Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c70048ab-227b-4f94-a795-0e7749291f1b.roa
File: c70048ab-227b-4f94-a795-0e7749291f1b.roa (raw, json)
Hash identifier: YczAJvlzXS6OEA7V2XoC/FDNIQ6p/J3ys7YbODbfHLg=
Subject key identifier: 0E:0B:2F:99:8D:52:DB:91:6C:1E:E3:8B:50:CB:27:10:C6:FC:4E:A0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1DA71F3DD6A7ADC5A777654FA8B0482B8156D2E8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c70048ab-227b-4f94-a795-0e7749291f1b.roa
Signing time: Fri 24 May 2024 00:00:00 +0000
ROA not before: Fri 24 May 2024 00:00:00 +0000
ROA not after: Fri 28 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:a7:1f:3d:d6:a7:ad:c5:a7:77:65:4f:a8:b0:48:2b:81:56:d2:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 24 00:00:00 2024 GMT
Not After : Jun 28 23:59:59 2024 GMT
Subject: serialNumber=d9fa95b635e6925a6e3d490c1a7ff2fca65fbefb2502e0e370f52b3f3d9b47ce, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:48:5c:8c:ce:89:5f:26:f1:0c:f4:6f:a9:88:
65:84:70:00:b4:7f:3e:8a:96:6d:95:0d:20:d5:f0:
8e:c0:3c:8f:22:a9:48:11:13:bc:09:42:d1:3a:bc:
57:56:7e:4d:b4:77:5c:88:e3:72:55:3e:46:4f:da:
0d:b4:00:46:80:ca:c6:09:a3:3c:f8:b2:d5:47:3d:
fe:22:b6:f0:fa:ad:95:48:f6:52:03:79:f5:dc:12:
a6:7b:6a:de:a3:4a:d4:03:60:20:72:48:8b:8a:72:
65:1e:2b:ba:69:10:a4:ea:a5:a5:45:72:13:d2:a6:
72:ca:09:1f:77:3a:42:fc:b0:f1:87:60:66:12:bc:
93:10:26:c9:fe:40:ec:7b:3e:c0:36:c8:c7:bd:0a:
45:62:a2:ba:c3:af:09:f6:b9:94:1d:83:a6:eb:e0:
1d:8a:f2:c6:af:0e:6d:ec:20:c6:05:47:2a:74:a3:
50:0b:2b:d9:25:81:4b:03:74:5d:58:b6:75:b6:ce:
06:b2:78:fe:87:8e:36:6a:a4:ff:8e:b2:c1:6c:ab:
5b:d3:6a:57:bc:46:e3:29:b1:59:33:de:df:0d:01:
46:bb:68:68:b8:fb:46:e5:ed:85:4e:69:e5:c3:6d:
5e:89:90:ea:41:39:99:89:6c:2b:6d:2a:6e:0d:be:
5f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:0B:2F:99:8D:52:DB:91:6C:1E:E3:8B:50:CB:27:10:C6:FC:4E:A0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c70048ab-227b-4f94-a795-0e7749291f1b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:8000::/40
Signature Algorithm: sha256WithRSAEncryption
22:54:f5:3d:e1:a3:1b:f5:04:a5:a1:d6:1b:56:16:f1:35:ce:
05:13:fe:1f:7f:2a:47:e3:a9:85:4b:fd:32:c2:b6:ec:ff:82:
a5:46:43:0d:35:64:e6:e7:45:a7:cd:4c:c3:57:57:0e:48:85:
8e:fc:24:79:10:8e:bf:12:41:2c:b3:b7:ca:6b:cf:b4:af:7e:
62:10:a7:57:45:6a:96:2e:60:ed:3a:b8:6c:a3:31:40:ff:14:
5e:90:a7:65:ad:6d:7f:98:0f:bf:b9:d7:8e:54:91:14:4b:72:
26:c4:2f:cc:a0:2f:21:11:2c:75:d0:ca:ec:9c:db:44:33:c6:
c7:38:c5:de:92:22:d4:22:a1:55:55:9b:b8:b1:a0:e5:83:f8:
e3:3c:50:3e:e3:5a:02:42:1a:3d:d3:57:3e:38:91:c4:e2:ca:
6b:91:a9:e7:15:e0:98:f2:30:1d:7d:40:6a:24:b3:3e:b1:d1:
27:24:1f:8d:cf:a1:e2:b5:5e:8a:44:49:c7:7a:8f:0d:3f:a9:
6f:f2:ec:a0:9d:fa:a9:a1:2b:05:44:86:a6:91:c9:5a:05:60:
ae:d4:c8:f2:4c:4e:63:c9:a2:7c:48:9b:43:c5:52:38:3e:3d:
3b:26:20:af:6e:34:ba:7c:c9:a2:9e:39:e7:37:31:ad:15:0e:
37:e4:7c:d1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHacfPdanrcWnd2VPqLBIK4FW0ugwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA1MjQwMDAwMDBaFw0yNDA2MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ5ZmE5NWI2MzVlNjkyNWE2ZTNkNDkwYzFhN2ZmMmZjYTY1ZmJlZmIyNTAy
ZTBlMzcwZjUyYjNmM2Q5YjQ3Y2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKBIXIzOiV8m8Qz0b6mIZYRwALR/PoqWbZUNINXwjsA8jyKpSBETvAlC0Tq8
V1Z+TbR3XIjjclU+Rk/aDbQARoDKxgmjPPiy1Uc9/iK28PqtlUj2UgN59dwSpntq
3qNK1ANgIHJIi4pyZR4rumkQpOqlpUVyE9KmcsoJH3c6Qvyw8YdgZhK8kxAmyf5A
7Hs+wDbIx70KRWKiusOvCfa5lB2DpuvgHYryxq8ObewgxgVHKnSjUAsr2SWBSwN0
XVi2dbbOBrJ4/oeONmqk/46ywWyrW9NqV7xG4ymxWTPe3w0BRrtoaLj7RuXthU5p
5cNtXomQ6kE5mYlsK20qbg2+X2cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQOCy+Z
jVLbkWwe44tQyycQxvxOoDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzcwMDQ4YWItMjI3Yi00Zjk0LWE3OTUtMGU3NzQ5MjkxZjFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HuA
MA0GCSqGSIb3DQEBCwUAA4IBAQAiVPU94aMb9QSlodYbVhbxNc4FE/4ffypH46mF
S/0ywrbs/4KlRkMNNWTm50WnzUzDV1cOSIWO/CR5EI6/EkEss7fKa8+0r35iEKdX
RWqWLmDtOrhsozFA/xRekKdlrW1/mA+/udeOVJEUS3ImxC/MoC8hESx10MrsnNtE
M8bHOMXekiLUIqFVVZu4saDlg/jjPFA+41oCQho901c+OJHE4sprkannFeCY8jAd
fUBqJLM+sdEnJB+Nz6HitV6KREnHeo8NP6lv8uygnfqpoSsFRIamkclaBWCu1Mjy
TE5jyaJ8SJtDxVI4Pj07JiCvbjS6fMminjnnNzGtFQ435HzR
-----END CERTIFICATE-----
Generated at Sun Jun 2 01:38:09 2024 by rpki-client on console-ams.rpki-client.org