Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/190e1645-8146-4d32-be0a-feed324f8efa.roa
File: 190e1645-8146-4d32-be0a-feed324f8efa.roa (raw, json)
Hash identifier: rCnfA8sVk8mF8k7AdJTA+DvhY6zl0zalKJ7ul5tR+nk=
Subject key identifier: 7C:4F:B3:70:E4:FA:4C:51:68:E7:12:FA:B0:DB:B2:FE:64:AE:E9:DD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 36F3BCD45F73EFB556B5C60FCB93FDB9B336B867
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/190e1645-8146-4d32-be0a-feed324f8efa.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:f3:bc:d4:5f:73:ef:b5:56:b5:c6:0f:cb:93:fd:b9:b3:36:b8:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=fb3ccc3bb92a4118bf587cb43a062c497c3a918cc50e5f64b29ae61849b1c578, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ed:9a:65:13:90:73:22:ea:ff:2b:16:d8:23:
e4:ff:73:e6:0b:1d:4d:10:27:b7:3a:3b:63:a6:72:
4e:48:fa:f2:dc:79:4b:5b:2a:ff:db:22:1c:c6:5e:
86:5b:2f:e8:6b:2b:e8:bb:e8:c6:95:38:bc:b9:c6:
38:bb:2c:21:52:fe:77:75:22:92:33:42:9f:f5:bd:
34:74:ea:41:16:70:fb:2d:d1:d7:a9:35:79:f2:f9:
05:73:64:c7:6c:7c:42:b0:ee:22:4d:09:ec:1f:b1:
56:3d:f6:e0:99:b4:f0:4f:7f:82:0b:ce:a9:e1:44:
6f:d1:87:23:56:95:34:6d:ae:8d:22:8e:f5:b0:39:
7e:ae:78:73:18:4d:c1:78:84:81:d6:6c:e7:a0:66:
a0:c8:ea:b4:2b:96:5d:60:20:82:76:b6:2a:8b:88:
e9:42:6c:14:5a:f0:96:3e:62:d2:2a:d1:0e:cb:db:
c6:9f:15:04:52:c9:05:91:e1:0d:dd:9b:1d:e4:8f:
69:2d:d7:29:38:4a:51:14:d8:61:d0:4b:ae:af:d8:
15:77:dd:4b:fc:62:a9:df:f7:22:d2:04:46:a5:cc:
7f:af:e3:a7:3e:c7:7e:db:f4:2b:b5:47:eb:46:e1:
98:64:e2:1b:01:d7:2c:21:40:fc:87:37:c9:fb:7c:
02:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:4F:B3:70:E4:FA:4C:51:68:E7:12:FA:B0:DB:B2:FE:64:AE:E9:DD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/190e1645-8146-4d32-be0a-feed324f8efa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:a000::/40
Signature Algorithm: sha256WithRSAEncryption
4a:c1:e3:18:87:63:bf:14:3e:0f:f7:49:67:b4:4e:fc:e9:80:
34:4d:4e:f1:9b:5c:d5:dc:60:46:1a:d2:4a:35:8a:66:4f:16:
16:92:03:53:27:05:a6:6a:02:b6:87:49:43:2b:a3:3f:8a:41:
12:d9:a8:67:8e:eb:45:5a:5e:20:59:01:64:46:4a:d8:2b:ac:
90:2e:8f:4b:23:8c:d5:8e:ea:2e:e0:1b:0a:cc:a9:e9:c2:3a:
93:ba:57:12:47:5c:c0:fb:c7:e3:c9:40:0b:55:ad:99:46:90:
4c:d7:68:3d:f7:ef:cc:69:77:a8:8d:da:e3:82:2e:24:74:0d:
2f:a0:5f:00:89:dc:3c:1a:0f:57:d4:11:d4:60:6e:ac:b8:5e:
d1:15:7f:33:31:16:81:8c:90:21:80:2b:0d:6f:65:19:76:f5:
09:bb:d1:88:6b:16:51:f0:b3:cd:b5:10:64:95:d7:79:07:ef:
f9:7c:6a:29:13:0f:5a:ee:c9:96:95:5d:ef:fd:bc:51:b2:ab:
27:00:02:23:e1:be:26:8f:51:44:ec:99:fe:8e:9d:69:89:a4:
29:e2:ea:56:75:7d:51:50:82:94:75:7a:56:ca:d6:be:05:ae:
db:38:26:f5:9f:2c:dc:99:4a:d7:aa:49:0f:3f:06:48:10:17:
f3:48:6e:53
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNvO81F9z77VWtcYPy5P9ubM2uGcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGZiM2NjYzNiYjkyYTQxMThiZjU4N2NiNDNhMDYyYzQ5N2MzYTkxOGNjNTBl
NWY2NGIyOWFlNjE4NDliMWM1NzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN3tmmUTkHMi6v8rFtgj5P9z5gsdTRAntzo7Y6ZyTkj68tx5S1sq/9siHMZe
hlsv6Gsr6LvoxpU4vLnGOLssIVL+d3UikjNCn/W9NHTqQRZw+y3R16k1efL5BXNk
x2x8QrDuIk0J7B+xVj324Jm08E9/ggvOqeFEb9GHI1aVNG2ujSKO9bA5fq54cxhN
wXiEgdZs56BmoMjqtCuWXWAggna2KouI6UJsFFrwlj5i0irRDsvbxp8VBFLJBZHh
Dd2bHeSPaS3XKThKURTYYdBLrq/YFXfdS/xiqd/3ItIERqXMf6/jpz7Hftv0K7VH
60bhmGTiGwHXLCFA/Ic3yft8AicCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR8T7Nw
5PpMUWjnEvqw27L+ZK7p3TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTkwZTE2NDUtODE0Ni00ZDMyLWJlMGEtZmVlZDMyNGY4ZWZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DSg
MA0GCSqGSIb3DQEBCwUAA4IBAQBKweMYh2O/FD4P90lntE786YA0TU7xm1zV3GBG
GtJKNYpmTxYWkgNTJwWmagK2h0lDK6M/ikES2ahnjutFWl4gWQFkRkrYK6yQLo9L
I4zVjuou4BsKzKnpwjqTulcSR1zA+8fjyUALVa2ZRpBM12g99+/MaXeojdrjgi4k
dA0voF8Aidw8Gg9X1BHUYG6suF7RFX8zMRaBjJAhgCsNb2UZdvUJu9GIaxZR8LPN
tRBkldd5B+/5fGopEw9a7smWlV3v/bxRsqsnAAIj4b4mj1FE7Jn+jp1piaQp4upW
dX1RUIKUdXpWyta+Ba7bOCb1nyzcmUrXqkkPPwZIEBfzSG5T
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:50:17 2023 by rpki-client on console-ams.rpki-client.org