Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f44216c-6452-466e-be4f-93ae1547f6d1.roa
File: 7f44216c-6452-466e-be4f-93ae1547f6d1.roa (raw, json)
Hash identifier: leK5OVf7tPT6wWdgy+kE90RYgcJOoZpk8qldCFPkn/M=
Subject key identifier: 8B:79:35:05:32:39:F5:F3:68:7A:24:E4:96:16:1E:12:9B:53:25:7C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4CCF474F24EE033E8650DD25C1E3B610744A646C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f44216c-6452-466e-be4f-93ae1547f6d1.roa
Signing time: Thu 16 Mar 2023 00:00:00 +0000
ROA not before: Thu 16 Mar 2023 00:00:00 +0000
ROA not after: Thu 20 Apr 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 Mar 2023 21:42:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:cf:47:4f:24:ee:03:3e:86:50:dd:25:c1:e3:b6:10:74:4a:64:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 16 00:00:00 2023 GMT
Not After : Apr 20 23:59:59 2023 GMT
Subject: serialNumber=1077526ed548dc9f023c158c3fb7e6197a42afa7997dba0353dbaef23ac65896, CN=c336411a-6651-4f13-8ef9-de681c7c9444, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:03:88:50:49:71:78:8f:06:14:da:0f:68:ac:
d0:78:7d:ab:32:ad:03:5d:83:f3:89:72:f1:15:b9:
71:15:29:1a:63:32:29:ba:89:fd:d1:ee:fb:c4:55:
55:36:fa:c2:f4:4c:70:8a:84:b3:ff:02:d1:ae:29:
dd:5d:e5:0e:79:c6:72:f4:e1:1b:5b:bd:d9:22:71:
33:63:17:0b:56:13:b3:c0:f8:cf:b1:c3:7a:1d:13:
aa:4b:fc:3c:ba:7d:35:bf:87:cd:f0:f3:0a:44:39:
de:67:86:d7:84:f3:b4:e0:2d:74:5a:79:66:e3:b4:
4b:6b:3c:ad:3e:ca:3d:e1:e1:04:3b:4a:8a:4f:b5:
bb:24:d9:48:05:71:33:7d:77:32:4f:9a:9e:05:a6:
ee:a2:12:95:4a:44:38:2f:3e:8a:fd:7d:77:f1:1b:
3e:34:5c:97:30:d7:b6:07:e4:42:f3:c2:74:6c:ad:
09:86:06:55:63:05:c7:63:3e:0f:0f:dd:fa:1c:e7:
de:71:73:ce:3d:d4:80:ea:20:30:01:9b:da:35:56:
88:74:9d:61:03:a8:02:50:54:06:c3:ec:d3:d0:a7:
bc:86:d0:f2:7f:9e:7b:cc:a7:80:4f:05:84:3e:5e:
09:3b:14:63:92:8f:3c:3c:06:47:0c:c9:12:ac:f9:
e3:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:79:35:05:32:39:F5:F3:68:7A:24:E4:96:16:1E:12:9B:53:25:7C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f44216c-6452-466e-be4f-93ae1547f6d1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578::/36
Signature Algorithm: sha256WithRSAEncryption
28:12:a5:ce:ec:79:62:cc:9d:1f:50:db:56:ab:68:f3:e8:52:
ef:c2:f8:94:e6:d3:45:68:8b:34:82:88:f8:18:a6:26:1b:0b:
14:0a:1d:7a:c2:d7:42:bf:65:06:9b:fc:96:f2:bb:eb:91:24:
4f:cf:58:76:4a:cb:d4:a7:93:fb:87:23:fb:0d:6f:94:2b:29:
db:f1:66:12:91:c7:4b:29:38:49:11:89:66:98:2a:70:7f:7b:
b3:44:5c:9c:ec:1c:e2:6c:be:36:05:a8:7d:8c:96:1b:ba:66:
7a:54:3d:45:11:fb:62:2a:63:d4:9a:d8:e9:58:b6:b0:ab:06:
ef:42:34:b3:80:3e:b5:35:2b:05:57:1a:83:53:4a:b8:9c:95:
62:d8:3f:84:dc:48:72:49:7d:84:10:fa:63:1b:94:73:3e:b8:
5b:c3:7d:af:c4:d7:6a:7b:67:b3:6f:d0:85:98:00:f1:5e:b2:
c5:34:27:8e:c4:2f:11:77:c2:a3:df:f1:1f:1a:a9:53:49:83:
06:8f:6c:35:39:85:cc:3c:ed:ea:46:76:61:d5:84:8e:a2:92:
5d:3f:61:6f:37:61:50:49:63:51:6f:38:9e:cf:65:fb:c9:dc:
4b:4d:1e:10:d9:7b:d1:83:7c:25:e9:54:80:f4:01:55:25:82:
83:30:0f:6e
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIUTM9HTyTuAz6GUN0lweO2EHRKZGwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzAzMTYwMDAwMDBaFw0yMzA0MjAyMzU5NTlaMIGlMUkwRwYD
VQQFE0AxMDc3NTI2ZWQ1NDhkYzlmMDIzYzE1OGMzZmI3ZTYxOTdhNDJhZmE3OTk3
ZGJhMDM1M2RiYWVmMjNhYzY1ODk2MS0wKwYDVQQDEyRjMzM2NDExYS02NjUxLTRm
MTMtOGVmOS1kZTY4MWM3Yzk0NDQxFDASBgNVBAsTC0FtYXpvbiBSUEtJMRMwEQYD
VQQKEwpBbWF6b24uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
jgOIUElxeI8GFNoPaKzQeH2rMq0DXYPziXLxFblxFSkaYzIpuon90e77xFVVNvrC
9ExwioSz/wLRrindXeUOecZy9OEbW73ZInEzYxcLVhOzwPjPscN6HROqS/w8un01
v4fN8PMKRDneZ4bXhPO04C10Wnlm47RLazytPso94eEEO0qKT7W7JNlIBXEzfXcy
T5qeBabuohKVSkQ4Lz6K/X138Rs+NFyXMNe2B+RC88J0bK0JhgZVYwXHYz4PD936
HOfecXPOPdSA6iAwAZvaNVaIdJ1hA6gCUFQGw+zT0Ke8htDyf557zKeATwWEPl4J
OxRjko88PAZHDMkSrPnjbQIDAQABo4ICIzCCAh8wHQYDVR0OBBYEFIt5NQUyOfXz
aHok5JYWHhKbUyV8MB8GA1UdIwQYMBaAFEU/R0Y1TirRXOfr2Nwh+WwOXIfPMA4G
A1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvUlQ5SFJqVk9LdEZj
NS12WTNDSDViQTVjaDg4LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsGAQUF
BzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5jb20v
dm9sdW1lLzk2N2EyNTVjLWQ2ODAtNDJkMy05ZWMzLWVjYjNmOWRhMDg4Yy83ZjQ0
MjE2Yy02NDUyLTQ2NmUtYmU0Zi05M2FlMTU0N2Y2ZDEucm9hMIGIBgNVHR8EgYAw
fjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
X2xBaTVUSERzUWRQWUE5bm1FVDZvbEh1VmM4LmNybDAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgEFeAAwDQYJ
KoZIhvcNAQELBQADggEBACgSpc7seWLMnR9Q21araPPoUu/C+JTm00VoizSCiPgY
piYbCxQKHXrC10K/ZQab/Jbyu+uRJE/PWHZKy9Snk/uHI/sNb5QrKdvxZhKRx0sp
OEkRiWaYKnB/e7NEXJzsHOJsvjYFqH2Mlhu6ZnpUPUUR+2IqY9Sa2OlYtrCrBu9C
NLOAPrU1KwVXGoNTSriclWLYP4TcSHJJfYQQ+mMblHM+uFvDfa/E12p7Z7Nv0IWY
APFessU0J47ELxF3wqPf8R8aqVNJgwaPbDU5hcw87epGdmHVhI6ikl0/YW83YVBJ
Y1FvOJ7PZfvJ3EtNHhDZe9GDfCXpVID0AVUlgoMwD24=
-----END CERTIFICATE-----
Generated at Thu Mar 16 00:27:05 2023 by rpki-client on console-ams.rpki-client.org