Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17e30daf-f11a-4af6-8f47-661a735a22e9.roa
File: 17e30daf-f11a-4af6-8f47-661a735a22e9.roa (raw, json)
Hash identifier: 96RsT5HSzKKO/CrOfhe90qB6ogJR9u11todfw5KWBys=
Subject key identifier: 69:AE:C4:19:8D:3F:2A:2C:C1:86:AB:6F:95:1F:1D:7A:3D:5D:CF:81
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6A04611AF8D45EC28A9AAA378E9E673C9C849136
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17e30daf-f11a-4af6-8f47-661a735a22e9.roa
Signing time: Mon 20 May 2024 00:00:00 +0000
ROA not before: Mon 20 May 2024 00:00:00 +0000
ROA not after: Mon 24 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:04:61:1a:f8:d4:5e:c2:8a:9a:aa:37:8e:9e:67:3c:9c:84:91:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 00:00:00 2024 GMT
Not After : Jun 24 23:59:59 2024 GMT
Subject: serialNumber=67a316298b720885bd8b28a0c4667f47a4bc9c220b60c05958b43dabe780f623, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:90:df:2b:6f:1d:05:0c:52:95:4e:ea:3a:f5:
e9:e0:0f:2f:e1:b1:c6:b6:51:1a:24:3c:d4:88:90:
8d:8f:e9:a0:04:f4:1e:8b:dc:84:a4:75:d2:b8:95:
a1:49:be:71:0c:00:a0:6a:d7:93:e8:36:61:38:b5:
9c:5d:eb:10:76:ef:d2:ee:41:09:c1:d9:2d:a2:65:
6d:36:e4:f1:ba:80:1d:97:e9:8c:40:08:f1:1d:78:
91:36:88:94:8f:8a:63:9c:a1:f5:3d:c4:ff:30:dc:
be:7b:5c:34:1b:14:ea:6b:f5:61:1e:10:55:77:67:
d8:2d:62:cc:af:99:f9:3e:dc:65:4a:4c:e4:c8:44:
1a:e4:d8:9f:87:96:35:89:12:48:c8:cd:92:55:7b:
74:a4:39:96:06:9f:30:91:6d:9b:dd:91:78:cd:9c:
36:04:dc:44:e0:0c:b6:7b:55:4b:a4:4b:2f:4f:54:
4d:bc:36:15:f5:9e:43:74:05:a7:0c:2c:4c:38:91:
e9:14:c5:0d:e3:a9:fb:a3:77:e1:d4:ba:4c:83:f4:
c9:11:38:f9:d5:a6:fa:2e:8c:f1:9d:fb:de:e7:29:
1d:58:15:d3:97:31:b3:4d:f6:b4:eb:fe:4d:67:dc:
e5:23:80:aa:66:42:4d:f2:24:ee:28:2f:89:a3:13:
0f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:AE:C4:19:8D:3F:2A:2C:C1:86:AB:6F:95:1F:1D:7A:3D:5D:CF:81
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17e30daf-f11a-4af6-8f47-661a735a22e9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:5000::/40
Signature Algorithm: sha256WithRSAEncryption
74:da:10:bf:98:30:ab:42:e8:82:2b:da:f4:1f:6c:b9:f4:ad:
26:0f:cb:f7:5a:83:02:b9:22:f1:1a:f3:17:c8:c1:e8:fa:fe:
bb:5c:d5:0f:c3:c2:8a:12:2f:6b:1f:6e:f8:b7:19:44:e0:a5:
f9:e5:33:9d:de:eb:26:8a:92:63:61:a3:33:4f:a8:d4:8f:70:
a7:28:ad:59:48:3f:32:0e:78:00:b4:c9:8c:e5:40:7b:13:56:
23:50:c9:09:07:9c:b6:f4:1b:0a:14:0a:00:5f:ce:cc:02:8d:
d2:80:b3:6a:a6:9c:36:a1:45:d1:81:ec:22:fa:95:4f:d7:d2:
0e:68:9a:fd:75:d2:8e:98:0e:c9:a6:d5:75:ac:20:b1:b8:88:
de:73:d8:61:fe:49:89:3c:80:34:d6:47:ee:d5:ac:55:31:7b:
a6:e0:86:2b:bb:92:92:8c:64:eb:38:17:50:ee:9b:a1:92:e7:
c8:e2:31:c3:57:cc:f0:2d:82:c7:28:bd:d0:89:ee:c8:09:79:
c4:01:6e:74:fd:4e:b6:a3:f3:d6:c6:3b:31:67:42:ba:9c:67:
e3:3f:40:6f:bc:68:2a:6e:71:7a:13:c7:85:3d:39:d6:38:45:
c1:53:78:e0:88:6a:2c:ca:f1:9c:6c:e1:6c:06:cc:ae:67:5f:
4c:49:3f:8f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUagRhGvjUXsKKmqo3jp5nPJyEkTYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA1MjAwMDAwMDBaFw0yNDA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDY3YTMxNjI5OGI3MjA4ODViZDhiMjhhMGM0NjY3ZjQ3YTRiYzljMjIwYjYw
YzA1OTU4YjQzZGFiZTc4MGY2MjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOeQ3ytvHQUMUpVO6jr16eAPL+GxxrZRGiQ81IiQjY/poAT0HovchKR10riV
oUm+cQwAoGrXk+g2YTi1nF3rEHbv0u5BCcHZLaJlbTbk8bqAHZfpjEAI8R14kTaI
lI+KY5yh9T3E/zDcvntcNBsU6mv1YR4QVXdn2C1izK+Z+T7cZUpM5MhEGuTYn4eW
NYkSSMjNklV7dKQ5lgafMJFtm92ReM2cNgTcROAMtntVS6RLL09UTbw2FfWeQ3QF
pwwsTDiR6RTFDeOp+6N34dS6TIP0yRE4+dWm+i6M8Z373ucpHVgV05cxs032tOv+
TWfc5SOAqmZCTfIk7igviaMTD/MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRprsQZ
jT8qLMGGq2+VHx16PV3PgTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTdlMzBkYWYtZjExYS00YWY2LThmNDctNjYxYTczNWEyMmU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FhQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB02hC/mDCrQuiCK9r0H2y59K0mD8v3WoMCuSLx
GvMXyMHo+v67XNUPw8KKEi9rH274txlE4KX55TOd3usmipJjYaMzT6jUj3CnKK1Z
SD8yDngAtMmM5UB7E1YjUMkJB5y29BsKFAoAX87MAo3SgLNqppw2oUXRgewi+pVP
19IOaJr9ddKOmA7JptV1rCCxuIjec9hh/kmJPIA01kfu1axVMXum4IYru5KSjGTr
OBdQ7puhkufI4jHDV8zwLYLHKL3Qie7ICXnEAW50/U62o/PWxjsxZ0K6nGfjP0Bv
vGgqbnF6E8eFPTnWOEXBU3jgiGosyvGcbOFsBsyuZ19MST+P
-----END CERTIFICATE-----
Generated at Sun Jun 2 01:38:07 2024 by rpki-client on console-ams.rpki-client.org