Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e0df42cc-1c70-4e5b-93da-3f66cef93a84.roa
File: e0df42cc-1c70-4e5b-93da-3f66cef93a84.roa (raw, json)
Hash identifier: oRgZ65ekBF9lsUyIVaHr+HsaHGwliqm0ryQjgw09sD4=
Subject key identifier: 88:42:A7:D6:C8:AA:7F:4C:1E:13:3B:C5:49:E8:A4:31:10:F4:F5:F3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 17C37388AA41746ADFA08C5F3197D2447EE17BCF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e0df42cc-1c70-4e5b-93da-3f66cef93a84.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:1040::/42 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Sep 2023 23:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:c3:73:88:aa:41:74:6a:df:a0:8c:5f:31:97:d2:44:7e:e1:7b:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=dcc47fe567231cb1c8ffb45351ffe96413252d7985961e327882ad9c0b1a10e0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:96:9c:f8:2d:23:07:d8:ab:4b:fa:9d:84:56:
5a:3e:14:03:7c:71:b7:6c:ba:4f:ff:0a:61:3f:60:
3b:1c:f7:00:91:85:ac:ae:84:f1:28:82:82:f0:48:
80:0b:c2:93:0e:74:18:47:d0:da:93:ef:94:9f:9e:
5a:99:11:09:94:71:1b:e0:b6:36:88:cc:d8:fb:c6:
f2:bf:23:0e:3e:8b:c6:ab:78:6d:ba:3b:2b:aa:37:
63:ac:43:42:f5:8f:b2:9d:26:94:27:a9:00:b6:7f:
c4:b8:8c:e0:53:c4:ec:51:1a:10:e4:38:e2:77:ba:
97:bc:6d:63:31:df:9f:51:18:37:5c:de:6c:e1:33:
e3:f9:d1:67:2b:a7:f9:07:ef:0d:74:6a:6e:f5:84:
7f:d0:89:5b:5e:16:5d:94:74:06:f4:6f:59:97:c1:
55:ec:67:5e:20:50:2e:61:87:0f:f2:b0:59:fe:d9:
cb:60:0d:0f:a7:56:d2:f0:2e:52:08:9a:69:6c:14:
62:40:ad:20:b9:bc:52:c2:44:3f:8c:e2:55:23:4d:
a8:4b:1c:14:a8:e6:4d:01:28:be:0a:bc:35:ac:bb:
9d:e5:6f:65:ea:e2:9e:b3:49:8b:0f:ac:bf:cf:78:
2b:97:13:8e:92:6a:68:2e:b0:81:2d:f4:35:35:75:
02:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:42:A7:D6:C8:AA:7F:4C:1E:13:3B:C5:49:E8:A4:31:10:F4:F5:F3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e0df42cc-1c70-4e5b-93da-3f66cef93a84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1040::/42
Signature Algorithm: sha256WithRSAEncryption
79:a6:61:0e:5c:6f:8d:a0:14:87:8b:13:43:02:85:46:c1:2b:
d1:41:58:6e:04:0e:7f:ec:15:87:c2:9d:77:19:73:88:39:6a:
97:e9:92:e7:c1:54:fc:64:3b:18:3b:ca:ff:da:81:35:a4:53:
50:19:49:54:cd:16:2d:49:58:3e:6d:64:54:df:b6:53:31:c1:
0e:44:cc:dc:c5:8d:81:d6:26:92:4f:47:37:28:6c:cd:1c:ff:
9a:06:66:29:9c:85:18:1d:e5:34:49:04:96:09:f0:6b:f4:21:
74:d6:7c:d5:88:74:e3:63:af:6a:62:a2:85:28:8a:1a:2d:01:
d4:26:aa:44:2b:0a:6d:16:89:fb:7b:cc:2e:0d:49:a1:42:af:
8e:13:35:19:47:f8:cd:37:a1:bf:4e:73:69:aa:81:1e:05:f0:
3e:1d:68:04:73:a2:c6:de:29:62:39:14:17:0d:d2:a6:53:7d:
1f:8f:45:8a:af:cc:7e:ba:6a:3b:42:9a:0c:d7:cd:42:f9:eb:
8c:0c:20:61:fe:d9:5c:6f:a5:39:7e:d6:e7:d7:6b:6e:64:37:
4a:d6:aa:b4:60:fa:38:bd:ca:26:27:ba:22:ed:d3:52:f3:86:
e4:52:31:0b:e1:f6:d3:b7:fd:39:2f:65:f0:56:0b:8e:5c:36:
49:a3:59:54
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUF8NziKpBdGrfoIxfMZfSRH7he88wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjYzQ3ZmU1NjcyMzFjYjFjOGZmYjQ1MzUxZmZlOTY0MTMyNTJkNzk4NTk2
MWUzMjc4ODJhZDljMGIxYTEwZTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK2WnPgtIwfYq0v6nYRWWj4UA3xxt2y6T/8KYT9gOxz3AJGFrK6E8SiCgvBI
gAvCkw50GEfQ2pPvlJ+eWpkRCZRxG+C2NojM2PvG8r8jDj6Lxqt4bbo7K6o3Y6xD
QvWPsp0mlCepALZ/xLiM4FPE7FEaEOQ44ne6l7xtYzHfn1EYN1zebOEz4/nRZyun
+QfvDXRqbvWEf9CJW14WXZR0BvRvWZfBVexnXiBQLmGHD/KwWf7Zy2AND6dW0vAu
UgiaaWwUYkCtILm8UsJEP4ziVSNNqEscFKjmTQEovgq8Nay7neVvZerinrNJiw+s
v894K5cTjpJqaC6wgS30NTV1AiMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSIQqfW
yKp/TB4TO8VJ6KQxEPT18zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTBkZjQyY2MtMWM3MC00ZTViLTkzZGEtM2Y2NmNlZjkzYTg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBioBBXgQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAeaZhDlxvjaAUh4sTQwKFRsEr0UFYbgQOf+wV
h8KddxlziDlql+mS58FU/GQ7GDvK/9qBNaRTUBlJVM0WLUlYPm1kVN+2UzHBDkTM
3MWNgdYmkk9HNyhszRz/mgZmKZyFGB3lNEkElgnwa/QhdNZ81Yh042OvamKihSiK
Gi0B1CaqRCsKbRaJ+3vMLg1JoUKvjhM1GUf4zTehv05zaaqBHgXwPh1oBHOixt4p
YjkUFw3SplN9H49Fiq/MfrpqO0KaDNfNQvnrjAwgYf7ZXG+lOX7W59drbmQ3Staq
tGD6OL3KJie6Iu3TUvOG5FIxC+H207f9OS9l8FYLjlw2SaNZVA==
-----END CERTIFICATE-----
Generated at Fri Sep 8 00:38:22 2023 by rpki-client on console-ams.rpki-client.org