Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f563251-1efa-4b6d-afe9-3e7f014bbba1.roa
File: 0f563251-1efa-4b6d-afe9-3e7f014bbba1.roa (raw, json)
Hash identifier: fAb0kBQKSnDtWzN9gNhRkk58QNL7QkhZGP4haGAM0Hg=
Subject key identifier: 04:57:40:60:DD:89:9D:D1:67:CD:60:B9:A7:E1:A7:DF:57:41:7A:D5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 242594611281C96DC516ACA834D7191069336A5D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f563251-1efa-4b6d-afe9-3e7f014bbba1.roa
Signing time: Tue 23 Apr 2024 00:00:00 +0000
ROA not before: Tue 23 Apr 2024 00:00:00 +0000
ROA not after: Tue 28 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 23:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:25:94:61:12:81:c9:6d:c5:16:ac:a8:34:d7:19:10:69:33:6a:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 23 00:00:00 2024 GMT
Not After : May 28 23:59:59 2024 GMT
Subject: serialNumber=af52d2f2679806bd3da3b2cb40eebcb682c9bc442c0e0f4e13087b6af1e6fb44, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:39:43:14:f5:da:7b:b8:26:b0:6c:10:21:45:
1e:5b:8a:f5:1c:fa:95:0a:9b:3c:97:89:01:b2:b2:
82:ce:43:cb:ad:e0:d0:51:f0:d0:40:11:11:dd:4e:
ae:46:24:22:54:0b:86:5f:a2:87:05:64:da:77:bd:
da:14:16:eb:67:f3:16:e1:a7:ca:c1:e5:9d:d8:19:
3b:67:d7:4b:0a:d4:2d:3d:a7:44:e4:ff:a2:99:69:
23:43:54:93:66:65:b0:dc:e4:74:93:ce:53:6c:63:
ef:0f:cb:d7:36:ed:fb:c3:91:f2:87:7b:f2:29:ee:
40:e0:a8:f7:43:7c:52:3a:8c:55:8b:28:3a:62:a3:
54:cb:4b:d8:67:68:12:a6:5c:e4:bd:3c:22:32:b8:
7d:14:d8:84:16:f5:b9:33:54:67:e8:ec:63:a2:8a:
22:24:58:48:1f:27:31:18:05:62:42:c8:bf:cd:6a:
d1:1f:52:24:74:f0:d4:ad:04:8a:c5:31:84:71:e5:
6e:47:aa:e5:5c:b0:b0:89:87:ed:1f:b8:76:aa:2f:
9a:8c:01:06:e0:8a:0e:5c:c1:1c:ff:ef:31:95:93:
57:09:ee:6b:33:ad:71:5b:1c:fa:e7:50:49:47:25:
23:95:ed:a7:60:8d:57:29:1d:68:5e:ee:f7:2e:fc:
a9:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:57:40:60:DD:89:9D:D1:67:CD:60:B9:A7:E1:A7:DF:57:41:7A:D5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f563251-1efa-4b6d-afe9-3e7f014bbba1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:6000::/40
Signature Algorithm: sha256WithRSAEncryption
20:fc:a3:dc:dc:a7:7a:7a:6c:4c:b1:f0:b8:79:db:cc:aa:ef:
38:bc:a4:f4:56:f4:82:bb:79:86:7c:cf:c5:00:72:79:de:c7:
54:5a:bc:e9:65:5b:d9:70:74:0f:af:ee:64:9a:88:ea:8b:2b:
45:f0:36:4a:5f:f1:15:6c:07:3e:d5:28:74:e3:d5:04:2c:af:
df:dc:21:50:12:d5:be:a5:d0:b7:22:b6:2d:ea:28:69:3a:0f:
a9:39:c6:a7:6f:7d:7f:95:75:61:ac:8c:86:56:07:f8:41:7c:
21:72:67:4c:5c:ff:5d:71:0e:04:01:2e:aa:85:e7:32:16:b3:
16:17:94:c2:d6:45:13:e4:fb:9d:f9:c3:9b:dd:16:43:ac:3f:
32:03:38:d3:23:16:2c:98:5a:45:c0:5b:a8:c1:cf:01:c7:0a:
08:67:2f:b4:01:f5:35:a0:cf:a0:e9:b0:2d:b8:68:33:56:97:
f8:bf:1d:3d:e5:fd:ad:32:55:81:0b:5a:18:ec:f7:70:93:86:
79:f2:9b:32:ef:e6:e3:02:57:7b:3b:f2:dc:f0:f2:45:52:b3:
b9:c9:4c:84:ea:73:d8:c8:ce:b4:e4:d1:41:b1:33:96:02:4c:
99:6e:38:f7:f5:05:74:14:91:54:6a:74:28:c7:fd:fe:fe:d4:
eb:72:f0:72
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJCWUYRKByW3FFqyoNNcZEGkzal0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MjMwMDAwMDBaFw0yNDA1MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmNTJkMmYyNjc5ODA2YmQzZGEzYjJjYjQwZWViY2I2ODJjOWJjNDQyYzBl
MGY0ZTEzMDg3YjZhZjFlNmZiNDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKg5QxT12nu4JrBsECFFHluK9Rz6lQqbPJeJAbKygs5Dy63g0FHw0EAREd1O
rkYkIlQLhl+ihwVk2ne92hQW62fzFuGnysHlndgZO2fXSwrULT2nROT/oplpI0NU
k2ZlsNzkdJPOU2xj7w/L1zbt+8OR8od78inuQOCo90N8UjqMVYsoOmKjVMtL2Gdo
EqZc5L08IjK4fRTYhBb1uTNUZ+jsY6KKIiRYSB8nMRgFYkLIv81q0R9SJHTw1K0E
isUxhHHlbkeq5VywsImH7R+4dqovmowBBuCKDlzBHP/vMZWTVwnuazOtcVsc+udQ
SUclI5Xtp2CNVykdaF7u9y78qS8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQEV0Bg
3Ymd0WfNYLmn4affV0F61TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGY1NjMyNTEtMWVmYS00YjZkLWFmZTktM2U3ZjAxNGJiYmExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HJg
MA0GCSqGSIb3DQEBCwUAA4IBAQAg/KPc3Kd6emxMsfC4edvMqu84vKT0VvSCu3mG
fM/FAHJ53sdUWrzpZVvZcHQPr+5kmojqiytF8DZKX/EVbAc+1Sh049UELK/f3CFQ
EtW+pdC3IrYt6ihpOg+pOcanb31/lXVhrIyGVgf4QXwhcmdMXP9dcQ4EAS6qhecy
FrMWF5TC1kUT5Pud+cOb3RZDrD8yAzjTIxYsmFpFwFuowc8BxwoIZy+0AfU1oM+g
6bAtuGgzVpf4vx095f2tMlWBC1oY7Pdwk4Z58psy7+bjAld7O/Lc8PJFUrO5yUyE
6nPYyM605NFBsTOWAkyZbjj39QV0FJFUanQox/3+/tTrcvBy
-----END CERTIFICATE-----
Generated at Fri Apr 26 08:26:19 2024 by rpki-client on console-ams.rpki-client.org