Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80a19bac-b522-4340-8501-74870117a3ce.roa
File: 80a19bac-b522-4340-8501-74870117a3ce.roa (raw, json)
Hash identifier: B9WBawIjwqlyOR2rEeQWU8zXE+SKRknd9Ew/472i0IU=
Subject key identifier: 32:B4:5E:11:40:E6:1C:50:03:43:18:98:77:27:28:E3:67:3D:A6:27
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 26608BF9017FFC44363137AE9AE21514B02395F0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80a19bac-b522-4340-8501-74870117a3ce.roa
Signing time: Wed 15 Mar 2023 00:00:00 +0000
ROA not before: Wed 15 Mar 2023 00:00:00 +0000
ROA not after: Wed 19 Apr 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.80.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 Mar 2023 07:18:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:60:8b:f9:01:7f:fc:44:36:31:37:ae:9a:e2:15:14:b0:23:95:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 15 00:00:00 2023 GMT
Not After : Apr 19 23:59:59 2023 GMT
Subject: serialNumber=a9e67ec75cced391e4d6a3c12fec83b8ad592c67397ea3c258628a22db8226d8, CN=c336411a-6651-4f13-8ef9-de681c7c9444, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:96:71:5b:76:9b:0a:8c:ff:d5:d4:4d:8c:d0:
34:77:0e:f2:d7:3b:59:ce:2e:3b:8d:61:55:97:a0:
c7:ad:13:1f:37:07:ac:1a:f4:7d:a5:2f:b7:11:8e:
7b:59:04:ba:a8:c9:bc:8a:1f:08:7b:ef:35:6d:15:
60:86:ab:f5:ad:14:de:46:e1:9f:b5:68:dd:c2:91:
29:1a:45:41:81:6c:a2:93:6d:de:0f:9d:a4:9a:53:
3f:a5:c8:9d:46:ca:14:7a:a2:d6:76:4d:de:37:f3:
24:56:b9:26:c6:ff:70:f5:c4:cc:c5:48:39:e5:02:
0a:da:12:11:89:63:16:93:15:fc:29:4c:6e:7f:72:
87:8d:56:31:d5:90:5b:92:b4:0b:23:40:5c:d0:eb:
83:72:14:0d:88:09:5d:66:96:0b:ae:9a:25:17:91:
bd:3b:18:17:48:a6:4c:2f:6b:82:a5:ac:21:bc:f8:
d6:47:49:6f:03:15:f6:2d:a2:ce:7b:aa:a2:ff:f5:
da:07:02:20:02:10:9d:9a:3e:0d:d0:38:38:70:82:
da:4f:24:9d:ba:75:8a:d3:62:65:f5:11:22:f4:05:
fd:e2:98:7c:32:99:3a:88:e1:ca:e0:ab:be:53:c8:
de:eb:84:3b:bc:6e:6c:c5:94:3c:ce:1d:f4:13:e5:
50:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:B4:5E:11:40:E6:1C:50:03:43:18:98:77:27:28:E3:67:3D:A6:27
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80a19bac-b522-4340-8501-74870117a3ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.80.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0b:cf:77:7e:78:8e:af:8e:2c:da:31:e8:fc:e5:14:c1:60:24:
af:8c:d3:ed:5c:0d:cb:b9:d6:7c:56:97:a3:70:08:ad:2b:9c:
14:eb:4e:5c:4b:24:4e:47:2e:5a:99:1e:4a:8e:a3:dd:68:41:
76:3a:96:1d:f6:c0:df:1b:1e:c5:3c:fe:30:4e:d8:3b:80:72:
93:44:22:00:8f:03:93:97:59:d0:28:81:9a:cf:5e:b7:8b:3e:
59:1b:fb:1f:f7:87:1b:88:ff:c2:27:75:26:3f:8f:e7:2a:3d:
74:c6:3a:b3:8c:1b:5f:d8:43:e8:50:32:1b:9e:12:c9:21:2f:
52:40:29:2a:9d:7b:7b:51:db:70:95:3b:1e:3a:39:4b:f3:29:
ff:b9:b7:7f:d9:a5:5b:0e:18:df:40:a1:ca:1f:53:00:13:c0:
44:ca:13:60:9f:21:1e:10:f1:9e:0b:b8:48:4f:6c:b5:fc:a6:
a8:a6:1d:95:a9:95:e1:33:08:aa:f0:c3:12:85:72:c0:46:a6:
19:3a:aa:cb:92:a0:0f:88:d2:04:ae:89:8a:fb:d8:de:a2:90:
85:82:a1:aa:99:f6:b7:90:fa:c6:f2:7d:78:e8:42:f5:e2:ed:
43:d0:e1:59:e7:cf:20:b7:15:53:76:89:ba:a7:19:44:af:f3:
b5:73:8e:d5
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIUJmCL+QF//EQ2MTeumuIVFLAjlfAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzAzMTUwMDAwMDBaFw0yMzA0MTkyMzU5NTlaMIGlMUkwRwYD
VQQFE0BhOWU2N2VjNzVjY2VkMzkxZTRkNmEzYzEyZmVjODNiOGFkNTkyYzY3Mzk3
ZWEzYzI1ODYyOGEyMmRiODIyNmQ4MS0wKwYDVQQDEyRjMzM2NDExYS02NjUxLTRm
MTMtOGVmOS1kZTY4MWM3Yzk0NDQxFDASBgNVBAsTC0FtYXpvbiBSUEtJMRMwEQYD
VQQKEwpBbWF6b24uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
uJZxW3abCoz/1dRNjNA0dw7y1ztZzi47jWFVl6DHrRMfNwesGvR9pS+3EY57WQS6
qMm8ih8Ie+81bRVghqv1rRTeRuGftWjdwpEpGkVBgWyik23eD52kmlM/pcidRsoU
eqLWdk3eN/MkVrkmxv9w9cTMxUg55QIK2hIRiWMWkxX8KUxuf3KHjVYx1ZBbkrQL
I0Bc0OuDchQNiAldZpYLrpolF5G9OxgXSKZML2uCpawhvPjWR0lvAxX2LaLOe6qi
//XaBwIgAhCdmj4N0Dg4cILaTySdunWK02Jl9REi9AX94ph8Mpk6iOHK4Ku+U8je
64Q7vG5sxZQ8zh30E+VQ1QIDAQABo4ICIDCCAhwwHQYDVR0OBBYEFDK0XhFA5hxQ
A0MYmHcnKONnPaYnMB8GA1UdIwQYMBaAFEU/R0Y1TirRXOfr2Nwh+WwOXIfPMA4G
A1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvUlQ5SFJqVk9LdEZj
NS12WTNDSDViQTVjaDg4LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsGAQUF
BzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5jb20v
dm9sdW1lLzk2N2EyNTVjLWQ2ODAtNDJkMy05ZWMzLWVjYjNmOWRhMDg4Yy84MGEx
OWJhYy1iNTIyLTQzNDAtODUwMS03NDg3MDExN2EzY2Uucm9hMIGIBgNVHR8EgYAw
fjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
X2xBaTVUSERzUWRQWUE5bm1FVDZvbEh1VmM4LmNybDAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAM1AwDQYJKoZI
hvcNAQELBQADggEBAAvPd354jq+OLNox6PzlFMFgJK+M0+1cDcu51nxWl6NwCK0r
nBTrTlxLJE5HLlqZHkqOo91oQXY6lh32wN8bHsU8/jBO2DuAcpNEIgCPA5OXWdAo
gZrPXreLPlkb+x/3hxuI/8IndSY/j+cqPXTGOrOMG1/YQ+hQMhueEskhL1JAKSqd
e3tR23CVOx46OUvzKf+5t3/ZpVsOGN9AocofUwATwETKE2CfIR4Q8Z4LuEhPbLX8
pqimHZWpleEzCKrwwxKFcsBGphk6qsuSoA+I0gSuiYr72N6ikIWCoaqZ9reQ+sby
fXjoQvXi7UPQ4VnnzyC3FVN2ibqnGUSv87VzjtU=
-----END CERTIFICATE-----
Generated at Wed Mar 15 11:43:19 2023 by rpki-client on console-ams.rpki-client.org