Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69988e45-d4fb-4896-be53-951c20d12c48.roa
File: 69988e45-d4fb-4896-be53-951c20d12c48.roa (raw, json)
Hash identifier: 7qu516rjMFwLCuBzg1lXdsjUd8BiJfLmEjM8Cly/ChE=
Subject key identifier: 52:48:27:19:F9:47:50:4D:76:94:91:44:B7:49:CB:D2:5D:D4:03:E7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: A0835FD66EE5917BF1DDBA68E17F5FA673F5D6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69988e45-d4fb-4896-be53-951c20d12c48.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a11:47c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
a0:83:5f:d6:6e:e5:91:7b:f1:dd:ba:68:e1:7f:5f:a6:73:f5:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=48b6fc52b71a840f5892d81fbf3a2f849c00b3557fbe817f8c5731838bf925ed, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:b6:cf:69:f1:19:d6:66:0d:9f:cc:88:9d:3f:
99:a0:7e:6c:2b:e0:a9:93:87:a2:92:be:21:a4:8a:
b6:da:e6:07:22:15:3b:d7:d7:4c:cf:18:c0:dd:74:
d6:eb:f9:0e:63:5e:97:5e:6d:a4:c4:a2:f8:d1:67:
4a:a3:69:bb:ed:35:9b:0d:56:2c:09:18:5b:5a:95:
3e:9d:06:5e:28:31:14:bf:ec:d6:0d:e9:0e:e7:b1:
f7:83:15:42:98:f1:5c:2f:c1:49:9e:ca:05:a7:2c:
7f:2d:01:66:62:40:0e:17:aa:f5:9e:b7:ae:e6:36:
3c:42:bb:be:f0:19:a3:0b:da:1c:db:65:ef:39:89:
c1:6b:48:60:e8:de:70:ac:65:bb:5a:53:60:e0:f0:
d3:2d:1c:7e:21:6c:ec:9b:b4:de:97:f0:40:4a:9e:
99:74:bb:cd:12:e0:8d:23:a0:15:f8:27:3a:ef:ee:
0f:c6:e1:83:bf:53:9f:91:3b:fc:81:e8:9f:9a:1b:
a5:34:d2:5f:e5:ba:77:4b:2a:df:c4:26:3f:4c:cc:
fe:d6:6d:8c:58:27:ae:bb:5d:56:a4:d3:18:87:f1:
72:54:3c:fd:e1:72:42:56:79:d5:0e:01:82:6d:c2:
ed:a6:d7:65:1e:99:3c:1a:be:de:89:b6:5f:76:6f:
b9:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:48:27:19:F9:47:50:4D:76:94:91:44:B7:49:CB:D2:5D:D4:03:E7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69988e45-d4fb-4896-be53-951c20d12c48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:47c0::/29
Signature Algorithm: sha256WithRSAEncryption
3b:48:f3:e9:d2:2c:b5:7b:be:3a:8f:f1:fc:ee:09:05:f0:94:
2f:8a:59:f9:0e:cd:98:62:50:98:99:65:b6:34:60:d3:be:8a:
94:0c:5b:d0:20:36:8a:59:bf:4c:90:cb:20:78:04:f7:93:bc:
d3:b4:14:73:b1:69:ee:72:42:c6:00:b9:af:db:79:6c:6d:67:
eb:4b:85:ce:ae:86:fd:fc:f1:f0:6a:19:8a:d2:cf:32:c4:a1:
b3:33:43:5c:9b:53:2c:ba:ed:15:bc:6a:f5:7f:83:4b:db:c0:
a3:e5:97:0a:88:b7:80:a2:98:66:6c:e3:ad:d1:09:f3:95:74:
c8:a7:fc:39:2a:89:34:3c:f4:46:4e:2b:bd:71:64:36:89:f9:
d9:c3:5e:d9:5c:42:8b:b9:2a:16:b7:af:0b:9c:81:64:18:50:
df:f9:f9:09:cf:c8:aa:30:c2:02:38:12:f0:ed:64:a7:22:26:
6b:ed:2d:a9:88:51:f2:1f:ff:e0:02:09:81:79:a0:73:77:8b:
5f:ff:52:45:14:2e:d2:89:bd:b1:c6:29:5b:38:3e:a5:6e:01:
b7:89:35:4b:00:7c:45:cb:12:4e:7f:5d:4e:f3:00:36:8a:70:
54:2e:31:e9:33:10:ec:c8:0d:70:6e:55:66:1d:d2:92:94:6a:
74:58:0b:94
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUAKCDX9Zu5ZF78d26aOF/X6Zz9dYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ4YjZmYzUyYjcxYTg0MGY1ODkyZDgxZmJmM2EyZjg0OWMwMGIzNTU3ZmJl
ODE3ZjhjNTczMTgzOGJmOTI1ZWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANS2z2nxGdZmDZ/MiJ0/maB+bCvgqZOHopK+IaSKttrmByIVO9fXTM8YwN10
1uv5DmNel15tpMSi+NFnSqNpu+01mw1WLAkYW1qVPp0GXigxFL/s1g3pDuex94MV
QpjxXC/BSZ7KBacsfy0BZmJADheq9Z63ruY2PEK7vvAZowvaHNtl7zmJwWtIYOje
cKxlu1pTYODw0y0cfiFs7Ju03pfwQEqemXS7zRLgjSOgFfgnOu/uD8bhg79Tn5E7
/IHon5obpTTSX+W6d0sq38QmP0zM/tZtjFgnrrtdVqTTGIfxclQ8/eFyQlZ51Q4B
gm3C7abXZR6ZPBq+3om2X3ZvuQ0CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRSSCcZ
+UdQTXaUkUS3ScvSXdQD5zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njk5ODhlNDUtZDRmYi00ODk2LWJlNTMtOTUxYzIwZDEyYzQ4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoRR8Aw
DQYJKoZIhvcNAQELBQADggEBADtI8+nSLLV7vjqP8fzuCQXwlC+KWfkOzZhiUJiZ
ZbY0YNO+ipQMW9AgNopZv0yQyyB4BPeTvNO0FHOxae5yQsYAua/beWxtZ+tLhc6u
hv388fBqGYrSzzLEobMzQ1ybUyy67RW8avV/g0vbwKPllwqIt4CimGZs463RCfOV
dMin/DkqiTQ89EZOK71xZDaJ+dnDXtlcQou5Kha3rwucgWQYUN/5+QnPyKowwgI4
EvDtZKciJmvtLamIUfIf/+ACCYF5oHN3i1//UkUULtKJvbHGKVs4PqVuAbeJNUsA
fEXLEk5/XU7zADaKcFQuMekzEOzIDXBuVWYd0pKUanRYC5Q=
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:47:32 2023 by rpki-client on console-fra.rpki-client.org