Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
File: 44c4496c-63e1-49fc-828b-d77f94e0a789.roa (raw, json)
Hash identifier: Hc7OySJJ3VVUfbouHultDk7+fVJV36i2L7yJ1eh1eP0=
Subject key identifier: 43:30:B5:45:AC:0D:32:09:09:AB:9E:E4:63:48:36:F7:6B:D0:9F:7A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6221B60D56BFA261E29267777C46492F5DCFE805
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
Signing time: Mon 18 Sep 2023 00:00:00 +0000
ROA not before: Mon 18 Sep 2023 00:00:00 +0000
ROA not after: Mon 23 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 213.72.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 19 Sep 2023 14:22:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:21:b6:0d:56:bf:a2:61:e2:92:67:77:7c:46:49:2f:5d:cf:e8:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 18 00:00:00 2023 GMT
Not After : Oct 23 23:59:59 2023 GMT
Subject: serialNumber=1bcb686d5fb6feca958dd1a4f39d15ecc018751dce9c7ae3119da30f65fdf1b2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:0f:d2:8f:48:e7:ca:0f:6d:16:b6:c8:41:38:
25:ac:74:4c:95:dc:50:d0:66:7d:29:14:c7:95:54:
8e:b4:f8:ee:05:9e:2e:b5:5d:06:ab:37:04:ec:6c:
e9:10:1b:b2:22:ae:c9:f9:5a:6b:55:30:5c:58:83:
af:15:52:f9:79:c4:15:45:39:ed:84:2a:74:de:05:
0e:9c:68:eb:96:6d:77:f3:5c:cc:ee:bd:5b:22:91:
a8:28:e0:bb:c0:2e:93:70:77:94:cd:a7:db:34:03:
ea:29:90:66:55:46:14:d7:03:51:d5:39:0e:60:f9:
ca:41:7f:bd:67:20:ad:e8:df:7d:06:ea:b9:83:67:
a9:ad:48:4e:c1:07:10:61:9e:39:e6:ee:55:8c:70:
5a:d6:5a:21:a5:47:6e:62:7b:4c:5a:ee:bf:7d:58:
fa:ac:7e:85:a9:ba:3c:ab:18:bb:2c:63:c9:9c:24:
eb:0c:28:3d:b3:52:a6:30:9d:61:68:15:76:10:2f:
09:6c:9a:f8:82:13:60:10:32:9e:36:58:e4:51:e8:
35:1f:08:f0:c8:a2:98:f1:6b:aa:56:f2:5a:04:de:
49:0e:67:63:bf:36:ea:aa:ec:be:ce:2d:50:86:14:
7f:cc:4a:4b:19:e1:67:dd:10:18:76:18:11:dd:56:
c4:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:30:B5:45:AC:0D:32:09:09:AB:9E:E4:63:48:36:F7:6B:D0:9F:7A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.128.0/17
Signature Algorithm: sha256WithRSAEncryption
63:6d:d9:90:48:10:94:c1:b6:ec:6b:1b:a1:78:e2:c0:74:54:
a3:4b:50:bd:b0:fb:e0:b6:f7:af:94:3a:95:88:27:1a:bc:b3:
a2:8e:02:e4:61:57:89:a6:ec:fa:91:da:d0:c7:8f:4c:d9:00:
4d:ec:15:7b:ad:44:64:1e:14:29:0a:6c:15:59:2c:3e:ac:e6:
95:67:f4:9d:7a:99:75:e1:8e:68:51:8d:59:36:9b:2b:88:de:
56:50:7d:17:6a:7b:37:51:fb:56:a5:a5:ce:68:a5:22:1d:73:
cb:2d:d7:69:78:95:72:11:ce:50:6a:b2:b9:c3:bd:d7:79:19:
a5:4a:fd:22:1d:55:40:5a:20:34:e0:44:c3:d5:c7:45:4a:18:
29:80:51:ff:56:27:9f:42:80:af:b0:37:ff:54:bb:e7:05:e3:
17:1a:b8:22:40:27:c0:40:92:38:ac:90:d4:c4:1c:dd:be:a8:
23:5d:b0:f7:87:d2:31:c9:31:8f:97:08:d9:98:b4:41:cd:b0:
09:01:7e:2b:7b:fc:89:b4:02:4b:18:a5:8f:a3:ef:f8:0d:fd:
2d:54:9e:7f:73:3a:d2:ff:ae:de:b6:a3:da:8d:fa:b9:67:c8:
b1:b0:75:84:f8:88:7c:ad:8e:2b:1d:f1:f2:09:35:69:99:c2:
33:ca:91:98
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUYiG2DVa/omHikmd3fEZJL13P6AUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MTgwMDAwMDBaFw0yMzEwMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDFiY2I2ODZkNWZiNmZlY2E5NThkZDFhNGYzOWQxNWVjYzAxODc1MWRjZTlj
N2FlMzExOWRhMzBmNjVmZGYxYjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALwP0o9I58oPbRa2yEE4Jax0TJXcUNBmfSkUx5VUjrT47gWeLrVdBqs3BOxs
6RAbsiKuyflaa1UwXFiDrxVS+XnEFUU57YQqdN4FDpxo65Ztd/NczO69WyKRqCjg
u8Auk3B3lM2n2zQD6imQZlVGFNcDUdU5DmD5ykF/vWcgrejffQbquYNnqa1ITsEH
EGGeOebuVYxwWtZaIaVHbmJ7TFruv31Y+qx+ham6PKsYuyxjyZwk6wwoPbNSpjCd
YWgVdhAvCWya+IITYBAynjZY5FHoNR8I8MiimPFrqlbyWgTeSQ5nY7826qrsvs4t
UIYUf8xKSxnhZ90QGHYYEd1WxIMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRDMLVF
rA0yCQmrnuRjSDb3a9CfejAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDRjNDQ5NmMtNjNlMS00OWZjLTgyOGItZDc3Zjk0ZTBhNzg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIgDAN
BgkqhkiG9w0BAQsFAAOCAQEAY23ZkEgQlMG27GsboXjiwHRUo0tQvbD74Lb3r5Q6
lYgnGryzoo4C5GFXiabs+pHa0MePTNkATewVe61EZB4UKQpsFVksPqzmlWf0nXqZ
deGOaFGNWTabK4jeVlB9F2p7N1H7VqWlzmilIh1zyy3XaXiVchHOUGqyucO913kZ
pUr9Ih1VQFogNOBEw9XHRUoYKYBR/1Ynn0KAr7A3/1S75wXjFxq4IkAnwECSOKyQ
1MQc3b6oI12w94fSMckxj5cI2Zi0Qc2wCQF+K3v8ibQCSxilj6Pv+A39LVSef3M6
0v+u3raj2o36uWfIsbB1hPiIfK2OKx3x8gk1aZnCM8qRmA==
-----END CERTIFICATE-----
Generated at Mon Sep 18 16:40:46 2023 by rpki-client on console-ams.rpki-client.org