Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9d2253ee-c082-458b-b16d-cb41103c4262.roa
File: 9d2253ee-c082-458b-b16d-cb41103c4262.roa (raw, json)
Hash identifier: 5tc67Ciql/pe4yubtoKU2IMVH23KRgltRxQWlQjvoOs=
Subject key identifier: D6:BA:87:3D:F5:8C:97:0A:7C:FF:4B:A6:A1:B6:94:E8:75:78:26:D8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 02AF696EF4F485DC4473E1B88517226D419E9A28
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9d2253ee-c082-458b-b16d-cb41103c4262.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:1400::/38 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:af:69:6e:f4:f4:85:dc:44:73:e1:b8:85:17:22:6d:41:9e:9a:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=3b5dec0cd6c95d1237f0e74738e72efe524ff9a4d2aae810bc8b3b6a56169ab6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b9:91:80:2e:61:39:ff:05:fa:d6:1f:69:f3:
1c:7a:95:80:e4:62:0f:dd:a2:9b:4e:d7:d5:21:38:
e8:62:e0:0b:3a:5f:5f:4a:98:97:be:f2:78:5f:e7:
6f:0f:91:22:80:b1:db:1b:e2:66:13:2c:6a:3d:48:
ba:3d:bc:8c:e3:b4:a6:43:e1:2b:a3:1a:5c:33:65:
a4:0f:39:20:b0:f4:03:5a:2f:59:bb:40:34:0c:6a:
09:66:7a:ae:ba:5d:71:4d:44:b6:5c:1e:08:1f:c0:
2b:a6:10:c6:87:e6:ad:ab:b3:0a:35:e6:8c:3e:f8:
f6:2e:8a:69:da:40:4f:a6:f7:7f:5f:c7:83:9a:32:
8c:16:db:0b:7b:40:58:9b:5c:ac:7c:af:82:f1:03:
1c:f4:1b:7d:73:07:02:17:73:9f:e6:45:4b:0f:ba:
c9:11:f4:79:e8:c7:e2:95:a5:3c:e8:01:c5:2e:3a:
3d:9f:8b:99:28:af:fc:fc:56:ec:da:09:1d:2e:18:
6e:b2:c7:0f:3b:a2:9e:95:45:1f:88:2a:fb:cf:9a:
ce:dc:46:58:eb:89:a9:d3:b2:0c:1d:1e:61:eb:cc:
85:5b:8d:bb:99:cf:8e:52:73:d2:93:12:e5:3a:72:
84:97:7b:fa:d2:f6:6f:6f:04:af:22:40:ed:1e:8c:
6d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:BA:87:3D:F5:8C:97:0A:7C:FF:4B:A6:A1:B6:94:E8:75:78:26:D8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9d2253ee-c082-458b-b16d-cb41103c4262.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1400::/38
Signature Algorithm: sha256WithRSAEncryption
a8:31:7e:e4:e9:4e:78:f5:f2:b1:d4:a4:35:91:9d:54:21:09:
55:39:1d:59:0a:95:1b:b7:52:00:dc:8c:96:f0:cd:c7:d7:80:
25:55:8a:e4:aa:71:ca:89:b9:f3:40:fb:b3:0b:44:e8:72:94:
a8:fa:50:c1:5c:d6:69:88:ad:1c:6e:19:40:b3:8d:0f:e1:d9:
86:25:45:32:9a:a5:4f:d7:63:e8:8a:4e:8e:01:22:e5:40:7e:
e0:bd:1e:11:4d:79:0b:90:a6:c3:10:e7:fa:96:f3:78:68:fd:
9a:0f:a4:27:11:19:fd:c4:4f:73:36:74:31:f0:40:a3:7a:1f:
49:22:73:aa:2b:e9:a2:b3:50:89:fe:85:c1:3d:85:6f:3d:7f:
fa:52:c1:de:c8:91:d0:0f:9d:f5:1d:aa:32:d0:0e:12:14:e3:
e6:55:be:24:d5:2a:b2:20:59:ed:6d:21:8b:6d:33:30:a1:45:
b2:7c:c3:4e:c3:1c:32:eb:5d:b9:ad:4f:4b:98:db:1e:72:3a:
b3:97:86:db:d9:9b:68:0a:25:bc:2c:0d:79:9b:2a:f9:83:29:
62:d2:19:fe:14:16:49:51:0c:34:8a:70:20:94:2e:56:bf:42:
dd:0e:80:f5:d5:b0:99:95:98:64:54:dd:dc:15:2c:fb:17:85:
60:85:f6:6c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAq9pbvT0hdxEc+G4hRcibUGemigwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDNiNWRlYzBjZDZjOTVkMTIzN2YwZTc0NzM4ZTcyZWZlNTI0ZmY5YTRkMmFh
ZTgxMGJjOGIzYjZhNTYxNjlhYjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMq5kYAuYTn/BfrWH2nzHHqVgORiD92im07X1SE46GLgCzpfX0qYl77yeF/n
bw+RIoCx2xviZhMsaj1Iuj28jOO0pkPhK6MaXDNlpA85ILD0A1ovWbtANAxqCWZ6
rrpdcU1EtlweCB/AK6YQxofmrauzCjXmjD749i6KadpAT6b3f1/Hg5oyjBbbC3tA
WJtcrHyvgvEDHPQbfXMHAhdzn+ZFSw+6yRH0eejH4pWlPOgBxS46PZ+LmSiv/PxW
7NoJHS4YbrLHDzuinpVFH4gq+8+aztxGWOuJqdOyDB0eYevMhVuNu5nPjlJz0pMS
5TpyhJd7+tL2b28EryJA7R6Mba8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTWuoc9
9YyXCnz/S6ahtpTodXgm2DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWQyMjUzZWUtYzA4Mi00NThiLWIxNmQtY2I0MTEwM2M0MjYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioBBXgU
MA0GCSqGSIb3DQEBCwUAA4IBAQCoMX7k6U549fKx1KQ1kZ1UIQlVOR1ZCpUbt1IA
3IyW8M3H14AlVYrkqnHKibnzQPuzC0TocpSo+lDBXNZpiK0cbhlAs40P4dmGJUUy
mqVP12Poik6OASLlQH7gvR4RTXkLkKbDEOf6lvN4aP2aD6QnERn9xE9zNnQx8ECj
eh9JInOqK+mis1CJ/oXBPYVvPX/6UsHeyJHQD531Haoy0A4SFOPmVb4k1SqyIFnt
bSGLbTMwoUWyfMNOwxwy6125rU9LmNsecjqzl4bb2ZtoCiW8LA15myr5gyli0hn+
FBZJUQw0inAglC5Wv0LdDoD11bCZlZhkVN3cFSz7F4VghfZs
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:47:32 2023 by rpki-client on console-fra.rpki-client.org