Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1795bad4-1696-423a-a7cd-1c56076897d9.roa
File: 1795bad4-1696-423a-a7cd-1c56076897d9.roa (raw, json)
Hash identifier: OGZ5alKL3XdVH5s6I2EHT0ZRbh1q5cH3kdxvG2toDAc=
Subject key identifier: AE:F1:1B:A9:B9:ED:BB:B2:EE:1D:9F:A3:02:8B:F9:5A:85:42:F3:FD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0EB4B77963564EBC9F42120248C695DC59E06FDB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1795bad4-1696-423a-a7cd-1c56076897d9.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:b4:b7:79:63:56:4e:bc:9f:42:12:02:48:c6:95:dc:59:e0:6f:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=757eaa8af5ed967a5752e4f626eaa50cc538e0fd387f787d963e5791210060e5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:42:ff:0c:ee:97:00:92:5e:3b:82:6a:0c:9d:
c4:37:f1:5e:35:59:5b:8f:a7:e8:97:52:d3:1d:86:
53:c5:41:af:a4:a6:b1:34:69:d2:d5:e7:17:87:bb:
87:3e:b4:9e:2e:4c:63:06:0f:09:e2:3e:f3:35:31:
10:7b:9e:ce:c8:18:b8:a9:ed:40:f9:5f:1e:a3:02:
10:08:4f:fd:30:52:91:84:c7:01:82:34:1a:86:6c:
5f:5e:b8:ac:7a:db:20:f7:49:19:a7:fa:b0:37:08:
7c:d2:0d:dd:4d:ba:7b:99:0a:8c:0d:a4:f7:9a:70:
b1:fb:d3:f3:f0:71:e2:53:00:87:fe:58:44:2f:2a:
c3:2f:c5:b5:a3:ea:b4:5e:0d:d6:7e:5e:33:67:af:
d4:3d:ab:25:6c:c1:be:f6:17:04:47:72:7a:3a:1b:
a9:94:c0:3c:53:b9:1a:b0:f6:b7:37:46:9a:58:7f:
ab:09:73:df:e4:eb:40:3d:e4:59:13:e3:af:5a:2c:
85:a8:c6:2d:c6:95:e1:a9:a3:3a:02:fd:76:cb:44:
85:32:28:ba:77:01:fa:77:06:63:08:22:fd:b9:7c:
4d:18:6d:ae:e0:af:e8:7d:51:5d:7f:2b:cf:88:d1:
fb:26:f1:e5:43:19:17:44:e4:80:13:b9:3d:0f:b9:
a5:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:F1:1B:A9:B9:ED:BB:B2:EE:1D:9F:A3:02:8B:F9:5A:85:42:F3:FD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1795bad4-1696-423a-a7cd-1c56076897d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:4000::/40
Signature Algorithm: sha256WithRSAEncryption
a6:df:7c:20:f0:4a:4d:3e:98:fc:e0:ad:67:a6:8b:45:85:fb:
3f:6e:ab:0a:db:c8:14:90:fc:a7:92:58:0f:95:52:95:80:53:
df:fc:a0:17:42:43:f9:b7:76:ec:3f:30:a1:22:64:6c:d7:c7:
11:f7:3e:b9:b1:aa:00:92:6e:78:d2:15:8d:1a:97:2e:3a:7c:
17:43:ba:a0:4d:95:5e:ec:7e:df:2c:14:d5:da:f6:85:4c:5f:
e6:5c:85:11:b5:2a:37:a5:33:f0:3c:85:12:a7:b2:d6:80:45:
69:bd:37:25:d9:e1:cc:25:a0:87:63:8d:88:93:6b:24:08:ce:
c2:68:bb:4e:17:52:cb:a0:89:e4:c9:fc:70:38:ef:f1:75:3f:
97:fb:81:c1:08:96:0c:5f:dc:a5:8f:c7:99:1a:b3:d7:81:7a:
89:dc:dc:53:b0:1a:13:f6:21:19:83:b6:a4:6a:48:6f:bd:51:
0f:fa:88:f0:06:c6:57:a1:d5:67:26:51:a6:09:47:e4:5c:0e:
fd:15:63:fd:95:28:5d:43:a8:2d:9f:79:dc:55:ed:e4:aa:1c:
8f:4d:0c:f1:21:da:48:83:e5:b3:e7:0d:de:fc:57:49:9b:02:
2c:59:57:63:5a:74:43:79:3e:e2:93:03:e0:1c:0a:0b:e9:5c:
aa:0a:2c:86
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDrS3eWNWTryfQhICSMaV3Fngb9swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDc1N2VhYThhZjVlZDk2N2E1NzUyZTRmNjI2ZWFhNTBjYzUzOGUwZmQzODdm
Nzg3ZDk2M2U1NzkxMjEwMDYwZTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJlC/wzulwCSXjuCagydxDfxXjVZW4+n6JdS0x2GU8VBr6SmsTRp0tXnF4e7
hz60ni5MYwYPCeI+8zUxEHuezsgYuKntQPlfHqMCEAhP/TBSkYTHAYI0GoZsX164
rHrbIPdJGaf6sDcIfNIN3U26e5kKjA2k95pwsfvT8/Bx4lMAh/5YRC8qwy/FtaPq
tF4N1n5eM2ev1D2rJWzBvvYXBEdyejobqZTAPFO5GrD2tzdGmlh/qwlz3+TrQD3k
WRPjr1oshajGLcaV4amjOgL9dstEhTIouncB+ncGYwgi/bl8TRhtruCv6H1RXX8r
z4jR+ybx5UMZF0TkgBO5PQ+5pfcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSu8Rup
ue27su4dn6MCi/lahULz/TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTc5NWJhZDQtMTY5Ni00MjNhLWE3Y2QtMWM1NjA3Njg5N2Q5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HtA
MA0GCSqGSIb3DQEBCwUAA4IBAQCm33wg8EpNPpj84K1npotFhfs/bqsK28gUkPyn
klgPlVKVgFPf/KAXQkP5t3bsPzChImRs18cR9z65saoAkm540hWNGpcuOnwXQ7qg
TZVe7H7fLBTV2vaFTF/mXIURtSo3pTPwPIUSp7LWgEVpvTcl2eHMJaCHY42Ik2sk
CM7CaLtOF1LLoInkyfxwOO/xdT+X+4HBCJYMX9ylj8eZGrPXgXqJ3NxTsBoT9iEZ
g7akakhvvVEP+ojwBsZXodVnJlGmCUfkXA79FWP9lShdQ6gtn3ncVe3kqhyPTQzx
IdpIg+Wz5w3e/FdJmwIsWVdjWnRDeT7ikwPgHAoL6VyqCiyG
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:50:17 2023 by rpki-client on console-ams.rpki-client.org