Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa
File: 95019996-0ef4-4f98-90e2-dd7efc004375.roa (raw, json)
Hash identifier: pogu+qxoEPfH7cFlrgsg2w9bQbPc0EQn137pB9ivYOQ=
Subject key identifier: 81:BD:10:55:7B:FB:1D:F6:59:73:D8:87:7B:F0:98:43:37:A7:41:1A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 036C73E3FA04BC5B638EBD28170B2B4731ECF02D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 159.244.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:6c:73:e3:fa:04:bc:5b:63:8e:bd:28:17:0b:2b:47:31:ec:f0:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=25b27c3dc2e18abffb77e5363e8193ba4b17025523004810fe642eb5430a8bc7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:48:d5:2b:c5:0f:3e:d9:51:ce:61:9a:33:de:
82:95:84:3b:3b:39:98:ef:62:a3:54:4a:90:f6:67:
b2:e4:6b:0e:78:e6:fc:39:4a:5a:78:09:fc:55:fd:
93:c8:f2:1e:2c:13:c6:6f:b7:6b:b0:26:7d:b2:d4:
9a:26:01:1d:7e:6f:96:c9:d6:c3:f5:93:c1:34:7b:
49:ac:4f:ba:1c:a3:d7:7f:c6:e0:39:e5:f6:58:5c:
c9:ef:81:73:ef:16:ac:21:14:1a:c7:94:01:11:33:
1a:5f:ee:30:e2:b6:b8:d2:63:17:ac:89:38:87:d4:
9a:29:3c:4a:00:0c:1e:45:f3:a7:25:f9:7d:46:dd:
4f:4c:95:8a:7f:ea:53:93:ff:20:56:4d:1b:cc:83:
cf:5e:ec:b3:ce:35:46:d3:8e:a3:a3:22:ca:71:20:
40:d4:14:61:b2:c5:ea:0a:99:59:bd:6c:f2:70:2e:
db:a6:cd:15:e3:ba:19:77:53:89:23:4d:7e:2c:d7:
9e:58:7d:dc:bd:28:af:ea:b8:8e:e8:c4:72:ff:a6:
ab:6d:f7:4b:cb:ad:62:64:2d:24:fa:58:5c:5b:46:
62:cb:56:14:96:79:7d:68:9f:c8:15:de:e9:a5:43:
6c:f1:6c:83:3c:21:69:65:e2:64:dd:0f:3f:b6:f8:
92:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:BD:10:55:7B:FB:1D:F6:59:73:D8:87:7B:F0:98:43:37:A7:41:1A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.244.0.0/16
Signature Algorithm: sha256WithRSAEncryption
90:1c:61:1e:08:2e:21:ec:9f:9a:56:3f:8d:37:08:3f:64:56:
8f:56:0a:fc:63:2f:5f:b1:97:87:30:7a:49:fe:2f:77:3d:34:
44:f0:54:f9:94:d0:0b:7f:59:0f:b9:15:e5:2c:92:40:d4:0d:
90:dc:d4:51:65:59:14:74:f2:8d:f7:28:1a:9b:db:de:40:e4:
29:b5:53:b8:4f:db:88:32:90:29:0d:ae:8b:a7:e6:3b:01:36:
8f:11:9a:f0:14:a9:8c:95:3d:25:26:c9:b2:a1:d2:9b:c8:c0:
75:03:d8:d2:06:8e:5c:6d:ba:5e:df:e3:60:ee:56:4f:04:0a:
6a:7a:7e:fb:26:3a:fb:6b:b1:9b:75:23:02:ec:86:a6:77:7b:
74:54:d3:60:fc:c9:12:80:67:49:95:2d:7c:76:68:fc:46:6b:
a7:10:d9:69:4a:f8:c7:7e:6e:0b:d6:7f:1e:d1:02:d3:ef:57:
b2:2a:81:29:0d:cc:45:a3:16:40:08:5a:0d:e0:0e:9f:a1:1d:
5c:9f:7e:c5:73:01:8b:d7:d5:41:58:18:6b:f8:45:22:f5:58:
17:0f:07:b1:2c:76:c1:24:d4:f3:7d:54:75:f0:33:6b:4a:d9:
82:79:b6:b1:ca:f6:60:9d:54:b7:e7:ec:83:07:92:4c:25:72:
51:96:90:80
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUA2xz4/oEvFtjjr0oFwsrRzHs8C0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1YjI3YzNkYzJlMThhYmZmYjc3ZTUzNjNlODE5M2JhNGIxNzAyNTUyMzAw
NDgxMGZlNjQyZWI1NDMwYThiYzcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK5I1SvFDz7ZUc5hmjPegpWEOzs5mO9io1RKkPZnsuRrDnjm/DlKWngJ/FX9
k8jyHiwTxm+3a7AmfbLUmiYBHX5vlsnWw/WTwTR7SaxPuhyj13/G4Dnl9lhcye+B
c+8WrCEUGseUAREzGl/uMOK2uNJjF6yJOIfUmik8SgAMHkXzpyX5fUbdT0yVin/q
U5P/IFZNG8yDz17ss841RtOOo6MiynEgQNQUYbLF6gqZWb1s8nAu26bNFeO6GXdT
iSNNfizXnlh93L0or+q4jujEcv+mq233S8utYmQtJPpYXFtGYstWFJZ5fWifyBXe
6aVDbPFsgzwhaWXiZN0PP7b4kl0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSBvRBV
e/sd9llz2Id78JhDN6dBGjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTUwMTk5OTYtMGVmNC00Zjk4LTkwZTItZGQ3ZWZjMDA0Mzc1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/0MA0G
CSqGSIb3DQEBCwUAA4IBAQCQHGEeCC4h7J+aVj+NNwg/ZFaPVgr8Yy9fsZeHMHpJ
/i93PTRE8FT5lNALf1kPuRXlLJJA1A2Q3NRRZVkUdPKN9ygam9veQOQptVO4T9uI
MpApDa6Lp+Y7ATaPEZrwFKmMlT0lJsmyodKbyMB1A9jSBo5cbbpe3+Ng7lZPBApq
en77Jjr7a7GbdSMC7Iamd3t0VNNg/MkSgGdJlS18dmj8RmunENlpSvjHfm4L1n8e
0QLT71eyKoEpDcxFoxZACFoN4A6foR1cn37FcwGL19VBWBhr+EUi9VgXDwexLHbB
JNTzfVR18DNrStmCebaxyvZgnVS35+yDB5JMJXJRlpCA
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:28 2023 by rpki-client on console-ams.rpki-client.org