Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fa23d6c-fd5a-4d4c-9504-fa93a22f52cb.roa
File: 0fa23d6c-fd5a-4d4c-9504-fa93a22f52cb.roa (raw, json)
Hash identifier: FxGChiFES236g+2DZ7ys1Y2rOkYSyTi0eLfPqw5h8rk=
Subject key identifier: 22:47:8B:B5:6D:13:51:A8:0F:54:E0:4F:F2:F6:2E:DC:F6:C2:48:AA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 11150C9E36641A24ED6292A6138798A52A007AC8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fa23d6c-fd5a-4d4c-9504-fa93a22f52cb.roa
Signing time: Sat 18 Mar 2023 00:00:00 +0000
ROA not before: Sat 18 Mar 2023 00:00:00 +0000
ROA not after: Sat 22 Apr 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Mar 2023 08:28:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:15:0c:9e:36:64:1a:24:ed:62:92:a6:13:87:98:a5:2a:00:7a:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 18 00:00:00 2023 GMT
Not After : Apr 22 23:59:59 2023 GMT
Subject: serialNumber=d1634d9e6563ff2b2e5872f0c74558c7cee4edd28f46c00dff46712a6b129109, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:39:d3:4d:f4:8f:15:42:b9:c7:0e:89:b7:42:
15:60:fc:26:07:88:9e:ae:5f:1b:4a:aa:6f:7f:86:
00:42:bb:80:52:95:2d:c9:28:e1:6e:e2:0e:e1:db:
6b:1f:9f:bb:60:d6:ed:d0:aa:d8:d4:4c:af:2d:81:
fa:6d:73:dd:96:80:3b:5a:43:36:cf:99:45:18:2c:
2a:da:06:b8:48:5a:34:b8:a3:6f:c7:11:ed:e5:f3:
9e:ac:a1:80:04:c5:64:63:1d:42:6c:7a:e9:78:7d:
ed:19:1c:13:03:ae:70:c3:73:49:28:93:c0:5a:1f:
d0:44:d9:39:00:a5:35:c1:b3:9b:81:6e:2d:6c:e0:
34:43:a5:e6:0a:51:72:a7:12:76:b6:d0:64:d8:71:
b5:c9:8a:e5:62:5a:41:e6:8c:34:44:0c:e5:11:7c:
1b:6b:18:20:03:35:b1:14:be:05:17:62:51:64:e3:
b8:a6:5c:1d:1e:03:98:bd:f2:c5:e5:6d:52:d9:f4:
8f:95:9b:f0:69:f6:c4:53:00:8a:8a:a3:9e:19:d1:
de:30:d1:e0:52:29:86:f0:7d:cf:c6:7c:f7:5e:3f:
e7:b2:ef:aa:89:fd:d9:3a:6d:b4:ab:2c:af:94:ce:
3f:07:d9:64:4d:99:1b:fb:60:ac:4f:41:7f:d0:12:
20:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:47:8B:B5:6D:13:51:A8:0F:54:E0:4F:F2:F6:2E:DC:F6:C2:48:AA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fa23d6c-fd5a-4d4c-9504-fa93a22f52cb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:4000::/40
Signature Algorithm: sha256WithRSAEncryption
c5:7b:f6:08:05:59:e6:03:07:37:03:48:58:df:ff:43:da:74:
9b:60:a2:7c:ef:dd:57:0a:aa:c6:fe:82:67:00:b0:b4:ed:47:
58:98:b5:7e:b2:fd:ac:5e:a0:6f:05:2c:a1:40:df:f6:7c:fe:
1a:5a:4e:01:82:8b:7c:12:34:c4:4b:eb:74:c0:c0:2d:38:7e:
ec:37:f4:1d:88:7c:a0:b6:a1:b1:08:7c:a2:ee:99:eb:42:26:
82:09:a8:fd:ab:80:6e:c5:d2:f4:ea:f1:3a:46:76:cd:6d:ac:
dd:c1:03:5b:25:97:3e:1e:3c:19:c0:0e:87:b8:73:0c:c4:2b:
07:90:82:a2:8a:a7:4d:ba:47:14:85:10:a5:70:d8:cd:ff:c8:
1e:c0:aa:c8:db:46:b9:bc:bd:55:17:79:40:1f:11:91:70:1b:
d8:94:b7:c4:16:b4:76:71:ed:4f:fd:17:4b:1a:18:1b:2c:1a:
9d:5f:5f:1e:80:fe:04:1f:3f:91:36:9c:22:f7:14:1d:e8:7c:
f0:b0:5f:f5:37:92:e7:3a:b6:ca:b1:75:ce:db:8e:eb:ce:4b:
3c:3b:14:52:25:9f:3c:38:e7:b1:5a:94:37:13:33:39:17:99:
13:1d:57:83:b1:b2:a9:73:35:b6:52:79:15:58:a4:64:a4:59:
34:c2:e6:3f
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIUERUMnjZkGiTtYpKmE4eYpSoAesgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzAzMTgwMDAwMDBaFw0yMzA0MjIyMzU5NTlaMIGlMUkwRwYD
VQQFE0BkMTYzNGQ5ZTY1NjNmZjJiMmU1ODcyZjBjNzQ1NThjN2NlZTRlZGQyOGY0
NmMwMGRmZjQ2NzEyYTZiMTI5MTA5MS0wKwYDVQQDEyQ2NjE1YTM4Yi0zYWQ3LTQ3
YjctOGZiMi02ODVjMzhkMDA5MTQxFDASBgNVBAsTC0FtYXpvbiBSUEtJMRMwEQYD
VQQKEwpBbWF6b24uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
uDnTTfSPFUK5xw6Jt0IVYPwmB4ierl8bSqpvf4YAQruAUpUtySjhbuIO4dtrH5+7
YNbt0KrY1EyvLYH6bXPdloA7WkM2z5lFGCwq2ga4SFo0uKNvxxHt5fOerKGABMVk
Yx1CbHrpeH3tGRwTA65ww3NJKJPAWh/QRNk5AKU1wbObgW4tbOA0Q6XmClFypxJ2
ttBk2HG1yYrlYlpB5ow0RAzlEXwbaxggAzWxFL4FF2JRZOO4plwdHgOYvfLF5W1S
2fSPlZvwafbEUwCKiqOeGdHeMNHgUimG8H3Pxnz3Xj/nsu+qif3ZOm20qyyvlM4/
B9lkTZkb+2CsT0F/0BIgpQIDAQABo4ICIzCCAh8wHQYDVR0OBBYEFCJHi7VtE1Go
D1TgT/L2Ltz2wkiqMB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8MA4G
A1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVuZFo1
UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsGAQUF
BzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5jb20v
dm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC8wZmEy
M2Q2Yy1mZDVhLTRkNGMtOTUwNC1mYTkzYTIyZjUyY2Iucm9hMIGIBgNVHR8EgYAw
fjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
dU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXQckAwDQYJ
KoZIhvcNAQELBQADggEBAMV79ggFWeYDBzcDSFjf/0PadJtgonzv3VcKqsb+gmcA
sLTtR1iYtX6y/axeoG8FLKFA3/Z8/hpaTgGCi3wSNMRL63TAwC04fuw39B2IfKC2
obEIfKLumetCJoIJqP2rgG7F0vTq8TpGds1trN3BA1sllz4ePBnADoe4cwzEKweQ
gqKKp026RxSFEKVw2M3/yB7AqsjbRrm8vVUXeUAfEZFwG9iUt8QWtHZx7U/9F0sa
GBssGp1fXx6A/gQfP5E2nCL3FB3ofPCwX/U3kuc6tsqxdc7bjuvOSzw7FFIlnzw4
57FalDcTMzkXmRMdV4OxsqlzNbZSeRVYpGSkWTTC5j8=
-----END CERTIFICATE-----
Generated at Sat Mar 18 15:26:01 2023 by rpki-client on console-ams.rpki-client.org