Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01060bed-8b00-41db-905e-7e744843b50f.roa
File: 01060bed-8b00-41db-905e-7e744843b50f.roa (raw, json)
Hash identifier: tHafWKbuUHxs6QQ8fN4g/Vr1nvL3AbtGv/znW1DOPmI=
Subject key identifier: C9:90:C8:8E:E9:70:85:50:12:D1:4A:13:53:9E:E3:95:9D:05:C7:D4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6EB00B8547CC8B6EBA34AFA7EBCEC34F5FBC7899
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01060bed-8b00-41db-905e-7e744843b50f.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:b0:0b:85:47:cc:8b:6e:ba:34:af:a7:eb:ce:c3:4f:5f:bc:78:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=a52368b364d5766a2e38c6a00cb4abba30e2ad61884cdea9b47cc3af379f0af5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:fe:b8:74:ba:1b:d5:fd:d8:cf:9d:1f:c8:40:
86:6d:b4:27:fd:24:3a:24:03:c2:20:65:bc:60:bb:
93:3f:1b:9a:f1:9f:68:b9:7e:1d:7f:60:69:8d:0a:
64:c2:69:28:ae:86:d0:39:40:f4:2f:ef:8f:52:4b:
87:9f:4c:38:54:10:c8:b2:76:ce:fa:36:44:0c:5f:
4b:86:51:61:f2:a7:77:d1:e3:9d:01:f5:71:08:a6:
a1:90:e5:7e:0d:91:e6:48:2e:42:d9:bc:28:25:42:
7c:ca:f9:9c:bc:60:86:a3:e8:52:43:1f:02:14:80:
91:64:ed:6c:ed:c5:69:b7:df:38:99:c3:56:1a:b4:
41:50:22:20:c1:64:90:60:f3:d7:bb:7e:66:21:c3:
0a:b4:b5:2f:ff:a3:e8:b5:dc:a8:43:56:3e:a7:9b:
9d:7a:3b:7b:c2:31:8a:11:d3:3d:ca:9c:92:34:03:
af:ec:b0:f5:66:eb:67:0a:00:3b:a7:4d:0a:eb:21:
bd:35:19:85:0b:b7:cf:c6:c8:b4:58:00:0c:ca:a0:
12:1b:88:fb:82:95:57:ba:0e:24:b0:9e:2d:15:0f:
93:e7:6c:d9:8f:22:51:2b:60:c5:cf:90:d5:d2:73:
44:a4:cd:7b:28:eb:37:53:62:e9:9a:5c:a8:31:1d:
6b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:90:C8:8E:E9:70:85:50:12:D1:4A:13:53:9E:E3:95:9D:05:C7:D4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01060bed-8b00-41db-905e-7e744843b50f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:9000::/40
Signature Algorithm: sha256WithRSAEncryption
67:c4:5b:11:29:3e:03:81:0d:49:19:00:93:5b:e3:ac:9a:40:
87:32:98:74:c7:5a:44:7b:f8:f7:7b:6f:3b:67:58:9f:1b:fa:
bc:02:06:a8:65:ce:d8:f4:6f:aa:85:e3:b1:1d:cd:b5:43:aa:
ad:32:50:9b:24:1b:8c:ae:9d:d2:c0:e3:38:b1:20:a3:56:6f:
33:2c:91:9d:41:6e:95:b6:75:57:e5:54:4e:e0:c7:3c:bd:1b:
03:0d:9f:f3:0e:63:f5:a4:b6:eb:dd:96:00:57:df:a8:f7:09:
19:3a:37:c7:85:81:e5:bb:b2:b0:e4:13:da:44:69:ec:6d:c6:
cf:55:e9:6b:d7:f5:8b:98:28:68:6a:f0:2a:9f:fe:d2:fb:b1:
5a:1f:38:6f:3f:56:9c:d3:1c:d2:08:51:ea:4e:80:8e:15:c1:
50:8d:5e:ed:02:9c:82:47:0a:31:55:fa:79:d0:d0:30:1c:9b:
9b:2c:9c:50:cf:3a:8b:65:07:97:0e:09:1e:99:03:68:86:81:
5b:a8:a1:bc:2d:88:73:f5:89:fb:b8:79:a4:56:8d:f8:2b:cb:
f2:64:93:38:4e:03:ef:20:b1:ed:6f:e1:e4:9f:06:fb:57:b7:
fe:f0:15:ec:0e:c3:9e:1f:12:7a:12:90:41:7a:3e:63:15:f5:
80:08:a5:76
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbrALhUfMi266NK+n687DT1+8eJkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGE1MjM2OGIzNjRkNTc2NmEyZTM4YzZhMDBjYjRhYmJhMzBlMmFkNjE4ODRj
ZGVhOWI0N2NjM2FmMzc5ZjBhZjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIz+uHS6G9X92M+dH8hAhm20J/0kOiQDwiBlvGC7kz8bmvGfaLl+HX9gaY0K
ZMJpKK6G0DlA9C/vj1JLh59MOFQQyLJ2zvo2RAxfS4ZRYfKnd9HjnQH1cQimoZDl
fg2R5kguQtm8KCVCfMr5nLxghqPoUkMfAhSAkWTtbO3FabffOJnDVhq0QVAiIMFk
kGDz17t+ZiHDCrS1L/+j6LXcqENWPqebnXo7e8IxihHTPcqckjQDr+yw9WbrZwoA
O6dNCushvTUZhQu3z8bItFgADMqgEhuI+4KVV7oOJLCeLRUPk+ds2Y8iUStgxc+Q
1dJzRKTNeyjrN1Ni6ZpcqDEdawkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTJkMiO
6XCFUBLRShNTnuOVnQXH1DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDEwNjBiZWQtOGIwMC00MWRiLTkwNWUtN2U3NDQ4NDNiNTBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HuQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBnxFsRKT4DgQ1JGQCTW+OsmkCHMph0x1pEe/j3
e287Z1ifG/q8AgaoZc7Y9G+qheOxHc21Q6qtMlCbJBuMrp3SwOM4sSCjVm8zLJGd
QW6VtnVX5VRO4Mc8vRsDDZ/zDmP1pLbr3ZYAV9+o9wkZOjfHhYHlu7Kw5BPaRGns
bcbPVelr1/WLmChoavAqn/7S+7FaHzhvP1ac0xzSCFHqToCOFcFQjV7tApyCRwox
Vfp50NAwHJubLJxQzzqLZQeXDgkemQNohoFbqKG8LYhz9Yn7uHmkVo34K8vyZJM4
TgPvILHtb+Hknwb7V7f+8BXsDsOeHxJ6EpBBej5jFfWACKV2
-----END CERTIFICATE-----
Generated at Fri Apr 19 01:44:15 2024 by rpki-client on console-ams.rpki-client.org