Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04593af5-4653-4d6a-8bb5-65270db84a4f.roa
File: 04593af5-4653-4d6a-8bb5-65270db84a4f.roa (raw, json)
Hash identifier: dyt10Sb/+AGFE4C6tARlKR1W6HyfHutYRnTKpZqZqFI=
Subject key identifier: 8E:79:AF:C2:3B:2F:A0:BF:51:0C:18:B4:4D:D1:8F:22:F1:3B:BB:9C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 47E66C8CC3D7B0639AC689F7F9AC080F538B467E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04593af5-4653-4d6a-8bb5-65270db84a4f.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02d::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:e6:6c:8c:c3:d7:b0:63:9a:c6:89:f7:f9:ac:08:0f:53:8b:46:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=891800b6938fa3aa4c275682fa50c498084ad32fc53f952b4877d891018b6e9c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1a:6a:b8:c8:b4:27:e5:30:09:ab:29:98:ee:
0b:1a:1a:78:24:96:59:97:6c:e6:72:42:23:46:93:
a8:a9:ad:0d:01:2d:95:4b:da:08:c8:cb:7d:6a:97:
02:c6:df:57:bd:b0:66:ba:c2:15:85:9e:72:4e:ab:
6e:48:4b:bf:af:a6:f9:a0:a8:bb:f2:ca:cd:62:33:
8c:38:88:48:88:1e:c0:70:ce:8a:c9:af:33:66:6e:
e0:39:88:ff:e9:b6:78:bd:2e:99:db:ea:cc:b7:0f:
68:7d:ec:b7:5f:12:0e:bb:88:fc:3c:44:34:d1:33:
c8:b8:ee:52:66:8c:40:58:d0:cc:93:27:7a:66:cc:
d8:b5:18:91:06:c9:25:3a:1b:9d:84:a1:1a:da:85:
3f:46:82:2d:9c:2d:02:e9:78:a7:c2:b6:ea:69:a3:
ba:fe:a2:a4:a0:50:89:c3:62:50:76:0c:a5:9a:ed:
40:f0:5f:3b:1d:f8:04:89:96:1c:8c:a3:94:cf:7e:
0d:6d:d8:13:83:a1:d1:c3:bb:31:58:9d:6a:24:91:
0c:06:ec:1a:db:4b:08:6a:51:52:c0:b5:ee:5c:6f:
09:55:04:d6:15:0d:ac:cc:28:d0:88:a4:e9:d6:87:
00:53:6a:19:52:2d:cc:6b:ba:9e:ba:69:77:09:91:
c3:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:79:AF:C2:3B:2F:A0:BF:51:0C:18:B4:4D:D1:8F:22:F1:3B:BB:9C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04593af5-4653-4d6a-8bb5-65270db84a4f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02d::/36
Signature Algorithm: sha256WithRSAEncryption
35:41:ae:e9:c3:72:35:b5:98:d0:c9:04:98:94:fb:f8:66:1b:
94:5a:42:ab:36:39:b1:2d:20:75:7c:c7:4f:c7:6a:60:79:b4:
5c:9f:5d:fc:ef:e1:89:31:4f:2c:fc:b8:69:56:a8:e0:f5:d8:
a0:86:aa:21:83:e5:75:32:32:f7:7d:b9:00:44:48:47:27:86:
14:6e:af:6b:0a:65:92:76:5f:0b:94:26:03:c5:b8:73:28:8e:
f0:6e:46:6a:06:38:47:cc:ab:03:83:05:a3:5b:02:dd:89:fe:
df:09:33:60:bc:c7:8d:0a:6c:bd:6a:66:44:8d:b5:a8:25:f9:
e2:48:14:50:7a:58:8e:a7:a9:03:f3:3b:70:e3:fe:0b:36:58:
de:32:7c:3c:ed:2f:f7:cd:92:d4:f5:20:0f:17:ff:f1:81:26:
c3:65:f4:77:9a:37:17:7e:c0:93:47:e2:ed:85:6d:a0:75:87:
5e:ad:64:2b:1b:7e:8b:99:ef:de:22:e2:48:25:8e:9c:15:aa:
5b:6e:80:00:5a:8a:fb:64:fd:97:6f:13:49:aa:60:0e:37:73:
b9:c2:5f:8f:58:68:e3:a9:d2:19:b9:57:a6:ed:cd:02:9c:90:
6d:4f:5e:20:4d:a8:2c:a6:12:cb:43:f3:e1:f3:87:46:c3:aa:
01:76:77:11
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUR+ZsjMPXsGOaxon3+awID1OLRn4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5MTgwMGI2OTM4ZmEzYWE0YzI3NTY4MmZhNTBjNDk4MDg0YWQzMmZjNTNm
OTUyYjQ4NzdkODkxMDE4YjZlOWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK8aarjItCflMAmrKZjuCxoaeCSWWZds5nJCI0aTqKmtDQEtlUvaCMjLfWqX
AsbfV72wZrrCFYWeck6rbkhLv6+m+aCou/LKzWIzjDiISIgewHDOismvM2Zu4DmI
/+m2eL0umdvqzLcPaH3st18SDruI/DxENNEzyLjuUmaMQFjQzJMnembM2LUYkQbJ
JTobnYShGtqFP0aCLZwtAul4p8K26mmjuv6ipKBQicNiUHYMpZrtQPBfOx34BImW
HIyjlM9+DW3YE4Oh0cO7MVidaiSRDAbsGttLCGpRUsC17lxvCVUE1hUNrMwo0Iik
6daHAFNqGVItzGu6nrppdwmRw8cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSOea/C
Oy+gv1EMGLRN0Y8i8Tu7nDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDQ1OTNhZjUtNDY1My00ZDZhLThiYjUtNjUyNzBkYjg0YTRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0C0A
MA0GCSqGSIb3DQEBCwUAA4IBAQA1Qa7pw3I1tZjQyQSYlPv4ZhuUWkKrNjmxLSB1
fMdPx2pgebRcn1387+GJMU8s/LhpVqjg9dighqohg+V1MjL3fbkAREhHJ4YUbq9r
CmWSdl8LlCYDxbhzKI7wbkZqBjhHzKsDgwWjWwLdif7fCTNgvMeNCmy9amZEjbWo
JfniSBRQeliOp6kD8ztw4/4LNljeMnw87S/3zZLU9SAPF//xgSbDZfR3mjcXfsCT
R+LthW2gdYderWQrG36Lme/eIuJIJY6cFapbboAAWor7ZP2XbxNJqmAON3O5wl+P
WGjjqdIZuVem7c0CnJBtT14gTagsphLLQ/Ph84dGw6oBdncR
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:26 2023 by rpki-client on console-ams.rpki-client.org