Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8553b3da-6a47-43ee-87d3-5259a23c371b.roa
File: 8553b3da-6a47-43ee-87d3-5259a23c371b.roa (raw, json)
Hash identifier: ZJVj68JzFiWoSDAjNuWQjAI1kH6uuX23A5hGUvILBOw=
Subject key identifier: 37:34:BB:B4:60:01:12:FD:D2:74:95:31:2F:45:12:1B:E1:43:F9:0B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1AC3C28D3553E092BDAFF77F380D0D5BBC6510D2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8553b3da-6a47-43ee-87d3-5259a23c371b.roa
Signing time: Fri 24 May 2024 00:00:00 +0000
ROA not before: Fri 24 May 2024 00:00:00 +0000
ROA not after: Fri 28 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:c3:c2:8d:35:53:e0:92:bd:af:f7:7f:38:0d:0d:5b:bc:65:10:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 24 00:00:00 2024 GMT
Not After : Jun 28 23:59:59 2024 GMT
Subject: serialNumber=686599e8bc293c5d2b00643af9296b79775f838e277a70ab9168ccea23c7d399, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:59:8f:38:06:6c:de:c5:c2:e7:03:18:de:39:
e5:04:33:4e:34:02:41:13:b5:c7:e8:c4:d7:20:ff:
fd:d3:4f:fe:b7:19:f3:da:a3:b0:94:9d:d4:8c:4a:
a9:d8:19:cd:6e:cd:50:7e:ea:b1:0e:01:ce:b6:22:
ef:30:bd:57:42:85:62:b1:f7:9b:5c:52:d9:c0:59:
22:fc:55:a8:7e:f8:fa:49:75:80:ac:45:52:a6:b6:
ff:18:9d:43:d9:cd:37:bd:b0:22:f8:3a:4d:bd:6c:
9c:a0:12:72:2b:0c:e0:bc:df:0c:3e:1e:85:8b:45:
4f:de:9b:65:b5:f5:ab:40:e8:16:9b:51:4f:23:36:
f9:cb:77:ca:1e:ee:c9:71:32:4c:00:a4:d9:a8:0f:
e4:27:8a:69:cd:46:55:27:f0:23:84:cb:99:97:c7:
08:31:d0:9d:05:2d:78:88:da:24:9d:3c:42:25:00:
24:c0:cb:78:db:15:fc:35:68:48:d9:43:fe:95:07:
48:db:e5:3b:48:5e:bb:87:bd:93:3b:1b:ba:39:aa:
29:4d:6d:d6:da:61:1d:9f:fe:70:74:fa:1e:20:e9:
2c:32:e3:33:a1:60:c6:8e:32:0d:59:2a:fd:0e:3a:
07:f1:cc:2b:68:24:26:83:ab:06:6d:1d:bd:c9:06:
96:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:34:BB:B4:60:01:12:FD:D2:74:95:31:2F:45:12:1B:E1:43:F9:0B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8553b3da-6a47-43ee-87d3-5259a23c371b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:2000::/40
Signature Algorithm: sha256WithRSAEncryption
2c:f4:19:ed:5f:69:de:66:38:b6:6e:90:f2:52:ad:52:54:4c:
52:9f:70:fa:03:41:65:7d:c8:bb:03:48:cd:9e:be:93:41:0f:
11:fc:8f:9e:14:9a:6b:1d:3e:58:9e:a9:1f:48:b7:60:e0:f4:
e1:ff:86:72:ba:2e:0c:f7:74:d6:3d:a9:fe:d1:43:65:37:dc:
08:39:38:75:c6:0b:63:23:1c:18:7b:01:d7:dd:91:5b:93:55:
08:d7:cc:65:f5:92:35:09:bf:6b:03:33:58:a5:7e:45:51:a5:
46:41:ac:b1:51:67:c0:0d:c3:02:dd:fd:2d:3e:f1:da:4b:cb:
7a:bf:6a:d8:e6:11:a8:a2:b1:07:ad:16:55:a0:60:d5:dd:12:
bc:68:2e:7f:71:e7:61:15:dc:3c:5d:34:3f:ad:4d:47:ba:e1:
45:95:b0:03:56:44:18:6c:e4:f1:43:7d:68:25:8c:86:3a:d9:
0d:fb:75:66:68:f4:46:f7:8d:be:f4:10:66:42:99:48:42:d2:
7f:8a:b8:70:66:4b:86:37:3a:20:bc:e7:21:d5:92:39:70:10:
98:4d:19:d3:e9:2f:10:65:42:62:d2:d5:b1:4a:16:ae:4b:9e:
e0:08:a6:90:3c:18:56:e6:0d:97:9b:cf:4b:26:e5:1e:ea:ab:
c5:c9:59:b6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGsPCjTVT4JK9r/d/OA0NW7xlENIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA1MjQwMDAwMDBaFw0yNDA2MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDY4NjU5OWU4YmMyOTNjNWQyYjAwNjQzYWY5Mjk2Yjc5Nzc1ZjgzOGUyNzdh
NzBhYjkxNjhjY2VhMjNjN2QzOTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKBZjzgGbN7FwucDGN455QQzTjQCQRO1x+jE1yD//dNP/rcZ89qjsJSd1IxK
qdgZzW7NUH7qsQ4BzrYi7zC9V0KFYrH3m1xS2cBZIvxVqH74+kl1gKxFUqa2/xid
Q9nNN72wIvg6Tb1snKAScisM4LzfDD4ehYtFT96bZbX1q0DoFptRTyM2+ct3yh7u
yXEyTACk2agP5CeKac1GVSfwI4TLmZfHCDHQnQUteIjaJJ08QiUAJMDLeNsV/DVo
SNlD/pUHSNvlO0heu4e9kzsbujmqKU1t1tphHZ/+cHT6HiDpLDLjM6Fgxo4yDVkq
/Q46B/HMK2gkJoOrBm0dvckGlisCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ3NLu0
YAES/dJ0lTEvRRIb4UP5CzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODU1M2IzZGEtNmE0Ny00M2VlLTg3ZDMtNTI1OWEyM2MzNzFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HEg
MA0GCSqGSIb3DQEBCwUAA4IBAQAs9BntX2neZji2bpDyUq1SVExSn3D6A0Flfci7
A0jNnr6TQQ8R/I+eFJprHT5YnqkfSLdg4PTh/4Zyui4M93TWPan+0UNlN9wIOTh1
xgtjIxwYewHX3ZFbk1UI18xl9ZI1Cb9rAzNYpX5FUaVGQayxUWfADcMC3f0tPvHa
S8t6v2rY5hGoorEHrRZVoGDV3RK8aC5/cedhFdw8XTQ/rU1HuuFFlbADVkQYbOTx
Q31oJYyGOtkN+3VmaPRG942+9BBmQplIQtJ/irhwZkuGNzogvOch1ZI5cBCYTRnT
6S8QZUJi0tWxShauS57gCKaQPBhW5g2Xm89LJuUe6qvFyVm2
-----END CERTIFICATE-----
Generated at Sun Jun 2 01:38:08 2024 by rpki-client on console-ams.rpki-client.org