Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9e56510b-5f1c-47f6-8a54-2ef9c96c572c.roa
File: 9e56510b-5f1c-47f6-8a54-2ef9c96c572c.roa (raw, json)
Hash identifier: C3YnlC55PWT7YsKj2S3bURBTiWvNu79nz1HVU/kdU/0=
Subject key identifier: DE:FC:05:44:36:63:24:71:75:A0:62:0F:83:A4:08:78:E2:17:C3:A8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2239BF158782BEC13BA327F239AA6977C902952B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9e56510b-5f1c-47f6-8a54-2ef9c96c572c.roa
Signing time: Thu 16 Mar 2023 00:00:00 +0000
ROA not before: Thu 16 Mar 2023 00:00:00 +0000
ROA not after: Thu 20 Apr 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.74.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 Mar 2023 21:42:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:39:bf:15:87:82:be:c1:3b:a3:27:f2:39:aa:69:77:c9:02:95:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 16 00:00:00 2023 GMT
Not After : Apr 20 23:59:59 2023 GMT
Subject: serialNumber=2e83ba33c387f8aeef12efc622e14a61035562c83db5cbe3732107625fca82df, CN=c336411a-6651-4f13-8ef9-de681c7c9444, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f9:84:e2:51:13:6a:be:7e:d1:af:84:84:b3:
67:b1:2f:65:49:4a:51:b3:25:a4:bb:89:83:a8:3b:
2b:93:f2:d3:78:ee:7a:7b:10:43:18:55:e5:ad:8f:
8c:fd:23:bd:e2:25:dc:ff:05:79:1c:58:fd:8f:e0:
71:e1:e0:51:db:36:40:d4:c5:8e:a6:0c:a8:ba:b7:
81:31:30:5f:f0:47:72:0b:ef:c3:0a:b5:0d:52:9a:
04:94:22:29:61:01:b2:f4:86:2d:e0:96:7e:cb:66:
2d:d8:0b:d1:94:8b:5a:cb:47:ae:cf:d0:ba:b3:4f:
53:0a:7a:04:ef:3c:46:39:8b:02:34:55:6f:fe:fe:
fb:4f:59:fa:d8:0f:bd:9d:2e:07:dd:ca:6b:6c:8f:
b9:04:31:6d:27:83:46:bb:3a:6e:c7:82:a7:57:1d:
c7:fe:1b:10:8b:89:84:88:8e:c5:08:96:42:72:fa:
47:9b:dc:92:f5:bd:6c:c3:f3:d7:93:41:0e:fc:65:
7d:e9:5b:fa:d0:49:5d:75:2d:c9:c5:16:41:77:75:
01:e6:3e:e6:0f:0b:41:93:17:3f:cd:25:df:96:a0:
d7:ce:59:44:a5:62:cc:cb:20:78:03:04:33:77:e2:
f9:c1:cd:ff:2e:8c:c1:87:d4:6c:e6:4d:a9:4b:50:
0d:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:FC:05:44:36:63:24:71:75:A0:62:0F:83:A4:08:78:E2:17:C3:A8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9e56510b-5f1c-47f6-8a54-2ef9c96c572c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.74.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ae:24:8c:27:0a:68:22:e6:ce:67:bc:40:50:9c:2a:28:ca:8b:
50:5f:ad:86:41:43:c8:ba:de:46:21:02:bb:52:83:d4:c5:93:
95:9f:3e:c6:66:8f:db:48:ec:b3:2e:5b:76:96:31:f3:76:47:
26:c9:1e:f5:43:23:f7:cc:c7:e6:1d:2a:f6:84:01:1c:52:03:
6e:2e:9b:6f:05:cc:1c:3e:8f:a4:cc:d1:0a:a6:64:fc:25:c0:
41:c3:68:88:6c:d3:ab:90:1f:56:a1:10:5f:0a:da:77:31:72:
24:19:4e:b4:36:0a:6f:eb:66:3c:79:77:ed:81:5d:4d:fe:c3:
dd:6d:96:e1:1f:2c:f7:09:0e:af:7c:38:e4:bb:33:16:be:00:
85:af:b7:40:da:0f:fe:cf:61:e9:3d:7f:80:3c:17:fd:ff:7f:
b7:19:b2:56:49:58:bd:86:92:a2:5f:9d:6f:9f:38:0a:c8:9c:
92:d7:56:e3:01:26:09:46:14:51:dc:38:ca:22:6c:88:7f:3a:
6a:05:08:6b:43:92:fe:b1:04:83:c7:34:6d:65:75:2c:15:05:
e5:27:4f:7d:a0:03:47:60:1e:bd:47:ce:fa:47:d9:a6:e2:ae:
92:3d:92:00:00:c5:95:d1:b8:09:81:b7:eb:07:1d:55:6f:5c:
3a:4d:96:6d
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIUIjm/FYeCvsE7oyfyOappd8kClSswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzAzMTYwMDAwMDBaFw0yMzA0MjAyMzU5NTlaMIGlMUkwRwYD
VQQFE0AyZTgzYmEzM2MzODdmOGFlZWYxMmVmYzYyMmUxNGE2MTAzNTU2MmM4M2Ri
NWNiZTM3MzIxMDc2MjVmY2E4MmRmMS0wKwYDVQQDEyRjMzM2NDExYS02NjUxLTRm
MTMtOGVmOS1kZTY4MWM3Yzk0NDQxFDASBgNVBAsTC0FtYXpvbiBSUEtJMRMwEQYD
VQQKEwpBbWF6b24uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
ivmE4lETar5+0a+EhLNnsS9lSUpRsyWku4mDqDsrk/LTeO56exBDGFXlrY+M/SO9
4iXc/wV5HFj9j+Bx4eBR2zZA1MWOpgyoureBMTBf8EdyC+/DCrUNUpoElCIpYQGy
9IYt4JZ+y2Yt2AvRlItay0euz9C6s09TCnoE7zxGOYsCNFVv/v77T1n62A+9nS4H
3cprbI+5BDFtJ4NGuzpux4KnVx3H/hsQi4mEiI7FCJZCcvpHm9yS9b1sw/PXk0EO
/GV96Vv60ElddS3JxRZBd3UB5j7mDwtBkxc/zSXflqDXzllEpWLMyyB4AwQzd+L5
wc3/LozBh9Rs5k2pS1AN2QIDAQABo4ICIDCCAhwwHQYDVR0OBBYEFN78BUQ2YyRx
daBiD4OkCHjiF8OoMB8GA1UdIwQYMBaAFEU/R0Y1TirRXOfr2Nwh+WwOXIfPMA4G
A1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvUlQ5SFJqVk9LdEZj
NS12WTNDSDViQTVjaDg4LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsGAQUF
BzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5jb20v
dm9sdW1lLzk2N2EyNTVjLWQ2ODAtNDJkMy05ZWMzLWVjYjNmOWRhMDg4Yy85ZTU2
NTEwYi01ZjFjLTQ3ZjYtOGE1NC0yZWY5Yzk2YzU3MmMucm9hMIGIBgNVHR8EgYAw
fjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
X2xBaTVUSERzUWRQWUE5bm1FVDZvbEh1VmM4LmNybDAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAM0owDQYJKoZI
hvcNAQELBQADggEBAK4kjCcKaCLmzme8QFCcKijKi1BfrYZBQ8i63kYhArtSg9TF
k5WfPsZmj9tI7LMuW3aWMfN2RybJHvVDI/fMx+YdKvaEARxSA24um28FzBw+j6TM
0QqmZPwlwEHDaIhs06uQH1ahEF8K2ncxciQZTrQ2Cm/rZjx5d+2BXU3+w91tluEf
LPcJDq98OOS7Mxa+AIWvt0DaD/7PYek9f4A8F/3/f7cZslZJWL2GkqJfnW+fOArI
nJLXVuMBJglGFFHcOMoibIh/OmoFCGtDkv6xBIPHNG1ldSwVBeUnT32gA0dgHr1H
zvpH2abirpI9kgAAxZXRuAmBt+sHHVVvXDpNlm0=
-----END CERTIFICATE-----
Generated at Thu Mar 16 00:30:03 2023 by rpki-client on console-fra.rpki-client.org