Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
File: ff2e2d46-44f0-4790-a453-0090beda0015.roa (raw, json)
Hash identifier: Zo4CPcZ1OC6Cg2Jy2gbTGVDT0am2YSX9DXa4L8mDOGo=
Subject key identifier: 56:CA:BB:74:D0:CA:A2:D0:1D:FC:C0:8B:A0:D8:D1:F6:D4:20:82:8F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3F5046B5085AD8BAB3F87ED4AA7B8B38641BF3A9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
Signing time: Wed 15 Mar 2023 00:00:00 +0000
ROA not before: Wed 15 Mar 2023 00:00:00 +0000
ROA not after: Wed 19 Apr 2023 23:59:59 +0000
asID: 16509
IP address blocks: 195.247.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 Mar 2023 07:18:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:50:46:b5:08:5a:d8:ba:b3:f8:7e:d4:aa:7b:8b:38:64:1b:f3:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 15 00:00:00 2023 GMT
Not After : Apr 19 23:59:59 2023 GMT
Subject: serialNumber=f585048d0c461219f4cd96055800cc567bedb36f549e8ad1f0ff4baf70c8db0a, CN=c336411a-6651-4f13-8ef9-de681c7c9444, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:0b:59:19:80:86:55:a5:a9:34:44:69:1d:ed:
d6:d6:3f:c3:47:b7:7d:47:ad:45:c3:b1:31:e0:09:
f6:d9:4a:74:78:f3:1e:62:a7:f2:a7:05:de:89:82:
71:93:dd:1b:b3:95:83:a7:c0:34:dc:c9:b8:1f:a7:
5a:8e:5e:a2:de:d1:79:e7:f9:a4:8c:d8:70:1d:e4:
fa:63:f0:fd:e9:6a:4c:3c:7e:fa:7f:af:fa:86:3b:
ed:e5:a3:46:62:4c:2a:de:a6:5a:63:dc:fc:1a:fb:
8d:0b:65:14:18:1b:c2:f4:47:45:85:31:53:5d:30:
42:76:3a:f7:50:77:5a:ff:34:b8:be:f0:03:84:63:
32:84:b1:89:b8:9d:f3:6c:dc:cb:a4:5c:cf:6e:33:
4d:d5:87:71:e9:41:76:66:2a:74:d2:bc:37:b1:6c:
66:de:02:6f:94:44:7c:ac:2b:0b:99:18:49:ce:b2:
5a:ee:a1:51:8e:fb:f8:cf:38:31:f0:95:c0:51:18:
bd:9d:16:b8:2d:8c:3c:97:e6:17:03:c3:a4:6f:d9:
54:f8:c0:8f:37:53:e6:12:94:b2:20:16:48:a0:20:
46:e2:a8:68:0e:10:d5:ea:fd:a2:ce:41:dd:09:35:
f9:c1:40:12:56:87:0d:e0:83:eb:cb:40:06:7f:d2:
01:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:CA:BB:74:D0:CA:A2:D0:1D:FC:C0:8B:A0:D8:D1:F6:D4:20:82:8F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.247.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ac:e0:dd:3e:b7:21:b3:a5:45:51:ba:c0:78:68:48:50:dc:fa:
07:e3:a8:cf:b4:1c:30:14:a7:95:3c:2f:81:be:a1:17:13:73:
49:da:f5:9e:4c:ac:c3:e8:85:09:19:d7:ca:34:cc:63:13:8c:
37:0f:d6:a7:64:07:2b:41:9d:8d:b8:94:b1:70:96:5b:a3:5e:
1e:24:82:2d:85:40:bf:a6:57:c5:9b:31:80:b6:d1:72:0f:13:
35:35:8f:24:f5:3c:6d:09:e6:69:7a:34:90:6e:ef:f0:22:c1:
b8:40:8e:bb:e3:3d:f1:7a:34:48:b7:4c:21:e5:20:5d:42:e4:
47:14:44:85:46:bc:f3:ef:9d:8f:89:63:7a:91:ca:a1:03:e8:
3d:e7:da:04:92:84:e0:f0:01:79:d7:f3:3d:2d:6b:f2:cd:a6:
20:0e:4b:12:fc:b0:b5:2e:e4:46:3f:92:d9:f5:b4:89:8d:c7:
06:cf:58:d1:16:8a:87:12:b1:61:b4:56:a1:df:bc:0d:a3:0d:
00:39:bf:16:e9:57:23:75:c0:59:b2:05:49:10:52:94:87:52:
3e:c3:97:bd:66:58:01:db:06:59:3f:bc:8c:24:ad:58:be:38:
16:f7:f8:9f:3e:6e:23:d3:30:c0:6f:ea:d0:26:7a:9c:71:b0:
95:1f:00:b3
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIUP1BGtQha2Lqz+H7UqnuLOGQb86kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzAzMTUwMDAwMDBaFw0yMzA0MTkyMzU5NTlaMIGlMUkwRwYD
VQQFE0BmNTg1MDQ4ZDBjNDYxMjE5ZjRjZDk2MDU1ODAwY2M1NjdiZWRiMzZmNTQ5
ZThhZDFmMGZmNGJhZjcwYzhkYjBhMS0wKwYDVQQDEyRjMzM2NDExYS02NjUxLTRm
MTMtOGVmOS1kZTY4MWM3Yzk0NDQxFDASBgNVBAsTC0FtYXpvbiBSUEtJMRMwEQYD
VQQKEwpBbWF6b24uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
owtZGYCGVaWpNERpHe3W1j/DR7d9R61Fw7Ex4An22Up0ePMeYqfypwXeiYJxk90b
s5WDp8A03Mm4H6dajl6i3tF55/mkjNhwHeT6Y/D96WpMPH76f6/6hjvt5aNGYkwq
3qZaY9z8GvuNC2UUGBvC9EdFhTFTXTBCdjr3UHda/zS4vvADhGMyhLGJuJ3zbNzL
pFzPbjNN1Ydx6UF2Zip00rw3sWxm3gJvlER8rCsLmRhJzrJa7qFRjvv4zzgx8JXA
URi9nRa4LYw8l+YXA8Okb9lU+MCPN1PmEpSyIBZIoCBG4qhoDhDV6v2izkHdCTX5
wUASVocN4IPry0AGf9IB3wIDAQABo4ICIDCCAhwwHQYDVR0OBBYEFFbKu3TQyqLQ
HfzAi6DY0fbUIIKPMB8GA1UdIwQYMBaAFEU/R0Y1TirRXOfr2Nwh+WwOXIfPMA4G
A1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvUlQ5SFJqVk9LdEZj
NS12WTNDSDViQTVjaDg4LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsGAQUF
BzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5jb20v
dm9sdW1lLzk2N2EyNTVjLWQ2ODAtNDJkMy05ZWMzLWVjYjNmOWRhMDg4Yy9mZjJl
MmQ0Ni00NGYwLTQ3OTAtYTQ1My0wMDkwYmVkYTAwMTUucm9hMIGIBgNVHR8EgYAw
fjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
X2xBaTVUSERzUWRQWUE5bm1FVDZvbEh1VmM4LmNybDAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAw/cwDQYJKoZI
hvcNAQELBQADggEBAKzg3T63IbOlRVG6wHhoSFDc+gfjqM+0HDAUp5U8L4G+oRcT
c0na9Z5MrMPohQkZ18o0zGMTjDcP1qdkBytBnY24lLFwllujXh4kgi2FQL+mV8Wb
MYC20XIPEzU1jyT1PG0J5ml6NJBu7/AiwbhAjrvjPfF6NEi3TCHlIF1C5EcURIVG
vPPvnY+JY3qRyqED6D3n2gSShODwAXnX8z0ta/LNpiAOSxL8sLUu5EY/ktn1tImN
xwbPWNEWiocSsWG0VqHfvA2jDQA5vxbpVyN1wFmyBUkQUpSHUj7Dl71mWAHbBlk/
vIwkrVi+OBb3+J8+biPTMMBv6tAmepxxsJUfALM=
-----END CERTIFICATE-----
Generated at Wed Mar 15 11:52:44 2023 by rpki-client on console-fra.rpki-client.org