Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6f7eb0e6-fbf6-4872-8a70-838cbba40e6f.roa
File: 6f7eb0e6-fbf6-4872-8a70-838cbba40e6f.roa (raw, json)
Hash identifier: RJDQ51IGha3ACOa8FRrKgC/R1rRcF6SKBzqmMb2Klj4=
Subject key identifier: 27:63:3F:66:53:3E:67:98:D1:2B:B3:01:FB:E6:36:7C:4F:82:76:B7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 44F6FEABF1ECE27B0D4C14EC9EFBB7A89BD7CC9A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6f7eb0e6-fbf6-4872-8a70-838cbba40e6f.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:1010::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:f6:fe:ab:f1:ec:e2:7b:0d:4c:14:ec:9e:fb:b7:a8:9b:d7:cc:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=bbf360aba825de299457cea11638654e7cdc6ca0eb433db6d5f0070b03866c03, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:8d:94:85:cf:5a:e0:56:5a:64:9c:83:15:8c:
72:d2:03:a0:71:9f:f7:27:0f:35:99:d9:5c:14:e2:
2f:2e:8e:cf:ea:43:a3:c9:3d:c5:9f:b9:18:3b:0b:
84:93:80:05:e1:22:47:78:ed:51:fa:a6:c1:92:f4:
cb:82:39:5d:98:ba:47:b4:24:ee:a8:d4:44:ad:db:
6b:ec:ca:9b:75:5b:5e:e5:81:1d:f9:c0:32:77:13:
b7:30:48:44:b9:ec:ee:49:32:b5:d2:05:a5:eb:f1:
ed:45:01:c0:70:ca:46:b1:7c:01:bb:90:c6:b4:f1:
9e:58:83:62:3a:30:6a:2e:9f:b4:26:92:42:bf:7f:
72:64:42:44:f6:5f:2d:91:6c:34:12:a9:ba:02:fa:
84:73:0a:7c:57:f4:58:45:9d:54:ef:3a:5f:46:9d:
06:1a:9a:3f:f7:58:c3:a9:15:98:1c:34:7b:4d:f9:
bd:46:7e:cc:4c:5e:56:aa:92:6c:62:3c:23:ed:e4:
01:e2:63:c0:a3:1d:3c:58:f6:74:80:3f:76:56:9b:
c2:ff:39:35:c9:82:fe:d2:db:c9:bb:68:46:15:b8:
84:23:1b:4a:44:47:16:95:6b:88:48:1e:3e:11:d7:
06:2d:62:83:bd:ef:98:41:fd:e0:ce:19:cd:92:f4:
b8:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:63:3F:66:53:3E:67:98:D1:2B:B3:01:FB:E6:36:7C:4F:82:76:B7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6f7eb0e6-fbf6-4872-8a70-838cbba40e6f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1010::/44
Signature Algorithm: sha256WithRSAEncryption
7d:8c:fd:74:1f:80:da:20:58:ae:f9:4f:67:ca:86:0e:ba:46:
0c:36:02:78:f3:02:b3:b7:d9:53:48:e5:0c:1c:13:ef:b9:10:
63:ad:6f:4b:df:e9:81:27:af:d4:fc:0f:d3:af:77:35:ba:ed:
d8:42:3b:f7:b7:da:53:95:6f:1f:2a:b2:c6:e5:1e:e9:9f:22:
76:2d:04:9b:8a:bc:ab:88:37:62:d9:0c:0a:ed:f1:6f:1f:cd:
53:4b:2a:4c:55:e5:46:ca:04:2b:ee:8a:31:f8:e3:99:d4:f6:
ba:57:36:2d:85:c4:2f:1d:c6:8e:8f:f8:3c:7a:9d:a9:f0:0a:
bc:c9:35:d9:62:8f:9a:d3:47:72:42:64:b1:f0:1d:94:d4:bb:
0d:c5:56:d9:3a:32:f7:f6:3f:a3:77:af:52:51:f4:a9:66:e1:
88:16:f3:91:29:a7:5c:43:fb:6c:a3:6a:59:26:76:1b:52:f5:
54:78:67:0b:63:54:75:40:cb:c2:82:ed:72:ad:9d:2f:94:58:
21:21:c4:c6:92:47:94:3f:31:d2:85:37:0e:5e:51:3d:7a:2a:
01:2a:fe:04:45:49:fc:a9:de:5f:51:14:6e:78:e1:68:e9:8d:
e3:11:e2:2d:7e:42:d7:2d:1b:01:fd:d6:2c:a7:65:05:fc:e4:
e2:1c:3d:de
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURPb+q/Hs4nsNTBTsnvu3qJvXzJowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGJiZjM2MGFiYTgyNWRlMjk5NDU3Y2VhMTE2Mzg2NTRlN2NkYzZjYTBlYjQz
M2RiNmQ1ZjAwNzBiMDM4NjZjMDMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANONlIXPWuBWWmScgxWMctIDoHGf9ycPNZnZXBTiLy6Oz+pDo8k9xZ+5GDsL
hJOABeEiR3jtUfqmwZL0y4I5XZi6R7Qk7qjURK3ba+zKm3VbXuWBHfnAMncTtzBI
RLns7kkytdIFpevx7UUBwHDKRrF8AbuQxrTxnliDYjowai6ftCaSQr9/cmRCRPZf
LZFsNBKpugL6hHMKfFf0WEWdVO86X0adBhqaP/dYw6kVmBw0e035vUZ+zExeVqqS
bGI8I+3kAeJjwKMdPFj2dIA/dlabwv85NcmC/tLbybtoRhW4hCMbSkRHFpVriEge
PhHXBi1ig73vmEH94M4ZzZL0uIkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQnYz9m
Uz5nmNErswH75jZ8T4J2tzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NmY3ZWIwZTYtZmJmNi00ODcyLThhNzAtODM4Y2JiYTQwZTZmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoBBXgQ
EDANBgkqhkiG9w0BAQsFAAOCAQEAfYz9dB+A2iBYrvlPZ8qGDrpGDDYCePMCs7fZ
U0jlDBwT77kQY61vS9/pgSev1PwP0693Nbrt2EI797faU5VvHyqyxuUe6Z8idi0E
m4q8q4g3YtkMCu3xbx/NU0sqTFXlRsoEK+6KMfjjmdT2ulc2LYXELx3Gjo/4PHqd
qfAKvMk12WKPmtNHckJksfAdlNS7DcVW2Toy9/Y/o3evUlH0qWbhiBbzkSmnXEP7
bKNqWSZ2G1L1VHhnC2NUdUDLwoLtcq2dL5RYISHExpJHlD8x0oU3Dl5RPXoqASr+
BEVJ/KneX1EUbnjhaOmN4xHiLX5C1y0bAf3WLKdlBfzk4hw93g==
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:27 2023 by rpki-client on console-ams.rpki-client.org