Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
File: 4eb66819-e335-446d-8ca8-7436f3cd196d.roa (raw, json)
Hash identifier: 1BcTTfOXGFv/fqcjxbzsZLgL2hOctH9oG3JRj6OsuaY=
Subject key identifier: 31:6D:E3:B0:F0:E3:34:D8:BE:2D:FF:CD:69:A4:AE:2B:96:46:03:4B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 48699DAE179CB7A4BB372A6CFF78341E93106FBC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 143.65.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:69:9d:ae:17:9c:b7:a4:bb:37:2a:6c:ff:78:34:1e:93:10:6f:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=4bb1b04add4f08bd72e4afae227c8d4150dfb9313770036b0b339e9750b3a7bc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:7c:e4:5f:01:c0:a6:0b:d5:73:9f:0f:92:23:
79:11:83:f3:ac:fe:3e:e8:ff:bc:8e:5f:9a:c0:31:
c6:88:34:1f:e0:46:2b:49:bc:e4:64:5e:4e:64:80:
76:4c:83:7e:e5:64:17:9f:51:aa:ed:7f:f0:03:03:
7c:40:f1:d1:7d:9f:39:3b:aa:4e:46:9b:0f:c8:4c:
2c:49:94:81:3b:f9:a5:4e:b4:c5:66:39:c2:db:8f:
ab:45:5a:6e:2f:8d:a9:e7:03:43:e3:19:f9:be:03:
66:55:cb:2e:f2:e3:64:4f:11:00:27:bd:19:6e:c3:
9c:23:54:0e:0c:c1:c0:3d:64:be:eb:e0:62:f4:6d:
2a:c1:c4:bf:79:1f:0c:ea:50:c1:64:c0:97:b2:59:
2c:09:e3:7a:b3:73:34:88:27:02:a4:a4:44:f1:8d:
06:33:b1:fa:f2:88:7c:81:d9:51:be:4f:10:c4:9c:
f2:75:0b:51:ac:ae:2a:95:ed:d5:4e:67:2e:57:ba:
3d:92:fb:bc:03:5d:26:7f:7a:99:cf:e1:0f:d9:08:
0b:ac:62:06:d6:e1:a5:03:2c:9d:a5:32:50:07:5d:
94:65:99:26:28:28:af:9f:6e:bc:9f:50:b4:89:93:
8f:b4:77:38:7f:32:0b:74:87:74:c6:6e:cc:e0:cb:
ff:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:6D:E3:B0:F0:E3:34:D8:BE:2D:FF:CD:69:A4:AE:2B:96:46:03:4B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.128.0/18
Signature Algorithm: sha256WithRSAEncryption
b1:66:bf:f9:6b:76:a3:80:cf:6a:ec:6a:10:dd:93:8a:71:c8:
96:9a:1c:bd:51:76:7a:7f:a9:1e:c9:79:99:d0:11:37:a3:da:
99:07:3f:d0:3b:df:ae:f1:24:a5:03:58:3c:6e:c2:05:17:fc:
00:f9:e1:67:6d:5a:de:81:58:66:4c:8c:2b:9d:b1:74:3a:de:
fb:95:75:8a:c9:90:8c:b7:33:b9:da:67:2d:22:62:1c:e1:bb:
b0:ae:41:b2:1a:de:8c:61:53:c4:e3:68:92:5c:bd:f3:60:41:
ff:90:c5:9a:b6:da:5e:ac:7d:6c:82:c3:ef:b1:21:45:0b:f8:
42:6e:1c:46:88:03:c6:eb:87:f4:15:10:bf:17:17:07:1c:54:
3d:9d:7b:3a:7f:25:a4:41:cf:f9:eb:db:98:df:df:ab:1d:95:
77:bd:20:d3:e5:be:b0:86:9c:d2:88:09:0a:84:b8:b1:96:3c:
00:43:88:2b:d7:b9:28:6a:ea:37:ed:23:ba:57:bc:de:94:ff:
88:b2:11:b8:c0:87:53:45:92:2e:f3:45:bf:34:9d:5d:14:8c:
45:e2:2e:a7:e8:97:90:91:cd:82:95:c5:5d:ff:2a:ee:b5:8c:
2f:eb:a3:62:7f:84:12:db:ca:a1:90:3d:4e:8a:e2:6a:7c:2a:
f3:d2:4e:35
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUSGmdrhect6S7Nyps/3g0HpMQb7wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiYjFiMDRhZGQ0ZjA4YmQ3MmU0YWZhZTIyN2M4ZDQxNTBkZmI5MzEzNzcw
MDM2YjBiMzM5ZTk3NTBiM2E3YmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMx85F8BwKYL1XOfD5IjeRGD86z+Puj/vI5fmsAxxog0H+BGK0m85GReTmSA
dkyDfuVkF59Rqu1/8AMDfEDx0X2fOTuqTkabD8hMLEmUgTv5pU60xWY5wtuPq0Va
bi+NqecDQ+MZ+b4DZlXLLvLjZE8RACe9GW7DnCNUDgzBwD1kvuvgYvRtKsHEv3kf
DOpQwWTAl7JZLAnjerNzNIgnAqSkRPGNBjOx+vKIfIHZUb5PEMSc8nULUayuKpXt
1U5nLle6PZL7vANdJn96mc/hD9kIC6xiBtbhpQMsnaUyUAddlGWZJigor59uvJ9Q
tImTj7R3OH8yC3SHdMZuzODL/3sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQxbeOw
8OM02L4t/81ppK4rlkYDSzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGViNjY4MTktZTMzNS00NDZkLThjYTgtNzQzNmYzY2QxOTZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBo9BgDAN
BgkqhkiG9w0BAQsFAAOCAQEAsWa/+Wt2o4DPauxqEN2TinHIlpocvVF2en+pHsl5
mdARN6PamQc/0DvfrvEkpQNYPG7CBRf8APnhZ21a3oFYZkyMK52xdDre+5V1ismQ
jLczudpnLSJiHOG7sK5BshrejGFTxONokly982BB/5DFmrbaXqx9bILD77EhRQv4
Qm4cRogDxuuH9BUQvxcXBxxUPZ17On8lpEHP+evbmN/fqx2Vd70g0+W+sIac0ogJ
CoS4sZY8AEOIK9e5KGrqN+0jule83pT/iLIRuMCHU0WSLvNFvzSdXRSMReIup+iX
kJHNgpXFXf8q7rWML+ujYn+EEtvKoZA9Torianwq89JONQ==
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:27 2023 by rpki-client on console-ams.rpki-client.org