Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
File: 4911793e-4031-4d2f-be54-a38fc617b3c5.roa (raw, json)
Hash identifier: qSKqqvL7l1213R2KGPRN/NuDarPOARVCLIJpxwLaAdo=
Subject key identifier: 0A:29:D2:D4:62:A4:30:48:E3:85:A0:85:FA:71:D9:31:0B:F4:8D:DD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5E8521C3A7387517161606933E635DAE89ADB147
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
Signing time: Wed 15 Mar 2023 00:00:00 +0000
ROA not before: Wed 15 Mar 2023 00:00:00 +0000
ROA not after: Wed 19 Apr 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.114.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 Mar 2023 07:18:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:85:21:c3:a7:38:75:17:16:16:06:93:3e:63:5d:ae:89:ad:b1:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 15 00:00:00 2023 GMT
Not After : Apr 19 23:59:59 2023 GMT
Subject: serialNumber=e058cdeeef96abe96709bb47b871d8b3aa28038ac19c12a22155b0c59a8e962e, CN=c336411a-6651-4f13-8ef9-de681c7c9444, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:84:fe:2a:4c:17:44:54:56:eb:30:a6:8d:36:
bb:9d:f4:9d:7b:fc:81:57:3e:ae:76:06:36:08:d6:
50:c8:11:f1:69:fb:f8:a6:d4:1e:50:62:f6:56:59:
74:46:0e:2e:09:73:ea:cc:0d:dd:55:2f:4d:11:46:
15:da:27:60:29:0f:a2:a6:f3:9d:c2:8c:c0:f8:70:
7f:f8:20:1f:01:1b:d3:2a:4f:3c:36:6b:97:36:7a:
b6:28:33:2a:cd:5a:6c:48:7f:44:06:e8:12:14:ac:
bb:71:10:9e:af:67:38:3f:df:c0:6d:7e:9b:15:a2:
9d:ec:92:1a:83:ba:04:a0:f1:d0:b7:b1:74:96:4e:
48:bd:ea:7a:57:c9:aa:bc:ab:7a:f0:fe:42:5b:54:
f8:97:25:1f:1d:b8:a0:45:d8:c2:b3:35:10:70:06:
f9:0e:b2:7a:1e:53:1b:7e:b7:17:2e:16:42:70:7a:
ef:5e:5c:b6:5c:5f:c1:18:be:e4:d3:58:92:dc:47:
a9:a3:9f:e5:e6:27:3f:dd:6a:4e:05:16:14:3c:be:
48:e0:21:42:eb:ce:bd:31:c8:b1:ce:23:71:13:d1:
53:e2:0b:cb:a5:14:26:5b:5a:f0:26:37:76:c5:09:
bb:e6:dc:df:c1:ee:5b:80:91:f0:2f:cd:1f:b5:8f:
74:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:29:D2:D4:62:A4:30:48:E3:85:A0:85:FA:71:D9:31:0B:F4:8D:DD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.114.0.0/16
Signature Algorithm: sha256WithRSAEncryption
53:e7:6a:bd:ef:c0:f4:c2:e7:fc:c6:e5:f6:e9:83:49:cb:d4:
9a:b3:5d:8d:c6:bb:c4:f3:5f:bc:ef:fe:5b:0e:d6:b8:69:5c:
d6:a0:fb:1b:8b:67:7d:90:78:6c:ff:c0:cf:92:62:5b:b3:80:
49:a2:ba:dc:09:8e:72:35:bd:a5:6c:e9:25:6f:b9:ae:78:5b:
57:93:69:a1:a8:99:06:9b:ac:f8:a5:ce:51:ba:b8:dc:1f:2d:
83:bd:9f:3e:1d:f0:b0:73:e3:6f:71:4c:de:c9:62:f7:1d:cd:
a6:fc:a8:a7:ef:85:3b:2c:a9:4d:5d:8a:0f:93:50:be:3e:55:
89:9d:c3:53:ee:b4:2b:fe:28:b5:d9:fb:68:0c:dd:8a:ea:6a:
cc:7e:cc:eb:24:1a:9f:30:f8:12:ea:6b:d5:5b:7e:c4:cb:46:
18:9d:ab:ea:e8:2c:6f:98:05:12:eb:cb:e1:3e:74:68:4f:f7:
f3:51:a2:dd:4c:75:d8:a5:12:94:cd:9a:2e:5d:38:8c:b5:72:
b3:31:d5:2a:4f:43:4d:61:7e:1b:46:6c:25:2a:48:65:c0:b6:
93:31:f3:75:59:2f:e2:f4:5f:51:aa:13:51:01:c1:17:ed:0b:
07:bd:53:60:10:94:19:ac:6c:a9:58:a6:85:2d:02:a0:a2:94:
b1:69:fb:dd
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIUXoUhw6c4dRcWFgaTPmNdromtsUcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzAzMTUwMDAwMDBaFw0yMzA0MTkyMzU5NTlaMIGlMUkwRwYD
VQQFE0BlMDU4Y2RlZWVmOTZhYmU5NjcwOWJiNDdiODcxZDhiM2FhMjgwMzhhYzE5
YzEyYTIyMTU1YjBjNTlhOGU5NjJlMS0wKwYDVQQDEyRjMzM2NDExYS02NjUxLTRm
MTMtOGVmOS1kZTY4MWM3Yzk0NDQxFDASBgNVBAsTC0FtYXpvbiBSUEtJMRMwEQYD
VQQKEwpBbWF6b24uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
mIT+KkwXRFRW6zCmjTa7nfSde/yBVz6udgY2CNZQyBHxafv4ptQeUGL2Vll0Rg4u
CXPqzA3dVS9NEUYV2idgKQ+ipvOdwozA+HB/+CAfARvTKk88NmuXNnq2KDMqzVps
SH9EBugSFKy7cRCer2c4P9/AbX6bFaKd7JIag7oEoPHQt7F0lk5Ivep6V8mqvKt6
8P5CW1T4lyUfHbigRdjCszUQcAb5DrJ6HlMbfrcXLhZCcHrvXly2XF/BGL7k01iS
3Eepo5/l5ic/3WpOBRYUPL5I4CFC6869McixziNxE9FT4gvLpRQmW1rwJjd2xQm7
5tzfwe5bgJHwL80ftY901wIDAQABo4ICIDCCAhwwHQYDVR0OBBYEFAop0tRipDBI
44Wghfpx2TEL9I3dMB8GA1UdIwQYMBaAFEU/R0Y1TirRXOfr2Nwh+WwOXIfPMA4G
A1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvUlQ5SFJqVk9LdEZj
NS12WTNDSDViQTVjaDg4LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsGAQUF
BzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5jb20v
dm9sdW1lLzk2N2EyNTVjLWQ2ODAtNDJkMy05ZWMzLWVjYjNmOWRhMDg4Yy80OTEx
NzkzZS00MDMxLTRkMmYtYmU1NC1hMzhmYzYxN2IzYzUucm9hMIGIBgNVHR8EgYAw
fjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
X2xBaTVUSERzUWRQWUE5bm1FVDZvbEh1VmM4LmNybDAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAM3IwDQYJKoZI
hvcNAQELBQADggEBAFPnar3vwPTC5/zG5fbpg0nL1JqzXY3Gu8TzX7zv/lsO1rhp
XNag+xuLZ32QeGz/wM+SYluzgEmiutwJjnI1vaVs6SVvua54W1eTaaGomQabrPil
zlG6uNwfLYO9nz4d8LBz429xTN7JYvcdzab8qKfvhTssqU1dig+TUL4+VYmdw1Pu
tCv+KLXZ+2gM3Yrqasx+zOskGp8w+BLqa9VbfsTLRhidq+roLG+YBRLry+E+dGhP
9/NRot1MddilEpTNmi5dOIy1crMx1SpPQ01hfhtGbCUqSGXAtpMx83VZL+L0X1Gq
E1EBwRftCwe9U2AQlBmsbKlYpoUtAqCilLFp+90=
-----END CERTIFICATE-----
Generated at Wed Mar 15 11:43:19 2023 by rpki-client on console-ams.rpki-client.org