:67:96:f3:12:55:
a2:93:94:58:8f:ef:be:0b:3d:53:57:1f:ae:88:b9:
24:35:2f:27:e4:c2:9f:6e:6f:99:5a:03:30:95:ec:
06:41:c1:5a:39:0b:ab:1a:c6:ff:3b:09:5b:80:7b:
d4:18:8f:a9:01:3d:fc:c2:d5:a6:b4:8b:eb:d8:8f:
8e:07:3e:a5:aa:d5:11:0f:00:cb:b4:11:db:e7:c7:
ad:f6:d1:51:56:88:78:93:4f:ea:fa:4b:2e:5f:4a:
4e:80:d8:a4:86:8c:c3:dc:a3:7a:19:d6:9d:6d:d5:
0e:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:5E:6B:62:EB:88:6E:1B:BB:DA:8C:4D:F7:92:60:B0:1D:C7:78:A9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/43c182d6-87cf-4ea0-9709-b661212b9631.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.128.0/17
Signature Algorithm: sha256WithRSAEncryption
a6:45:c6:a3:91:79:b1:23:76:c4:2d:e0:3a:5c:80:99:14:dd:
6c:07:f1:6b:a3:a1:6f:26:dd:ec:3c:0c:d8:87:90:18:54:8f:
a4:d0:a4:5a:15:64:4c:e9:bc:8f:3a:3d:84:cf:e8:48:37:04:
31:4a:cd:e9:b9:45:c5:f9:86:06:15:f0:da:ca:a9:17:31:cb:
8f:3a:f8:9a:b7:9d:a7:20:aa:35:fd:4c:65:fc:b7:36:bb:1e:
8e:4e:f3:0e:ce:50:d4:8c:61:b5:81:15:71:47:2f:c7:fe:55:
77:9b:0c:a3:16:f3:5a:1d:0e:f8:5a:bc:ae:7c:43:32:dc:44:
30:f1:7b:35:6c:67:93:bd:76:e6:e5:10:b0:fc:2e:a6:3b:9a:
e1:d1:b1:ef:b0:44:47:92:f8:cb:9b:81:60:17:f4:89:81:04:
27:46:a9:62:f3:cb:29:7d:42:53:11:b9:fd:ce:80:9a:6a:18:
f4:2c:8a:d7:e2:b2:91:61:e6:dd:29:70:c7:04:0f:3f:0a:d0:
a2:a6:17:d9:58:ba:86:9b:a7:a5:28:b9:29:6e:b9:f9:ba:35:
91:ae:dc:a4:cc:fc:3f:97:78:cd:44:37:5f:c5:e9:e5:8b:b2:
c4:7c:32:9f:71:5a:58:cd:de:c1:9b:4c:4f:3b:1e:26:92:74:
24:1c:38:64
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUKKKcXOM+jLXGkVwqxpqdxA1lcYAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDYxOTIyMjUwYzdjNDQ0NDQ1YWUxNzE4MTc0Yjk3MWVkMTM4M2I3NTkwNGRh
YzA2MTBmNzI0NzBhZWQwZDQ1OTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJzloKYVhB2i1dcp4osUQjv6m2hAZXS1f+fS/FD+y2pTCuHEa2C3MFkGeNfv
iuQeMUyOZZvL+FPAVeX82mA9Wu1IgHuekhiuhO5iW2DGypWyw4qy2rjvTdHoK4iq
zwyq4+FP4yStPpw9U7kVt+D/Il9ImXyXbpnnskcM47YZ24sEipDjmd1+mdG7YQav
gEsV42eW8xJVopOUWI/vvgs9U1cfroi5JDUvJ+TCn25vmVoDMJXsBkHBWjkLqxrG
/zsJW4B71BiPqQE9/MLVprSL69iPjgc+parVEQ8Ay7QR2+fHrfbRUVaIeJNP6vpL
Ll9KToDYpIaMw9yjehnWnW3VDqECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ+Xmti
64huG7vajE33kmCwHcd4qTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDNjMTgyZDYtODdjZi00ZWEwLTk3MDktYjY2MTIxMmI5NjMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1N3gDAN
BgkqhkiG9w0BAQsFAAOCAQEApkXGo5F5sSN2xC3gOlyAmRTdbAfxa6Ohbybd7DwM
2IeQGFSPpNCkWhVkTOm8jzo9hM/oSDcEMUrN6blFxfmGBhXw2sqpFzHLjzr4mred
pyCqNf1MZfy3Nrsejk7zDs5Q1IxhtYEVcUcvx/5Vd5sMoxbzWh0O+Fq8rnxDMtxE
MPF7NWxnk7125uUQsPwupjua4dGx77BER5L4y5uBYBf0iYEEJ0apYvPLKX1CUxG5
/c6AmmoY9CyK1+KykWHm3SlwxwQPPwrQoqYX2Vi6hpunpSi5KW65+bo1ka7cpMz8
P5d4zUQ3X8Xp5YuyxHwyn3FaWM3ewZtMTzseJpJ0JBw4ZA==
-----END CERTIFICATE-----
Generated at Fri Sep 8 00:38:22 2023 by rpki-client on console-ams.rpki-client.org