Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7dc90e26-05aa-40c8-bbd0-967e095d6485.roa
File: 7dc90e26-05aa-40c8-bbd0-967e095d6485.roa (raw, json)
Hash identifier: 8W+IcBRcf38hTQuDrvkhKuHwVMt1OMopL+y/gDyyqxE=
Subject key identifier: E1:50:4B:2F:73:2B:C3:5F:53:EA:05:1E:A2:14:D0:FF:FF:5E:0C:43
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 71B257CDA148F8174A331F92A022F713D09D3DA4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7dc90e26-05aa-40c8-bbd0-967e095d6485.roa
Signing time: Tue 03 Oct 2023 00:00:00 +0000
ROA not before: Tue 03 Oct 2023 00:00:00 +0000
ROA not after: Tue 07 Nov 2023 23:59:59 +0000
asID: 16509
IP address blocks: 143.65.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Oct 2023 08:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:b2:57:cd:a1:48:f8:17:4a:33:1f:92:a0:22:f7:13:d0:9d:3d:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 3 00:00:00 2023 GMT
Not After : Nov 7 23:59:59 2023 GMT
Subject: serialNumber=b9003bbfb0ed7f3bc1302066d2e8c8e90d4fcf64f2ddbe15727bf6553ca34968, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:6a:80:b5:a2:b8:30:c8:e9:02:0c:09:c1:33:
1c:8e:19:1e:1e:77:d0:75:df:b0:b6:ab:70:7f:12:
1a:36:11:cb:69:93:95:5c:1a:83:24:e1:76:62:2a:
c4:ed:6b:73:db:7f:9c:0a:d2:97:03:36:e9:5d:bd:
54:5d:cf:b4:bd:76:09:03:5a:b1:9e:a8:a4:d5:30:
c0:de:8e:15:29:36:b2:41:e3:ae:e7:7d:b1:6c:64:
32:0f:67:e3:ac:b6:e2:1a:0d:0d:e5:43:b2:bb:05:
97:2f:be:27:7b:aa:ae:80:e8:75:18:b1:94:f2:ca:
77:c8:47:bf:3e:19:3e:93:12:f7:23:96:fd:0a:f8:
4c:f6:11:6a:0f:4d:45:ce:2f:3b:71:fc:40:21:12:
9d:c4:b4:52:c3:2d:0f:a7:b0:9b:df:b9:18:26:71:
eb:41:66:f3:a0:f4:68:37:97:3f:3e:73:da:20:f6:
f7:6a:fe:5e:d3:d8:92:ab:d7:ab:b0:8a:8e:dd:1e:
36:9b:30:e7:62:bf:ce:36:c9:88:6e:0a:a6:e0:01:
14:8b:76:06:f4:c5:50:d4:9f:82:ad:e9:02:92:34:
5e:a4:d5:37:27:ca:38:6a:e7:c6:d8:2e:9b:64:cd:
28:b7:d4:65:5e:15:8a:ee:da:91:a3:bf:bb:75:e2:
7b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:50:4B:2F:73:2B:C3:5F:53:EA:05:1E:A2:14:D0:FF:FF:5E:0C:43
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7dc90e26-05aa-40c8-bbd0-967e095d6485.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.0.0/17
Signature Algorithm: sha256WithRSAEncryption
14:9e:34:e2:a9:d1:0c:83:50:57:5d:f3:2a:a5:8e:64:e8:5f:
03:b1:51:59:60:42:dd:35:17:ca:c2:de:a4:ce:a7:43:da:46:
04:96:a1:f6:81:e2:27:db:09:1b:f9:1e:cb:ae:b5:3e:e1:0a:
0c:8e:a2:0c:3e:5b:b3:6c:ea:9d:8c:5b:8f:a7:ff:71:b8:4e:
f0:a2:a9:b2:9b:d0:f8:63:38:14:20:7c:c1:11:f6:3b:6b:74:
90:85:1e:bf:92:07:7a:25:b2:4f:18:09:4e:3c:2a:d0:10:3b:
b7:96:3f:49:bd:5d:8d:e6:cc:19:bd:1b:99:72:98:3d:6a:78:
c6:96:de:28:1d:b7:eb:88:c4:d6:93:6d:e5:77:73:ab:e5:eb:
7a:2e:8a:69:25:76:6f:88:99:29:9e:8f:9c:c8:65:47:13:9e:
ed:26:c9:49:65:b1:4d:52:49:cc:d7:25:33:64:ff:e2:7d:8c:
39:b6:08:aa:d7:44:cf:f0:f4:96:5e:48:94:53:2f:3d:13:5f:
9f:d8:3c:28:bf:e6:e3:52:f5:84:87:5d:92:0e:60:2b:1c:13:
54:47:b0:ef:7c:7d:71:de:7a:63:0e:5f:91:e5:f0:1b:6e:4c:
9c:c6:5d:6d:4b:0b:d2:da:2b:53:41:19:28:21:4c:17:61:7e:
53:c3:f8:b2
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUcbJXzaFI+BdKMx+SoCL3E9CdPaQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzEwMDMwMDAwMDBaFw0yMzExMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5MDAzYmJmYjBlZDdmM2JjMTMwMjA2NmQyZThjOGU5MGQ0ZmNmNjRmMmRk
YmUxNTcyN2JmNjU1M2NhMzQ5NjgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAONqgLWiuDDI6QIMCcEzHI4ZHh530HXfsLarcH8SGjYRy2mTlVwagyThdmIq
xO1rc9t/nArSlwM26V29VF3PtL12CQNasZ6opNUwwN6OFSk2skHjrud9sWxkMg9n
46y24hoNDeVDsrsFly++J3uqroDodRixlPLKd8hHvz4ZPpMS9yOW/Qr4TPYRag9N
Rc4vO3H8QCESncS0UsMtD6ewm9+5GCZx60Fm86D0aDeXPz5z2iD292r+XtPYkqvX
q7CKjt0eNpsw52K/zjbJiG4KpuABFIt2BvTFUNSfgq3pApI0XqTVNyfKOGrnxtgu
m2TNKLfUZV4Viu7akaO/u3Xie60CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBThUEsv
cyvDX1PqBR6iFND//14MQzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2RjOTBlMjYtMDVhYS00MGM4LWJiZDAtOTY3ZTA5NWQ2NDg1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB49BADAN
BgkqhkiG9w0BAQsFAAOCAQEAFJ404qnRDINQV13zKqWOZOhfA7FRWWBC3TUXysLe
pM6nQ9pGBJah9oHiJ9sJG/key661PuEKDI6iDD5bs2zqnYxbj6f/cbhO8KKpspvQ
+GM4FCB8wRH2O2t0kIUev5IHeiWyTxgJTjwq0BA7t5Y/Sb1djebMGb0bmXKYPWp4
xpbeKB2364jE1pNt5Xdzq+Xrei6KaSV2b4iZKZ6PnMhlRxOe7SbJSWWxTVJJzNcl
M2T/4n2MObYIqtdEz/D0ll5IlFMvPRNfn9g8KL/m41L1hIddkg5gKxwTVEew73x9
cd56Yw5fkeXwG25MnMZdbUsL0torU0EZKCFMF2F+U8P4sg==
-----END CERTIFICATE-----
Generated at Tue Oct 3 15:51:55 2023 by rpki-client on console-ams.rpki-client.org