Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
File: 7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa (raw, json)
Hash identifier: FhgPm7Tmj4xfTEDATr7ERevPlhsoLVWw/g7cbslbC/s=
Subject key identifier: B4:29:63:F9:38:B7:90:0B:9D:0A:52:2E:16:A8:83:34:26:8E:27:44
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1129F9F9AC9A4E76E250CC5391CF54F7A6ED4DB9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 57.65.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Sep 2023 23:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:29:f9:f9:ac:9a:4e:76:e2:50:cc:53:91:cf:54:f7:a6:ed:4d:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=14fc28040c05c66f30618b2de80f73edf51021debcaf04222629fc406317f5ef, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3c:02:3b:1c:8d:d3:79:7b:cf:a6:5f:6c:f4:
f5:fb:02:92:60:42:23:13:08:b2:48:8d:57:65:92:
06:ec:eb:67:5b:c1:f5:1f:66:dd:ca:61:62:f8:4d:
e1:89:f6:89:5d:e0:cd:51:3f:3e:f1:81:c0:1a:47:
e8:e0:55:b8:fa:75:11:e1:a1:cf:77:0d:65:ec:d2:
71:88:1e:c3:b2:6c:2f:80:a6:d1:dc:e9:a9:ee:9f:
47:c6:31:d9:1f:2d:2d:05:cc:b9:af:94:2e:ce:e8:
82:fe:6f:8c:91:32:85:17:cd:80:87:1a:21:19:1c:
71:38:15:4e:85:a6:bc:0a:94:90:cf:7f:db:45:9b:
79:f8:44:cb:49:74:07:00:89:c9:06:ba:ba:ab:7f:
b8:f3:ff:79:db:73:a8:7b:5f:9a:88:f2:11:84:e0:
62:c0:4d:19:7b:13:f5:09:45:87:16:87:7b:3b:b9:
da:42:51:9e:60:18:e0:15:81:f5:f3:7d:77:65:44:
c0:64:a7:29:e4:8c:87:32:b5:35:c1:bd:e5:d5:c1:
18:88:d7:87:56:59:a1:dd:9c:ae:54:ae:83:2a:a7:
4b:f1:bf:53:bd:56:fd:78:b3:e9:08:4c:df:79:8b:
1f:77:e3:30:d4:32:95:30:a0:01:00:03:65:6e:ec:
07:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:29:63:F9:38:B7:90:0B:9D:0A:52:2E:16:A8:83:34:26:8E:27:44
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.65.0.0/16
Signature Algorithm: sha256WithRSAEncryption
84:57:a4:66:52:02:e7:cb:b1:80:18:1d:e9:d7:18:a5:5c:48:
e6:08:d0:b4:63:ce:4f:40:34:4a:3f:6e:c8:83:0d:90:71:03:
ce:4f:8f:74:1e:a5:6f:67:93:d5:45:08:ab:8a:1f:f5:2f:5e:
19:2a:3c:29:41:6f:b8:b8:e5:f4:da:57:25:76:d9:4f:d3:ca:
20:73:b1:38:90:16:b5:dd:8d:91:7f:26:b2:67:61:2d:c9:33:
9f:28:46:81:9d:87:30:07:21:36:09:ab:0a:4d:88:89:b5:1c:
f7:a7:9c:b4:18:74:e0:fe:d8:7a:b9:cc:f5:9a:94:5d:b7:74:
d3:f2:0d:63:cc:bb:0e:9a:b7:cc:52:8e:62:92:cc:64:4e:89:
cd:f8:f2:d7:c6:c6:50:3b:6f:45:c0:03:27:77:d5:03:4d:c8:
0c:43:eb:5f:d6:fd:f0:57:55:13:21:34:00:68:fe:b3:7d:28:
96:ca:43:c6:1c:22:18:9a:e3:a1:83:78:1b:be:52:fb:af:35:
02:76:02:e5:d5:6e:39:cf:f9:46:fa:5c:fc:72:58:a3:02:0a:
3b:bd:ac:84:9b:e3:68:0d:eb:1e:b1:36:c4:6a:f2:4e:a3:c1:
e4:5b:73:26:b2:38:d0:df:e3:29:92:69:27:b6:9b:07:e9:f2:
10:1a:05:43
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUESn5+ayaTnbiUMxTkc9U96btTbkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0ZmMyODA0MGMwNWM2NmYzMDYxOGIyZGU4MGY3M2VkZjUxMDIxZGViY2Fm
MDQyMjI2MjlmYzQwNjMxN2Y1ZWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKE8AjscjdN5e8+mX2z09fsCkmBCIxMIskiNV2WSBuzrZ1vB9R9m3cphYvhN
4Yn2iV3gzVE/PvGBwBpH6OBVuPp1EeGhz3cNZezScYgew7JsL4Cm0dzpqe6fR8Yx
2R8tLQXMua+ULs7ogv5vjJEyhRfNgIcaIRkccTgVToWmvAqUkM9/20WbefhEy0l0
BwCJyQa6uqt/uPP/edtzqHtfmojyEYTgYsBNGXsT9QlFhxaHezu52kJRnmAY4BWB
9fN9d2VEwGSnKeSMhzK1NcG95dXBGIjXh1ZZod2crlSugyqnS/G/U71W/Xiz6QhM
33mLH3fjMNQylTCgAQADZW7sB4MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS0KWP5
OLeQC50KUi4WqIM0Jo4nRDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2Y1YzMwZDAtZWZhOC00MWMwLWFhN2QtYzUwMTZlOTMxNWQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlBMA0G
CSqGSIb3DQEBCwUAA4IBAQCEV6RmUgLny7GAGB3p1xilXEjmCNC0Y85PQDRKP27I
gw2QcQPOT490HqVvZ5PVRQirih/1L14ZKjwpQW+4uOX02lcldtlP08ogc7E4kBa1
3Y2RfyayZ2EtyTOfKEaBnYcwByE2CasKTYiJtRz3p5y0GHTg/th6ucz1mpRdt3TT
8g1jzLsOmrfMUo5iksxkTonN+PLXxsZQO29FwAMnd9UDTcgMQ+tf1v3wV1UTITQA
aP6zfSiWykPGHCIYmuOhg3gbvlL7rzUCdgLl1W45z/lG+lz8clijAgo7vayEm+No
DesesTbEavJOo8HkW3MmsjjQ3+MpkmkntpsH6fIQGgVD
-----END CERTIFICATE-----
Generated at Fri Sep 8 00:23:34 2023 by rpki-client on console-fra.rpki-client.org