Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
File: 83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa (raw, json)
Hash identifier: pxNFaUI8L4OshOz2/Lh0Ajfw4Mgq+jugUEmswB8IsBc=
Subject key identifier: A0:FA:DF:C9:2E:92:EB:51:69:34:D1:0E:75:B3:56:F2:99:EF:B9:9A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 59355803EE828FF2DF4FE64E2DD4B1A8F77C5AA5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
Signing time: Tue 03 Oct 2023 00:00:00 +0000
ROA not before: Tue 03 Oct 2023 00:00:00 +0000
ROA not after: Tue 07 Nov 2023 23:59:59 +0000
asID: 16509
IP address blocks: 213.72.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Oct 2023 08:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:35:58:03:ee:82:8f:f2:df:4f:e6:4e:2d:d4:b1:a8:f7:7c:5a:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 3 00:00:00 2023 GMT
Not After : Nov 7 23:59:59 2023 GMT
Subject: serialNumber=fa9d194bcc2a839d310b7361c8a9fd37e40e2d46d22404b5c0487fd95df7dd12, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:52:c9:ea:3e:44:4e:29:2d:11:cb:b3:97:a5:
98:e1:26:79:5f:93:b6:87:69:19:26:cd:7b:fb:c1:
70:dd:45:15:cc:aa:27:91:93:c6:9f:7f:a5:a8:73:
a4:ea:32:e5:32:83:6a:8a:47:fe:ba:df:43:1d:1c:
b6:83:2d:ef:82:2f:9b:5c:1e:f6:b2:e6:cf:38:4f:
cc:f3:b8:63:ae:70:fa:88:5e:ca:83:9b:26:30:48:
39:d5:a0:1c:30:6f:e2:86:da:f5:40:7e:e2:0e:84:
cb:d6:79:ad:2e:4b:a5:ea:8b:ea:4a:a9:36:77:e8:
b1:ce:e4:80:0c:8c:54:20:67:db:96:b0:2b:a8:f6:
67:a9:8c:16:cc:84:ee:68:0b:7d:44:e4:d6:6a:35:
1a:18:f1:dc:7e:7e:76:98:d1:a8:51:cb:d3:43:c6:
42:a6:b5:71:af:11:9f:91:51:99:ee:9a:32:1d:fa:
80:05:33:56:33:b7:33:b5:cf:49:a4:a7:88:4f:77:
42:d1:4e:99:04:a8:5e:47:21:58:1b:4c:31:f4:17:
b1:1e:30:51:57:85:8d:1c:5f:ed:63:1a:33:5a:ea:
dd:9e:37:ef:c7:69:1a:99:c2:91:07:62:55:aa:9d:
98:7f:af:70:6a:a2:e5:c6:ea:8e:2f:83:4e:9c:ba:
79:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:FA:DF:C9:2E:92:EB:51:69:34:D1:0E:75:B3:56:F2:99:EF:B9:9A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.0.0/17
Signature Algorithm: sha256WithRSAEncryption
2d:11:b2:79:60:70:7d:56:3a:fb:39:22:87:51:ed:fc:36:ff:
86:48:a6:0c:da:3e:36:e3:12:58:89:6c:16:35:fe:a4:fc:d0:
bd:df:14:75:0d:80:82:77:01:0b:9b:d8:91:65:5f:7b:48:57:
92:43:d3:9a:dc:ed:db:51:bd:a3:6e:40:cd:92:7d:a7:d5:18:
59:76:7f:31:4e:bb:d8:4b:bb:f9:6f:2c:b1:f5:d9:72:24:c4:
e4:c7:26:13:99:45:2d:85:3b:68:aa:13:48:1b:19:d3:9d:23:
c2:b6:7c:a6:df:bf:47:fd:ff:1c:ac:1e:a2:97:a1:8e:3b:d9:
9f:36:7c:69:b2:c8:3f:8c:f9:d6:bd:9f:35:27:76:79:25:e0:
42:43:0c:4e:43:4c:5a:21:3f:2c:1b:45:7b:11:85:09:e1:66:
54:05:b0:7a:f3:c8:d4:ee:93:bf:4b:57:26:ae:82:b0:39:fd:
89:f3:45:ba:a0:82:43:8a:db:58:30:86:04:f8:e7:95:10:a0:
e7:ee:8c:3e:69:e7:14:62:07:35:73:48:a0:68:6a:2c:76:cb:
59:09:16:01:54:31:3f:b5:bf:aa:3b:b3:1f:c1:af:33:d8:04:
c6:9d:ab:1c:fe:49:65:36:8c:a5:fd:a9:e0:4a:fb:9a:84:8d:
13:02:db:f6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWTVYA+6Cj/LfT+ZOLdSxqPd8WqUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzEwMDMwMDAwMDBaFw0yMzExMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGZhOWQxOTRiY2MyYTgzOWQzMTBiNzM2MWM4YTlmZDM3ZTQwZTJkNDZkMjI0
MDRiNWMwNDg3ZmQ5NWRmN2RkMTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMpSyeo+RE4pLRHLs5elmOEmeV+TtodpGSbNe/vBcN1FFcyqJ5GTxp9/pahz
pOoy5TKDaopH/rrfQx0ctoMt74Ivm1we9rLmzzhPzPO4Y65w+oheyoObJjBIOdWg
HDBv4oba9UB+4g6Ey9Z5rS5LpeqL6kqpNnfosc7kgAyMVCBn25awK6j2Z6mMFsyE
7mgLfUTk1mo1Ghjx3H5+dpjRqFHL00PGQqa1ca8Rn5FRme6aMh36gAUzVjO3M7XP
SaSniE93QtFOmQSoXkchWBtMMfQXsR4wUVeFjRxf7WMaM1rq3Z4378dpGpnCkQdi
VaqdmH+vcGqi5cbqji+DTpy6eWECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSg+t/J
LpLrUWk00Q51s1byme+5mjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNhM2RiZDUtMDU5YS00Zjk1LWI1NWItMjZjNzg2ZjkxZTNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIADAN
BgkqhkiG9w0BAQsFAAOCAQEALRGyeWBwfVY6+zkih1Ht/Db/hkimDNo+NuMSWIls
FjX+pPzQvd8UdQ2AgncBC5vYkWVfe0hXkkPTmtzt21G9o25AzZJ9p9UYWXZ/MU67
2Eu7+W8ssfXZciTE5McmE5lFLYU7aKoTSBsZ050jwrZ8pt+/R/3/HKweopehjjvZ
nzZ8abLIP4z51r2fNSd2eSXgQkMMTkNMWiE/LBtFexGFCeFmVAWwevPI1O6Tv0tX
Jq6CsDn9ifNFuqCCQ4rbWDCGBPjnlRCg5+6MPmnnFGIHNXNIoGhqLHbLWQkWAVQx
P7W/qjuzH8GvM9gExp2rHP5JZTaMpf2p4Er7moSNEwLb9g==
-----END CERTIFICATE-----
Generated at Tue Oct 3 15:23:04 2023 by rpki-client on console-fra.rpki-client.org