Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/52763e98-2920-46fc-8dad-f7cba491e994.roa
File: 52763e98-2920-46fc-8dad-f7cba491e994.roa (raw, json)
Hash identifier: OgGxB4Jc8ouUDQteVfjDvCnAsAu3qssb2oKGTjJu/zw=
Subject key identifier: FA:46:C7:86:53:BE:97:CA:ED:EE:E4:F5:24:69:D9:75:18:7C:6B:29
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 69BE5BA68A8349E2CF464B67A0B74B083BF08757
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/52763e98-2920-46fc-8dad-f7cba491e994.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:1200::/39 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:be:5b:a6:8a:83:49:e2:cf:46:4b:67:a0:b7:4b:08:3b:f0:87:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=fc954f8a94c5a8bf4cc9e7a77175d53309d57eec177e2cc9a0028505f6319edc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:87:81:c7:dd:cf:9b:6d:12:d5:f8:b1:76:2c:
22:bc:0e:c6:11:86:4d:a4:4a:de:ba:39:8f:99:3a:
ce:d3:9d:da:f8:fe:82:72:a1:aa:f7:23:f3:0c:33:
64:bd:81:40:9e:8f:1a:1d:28:dd:05:76:e8:fa:b4:
96:69:4c:54:ba:f8:1a:b6:e2:d4:f8:6c:e7:ac:af:
54:04:c1:2e:74:8c:6e:0a:b5:4d:75:a9:90:16:6f:
7f:5a:b0:72:66:63:0d:2a:55:7a:f4:87:65:32:5d:
49:44:b4:81:80:73:2a:21:64:b0:5d:25:a1:b0:93:
22:8a:9f:d1:fb:c5:9a:90:27:66:a2:7b:4b:23:1e:
89:57:22:7c:e1:56:88:a3:23:c5:e0:32:c6:e8:41:
60:57:75:56:14:db:93:d2:68:2b:d2:9e:84:e5:fa:
e3:96:2a:15:d7:63:a5:4b:e0:d8:5c:80:c6:c5:44:
8b:eb:ca:4f:8e:c4:d2:50:fb:73:c4:6c:aa:c4:85:
e2:dc:a7:1e:51:77:88:29:2d:50:6d:b9:32:54:87:
7e:47:3c:34:06:7b:24:92:9e:52:7c:1e:f2:eb:bd:
27:e5:67:33:50:9e:91:e3:97:f0:25:58:59:c3:85:
49:d3:44:4f:49:d9:ac:db:c8:9b:c3:9d:e1:7d:74:
95:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:46:C7:86:53:BE:97:CA:ED:EE:E4:F5:24:69:D9:75:18:7C:6B:29
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/52763e98-2920-46fc-8dad-f7cba491e994.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1200::/39
Signature Algorithm: sha256WithRSAEncryption
3f:cd:9b:3f:3e:cd:81:46:f4:ee:22:55:e7:a4:01:e7:44:81:
38:3c:b5:b8:67:ff:6c:cf:d9:1c:ea:f3:2e:8b:21:95:d3:3c:
90:07:70:8e:9a:f5:90:73:b9:26:ef:a5:39:f0:bf:40:1b:0f:
68:4e:25:16:92:c7:9d:5d:4b:2a:18:ac:30:8e:6b:09:92:2d:
e6:84:12:f8:6e:1a:5f:f9:26:8b:cf:76:62:c6:7d:3e:2c:65:
95:d3:1c:aa:ec:49:e7:89:cd:bc:2a:10:d9:b9:2b:64:2b:8e:
f8:82:c7:1d:5e:aa:67:34:f4:16:c3:c4:77:21:5d:bc:8a:af:
18:8a:51:7c:15:1c:50:41:2d:ab:c3:4c:74:ff:ce:e6:c0:6c:
47:62:b9:a4:db:ae:d9:ff:12:d9:37:78:c6:f5:25:da:6c:63:
96:42:69:1c:ba:1e:62:da:d2:1a:e5:53:70:a6:f4:f1:4e:cf:
14:06:21:89:d9:06:08:21:46:32:9e:6b:6c:a2:00:9f:89:55:
cd:db:74:4c:88:24:5f:62:fa:d7:70:d0:3c:9b:68:92:76:8f:
2f:7f:e3:98:b3:59:bf:0e:b8:ff:93:a3:27:06:04:c4:d9:81:
66:6b:76:78:16:d8:91:e0:67:59:00:58:32:a3:6b:47:9b:0a:
b6:2b:39:86
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUab5bpoqDSeLPRktnoLdLCDvwh1cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjOTU0ZjhhOTRjNWE4YmY0Y2M5ZTdhNzcxNzVkNTMzMDlkNTdlZWMxNzdl
MmNjOWEwMDI4NTA1ZjYzMTllZGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJaHgcfdz5ttEtX4sXYsIrwOxhGGTaRK3ro5j5k6ztOd2vj+gnKhqvcj8wwz
ZL2BQJ6PGh0o3QV26Pq0lmlMVLr4Grbi1Phs56yvVATBLnSMbgq1TXWpkBZvf1qw
cmZjDSpVevSHZTJdSUS0gYBzKiFksF0lobCTIoqf0fvFmpAnZqJ7SyMeiVcifOFW
iKMjxeAyxuhBYFd1VhTbk9JoK9KehOX645YqFddjpUvg2FyAxsVEi+vKT47E0lD7
c8RsqsSF4tynHlF3iCktUG25MlSHfkc8NAZ7JJKeUnwe8uu9J+VnM1CekeOX8CVY
WcOFSdNET0nZrNvIm8Od4X10lSsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT6RseG
U76Xyu3u5PUkadl1GHxrKTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTI3NjNlOTgtMjkyMC00NmZjLThkYWQtZjdjYmE0OTFlOTk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGASoBBXgS
MA0GCSqGSIb3DQEBCwUAA4IBAQA/zZs/Ps2BRvTuIlXnpAHnRIE4PLW4Z/9sz9kc
6vMuiyGV0zyQB3COmvWQc7km76U58L9AGw9oTiUWksedXUsqGKwwjmsJki3mhBL4
bhpf+SaLz3Zixn0+LGWV0xyq7Ennic28KhDZuStkK474gscdXqpnNPQWw8R3IV28
iq8YilF8FRxQQS2rw0x0/87mwGxHYrmk267Z/xLZN3jG9SXabGOWQmkcuh5i2tIa
5VNwpvTxTs8UBiGJ2QYIIUYynmtsogCfiVXN23RMiCRfYvrXcNA8m2iSdo8vf+OY
s1m/Drj/k6MnBgTE2YFma3Z4FtiR4GdZAFgyo2tHmwq2KzmG
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:19:12 2023 by rpki-client on console-fra.rpki-client.org