Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0329f72c-bcfc-450d-9501-0716fe320aff.roa
File: 0329f72c-bcfc-450d-9501-0716fe320aff.roa (raw, json)
Hash identifier: 9zHUejHlNcLPH4abbIqmbioAu7eRJl53ZGEXqck+qg8=
Subject key identifier: 9D:E6:E3:BE:DA:08:0D:3D:CB:B3:3D:CD:A5:F2:0C:27:C6:FB:D7:A3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 55FB7CF7A2AEBFCE642DC329093CFD65C6B0B245
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0329f72c-bcfc-450d-9501-0716fe320aff.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:fb:7c:f7:a2:ae:bf:ce:64:2d:c3:29:09:3c:fd:65:c6:b0:b2:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=58870695ac97b60ce71b9e4fe83ae6de3596810d99737b9317c988a4998113c3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:94:dd:99:90:b6:d7:4d:87:ae:13:d3:0f:db:
fb:fa:4b:41:1c:9d:07:4b:4c:b3:a1:52:cd:48:e2:
b8:ba:0b:4d:00:89:a5:68:8f:46:a9:29:f1:12:2a:
2c:9a:d9:4e:c4:5e:b8:27:0b:b5:d5:08:aa:b3:6f:
62:64:4a:72:b5:b3:90:6f:07:f4:0a:2b:e8:a9:00:
14:53:a1:c7:8d:e6:76:ea:e0:66:a2:2b:ef:78:98:
e1:de:3c:3c:57:6b:10:a8:c0:cb:64:1b:b9:d7:5e:
88:29:60:b5:b0:03:d3:05:cb:b3:43:65:f3:b0:da:
6b:e6:3e:c8:07:68:66:db:0c:99:bf:56:1b:d9:75:
33:ac:f0:62:c0:5b:69:eb:71:53:f3:36:4d:30:6f:
1c:9e:2e:ba:25:a2:5d:1e:79:cb:e4:8a:85:90:9a:
65:ca:12:a1:24:59:2c:aa:b8:c1:95:7a:e0:67:07:
96:8e:34:f2:fc:9c:64:b4:ca:5b:32:12:c2:13:b8:
f7:e4:8f:1d:ad:ca:82:18:b9:76:73:23:20:c1:00:
c1:6c:c2:de:bf:24:0d:56:7c:90:59:75:de:8d:67:
de:b1:a2:f3:77:f6:9a:0c:22:8f:2a:b8:ff:ff:f7:
79:c6:57:b0:cb:c7:26:c2:31:e4:b3:69:56:9d:da:
12:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:E6:E3:BE:DA:08:0D:3D:CB:B3:3D:CD:A5:F2:0C:27:C6:FB:D7:A3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0329f72c-bcfc-450d-9501-0716fe320aff.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:c000::/40
Signature Algorithm: sha256WithRSAEncryption
63:6a:60:bd:c9:28:66:65:df:78:3f:2d:77:e9:54:ff:11:fb:
13:62:b6:05:aa:24:97:0c:10:c0:94:dd:b6:f6:80:95:92:65:
e1:7a:b7:93:1c:f7:bb:8f:ac:ca:9f:e4:76:c0:d8:75:98:bb:
8b:71:a7:eb:17:30:6e:39:bc:52:0d:cd:51:3f:85:18:54:43:
15:8b:9a:a0:d5:36:43:54:4c:db:3e:bd:88:a8:72:84:85:f2:
9e:b9:d0:45:3a:12:07:a5:d3:7b:91:9b:5e:80:94:8e:aa:2d:
3d:f1:2d:96:c1:04:3a:ec:a3:d4:60:ba:26:bd:b9:97:97:9b:
4d:b9:5c:2b:d3:3d:3f:fc:20:00:6f:47:e1:fe:a7:20:3f:11:
98:f6:51:cf:5d:16:4c:b6:f2:09:fa:d1:2f:19:89:c9:2e:60:
6a:40:4e:86:44:87:60:bc:64:d1:18:5d:36:d1:03:a1:0d:1a:
7a:64:cc:8d:fb:95:38:77:d4:52:41:5e:1a:59:47:0d:27:12:
14:8a:c6:a3:16:4e:aa:7b:a4:0d:07:a2:4b:fe:8e:13:ff:d4:
9c:a4:3d:1d:1b:c4:c4:02:24:08:d9:4c:92:09:ed:d5:7c:23:
4f:a8:5a:1b:51:ec:ae:d8:02:27:86:24:63:4a:a3:99:1b:8b:
cb:1e:ef:7a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVft896Kuv85kLcMpCTz9ZcawskUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4ODcwNjk1YWM5N2I2MGNlNzFiOWU0ZmU4M2FlNmRlMzU5NjgxMGQ5OTcz
N2I5MzE3Yzk4OGE0OTk4MTEzYzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOeU3ZmQttdNh64T0w/b+/pLQRydB0tMs6FSzUjiuLoLTQCJpWiPRqkp8RIq
LJrZTsReuCcLtdUIqrNvYmRKcrWzkG8H9Aor6KkAFFOhx43mdurgZqIr73iY4d48
PFdrEKjAy2QbuddeiClgtbAD0wXLs0Nl87Daa+Y+yAdoZtsMmb9WG9l1M6zwYsBb
aetxU/M2TTBvHJ4uuiWiXR55y+SKhZCaZcoSoSRZLKq4wZV64GcHlo408vycZLTK
WzISwhO49+SPHa3Kghi5dnMjIMEAwWzC3r8kDVZ8kFl13o1n3rGi83f2mgwijyq4
///3ecZXsMvHJsIx5LNpVp3aEhUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSd5uO+
2ggNPcuzPc2l8gwnxvvXozAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDMyOWY3MmMtYmNmYy00NTBkLTk1MDEtMDcxNmZlMzIwYWZmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ADA
MA0GCSqGSIb3DQEBCwUAA4IBAQBjamC9yShmZd94Py136VT/EfsTYrYFqiSXDBDA
lN229oCVkmXhereTHPe7j6zKn+R2wNh1mLuLcafrFzBuObxSDc1RP4UYVEMVi5qg
1TZDVEzbPr2IqHKEhfKeudBFOhIHpdN7kZtegJSOqi098S2WwQQ67KPUYLomvbmX
l5tNuVwr0z0//CAAb0fh/qcgPxGY9lHPXRZMtvIJ+tEvGYnJLmBqQE6GRIdgvGTR
GF020QOhDRp6ZMyN+5U4d9RSQV4aWUcNJxIUisajFk6qe6QNB6JL/o4T/9ScpD0d
G8TEAiQI2UySCe3VfCNPqFobUeyu2AInhiRjSqOZG4vLHu96
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:50:17 2023 by rpki-client on console-ams.rpki-client.org