Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/190e1645-8146-4d32-be0a-feed324f8efa.roa
File: 190e1645-8146-4d32-be0a-feed324f8efa.roa (raw, json)
Hash identifier: xBIpkvvARyrG/svN1yzYUsx87EX9fMXzhynvzNqNg5Y=
Subject key identifier: B9:EA:51:CA:4F:05:F3:54:A6:5C:DA:3E:E5:11:98:69:E5:6F:23:12
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69A1BC9536B81737DB6180B4D77A520F6F92E53F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/190e1645-8146-4d32-be0a-feed324f8efa.roa
Signing time: Tue 23 Apr 2024 00:00:00 +0000
ROA not before: Tue 23 Apr 2024 00:00:00 +0000
ROA not after: Tue 28 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:a1:bc:95:36:b8:17:37:db:61:80:b4:d7:7a:52:0f:6f:92:e5:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 23 00:00:00 2024 GMT
Not After : May 28 23:59:59 2024 GMT
Subject: serialNumber=f2e36cc4d33d0c700b633fce318a77583fbcc715e6493cb62edb2478b2ec2ac0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ad:a4:2a:df:c4:69:88:8a:83:ed:bc:05:b5:
0a:d6:f4:19:3a:ed:0d:24:1a:a2:99:ea:a3:ba:83:
a1:20:cd:2f:2b:d3:11:08:58:c7:54:98:fa:4f:45:
d7:fe:c3:88:26:44:30:42:8b:a5:03:98:70:fe:7e:
f7:1d:14:6d:37:b1:47:33:c9:8e:1f:f3:1d:e8:8e:
51:d8:aa:63:d0:a2:70:3c:0f:b1:64:16:c8:90:44:
c5:0d:45:0b:06:9c:4a:0d:12:f2:a3:e7:00:a9:05:
77:4b:dc:57:54:a4:89:86:a6:f8:c5:1e:ec:6a:31:
0d:37:2b:07:85:f1:d3:b0:da:1b:a0:83:6c:cc:cf:
b6:70:db:8e:ca:f9:ea:1e:0e:52:ac:47:6d:59:df:
d4:87:60:71:b6:47:0a:c0:4a:17:f2:ca:0a:0f:0c:
75:85:63:e7:a1:17:63:55:9d:c5:f6:49:c5:55:5a:
f7:11:ee:24:6c:fe:68:cb:44:01:36:df:76:d4:a7:
6d:2c:94:ef:c7:dd:7e:09:0a:7c:7b:32:e2:f8:2d:
23:4b:d6:20:01:1f:d3:2c:93:cb:4a:e5:18:3f:4f:
48:7b:43:ff:4f:e6:a3:f3:18:09:bc:14:d4:94:bb:
16:4d:b4:7f:11:fc:fc:b4:d3:6f:74:fc:d8:02:ae:
a5:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:EA:51:CA:4F:05:F3:54:A6:5C:DA:3E:E5:11:98:69:E5:6F:23:12
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/190e1645-8146-4d32-be0a-feed324f8efa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:a000::/40
Signature Algorithm: sha256WithRSAEncryption
86:d7:de:8c:4c:ca:c5:05:43:c2:9c:85:f6:0e:27:15:90:9c:
53:d7:5c:69:fd:84:7c:73:c2:13:a0:ee:34:b4:8e:51:f1:78:
99:10:99:bf:4b:4f:7c:fd:53:f9:c5:f8:c5:fe:42:b6:46:48:
4f:fb:8d:df:6b:c5:43:23:57:e0:c7:82:2b:f6:3b:69:19:0b:
a8:27:6d:1c:6d:1a:74:e3:9a:7a:79:50:03:f1:ae:6e:f7:4c:
3a:2f:eb:d0:e5:0b:9e:b9:9f:c4:d7:75:97:2f:97:b7:1f:a0:
42:74:66:d2:e2:db:9f:b8:5d:8e:a4:c4:e0:dd:a1:89:73:34:
cb:66:c5:0f:95:10:87:e1:6e:70:ee:cc:80:a4:a1:e1:ea:89:
8d:2f:8d:ec:ef:f4:3d:75:59:66:c5:03:12:cd:0b:94:cb:0c:
73:9f:22:37:4f:d6:79:3a:57:44:2c:2a:e3:95:e2:93:81:2b:
4b:84:9c:c6:3c:a2:28:db:8c:17:b2:7d:14:28:d8:cb:af:1e:
bf:d0:9b:d5:76:5a:2f:fb:66:66:06:7c:de:7a:b1:0e:24:b3:
e6:06:e4:8c:0f:21:65:29:c2:3c:4f:89:6f:ea:cd:ec:38:96:
cb:a9:20:f2:ca:1b:91:48:22:69:95:a8:d6:25:b7:66:0c:e2:
ee:c6:ff:2b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaaG8lTa4FzfbYYC013pSD2+S5T8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MjMwMDAwMDBaFw0yNDA1MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyZTM2Y2M0ZDMzZDBjNzAwYjYzM2ZjZTMxOGE3NzU4M2ZiY2M3MTVlNjQ5
M2NiNjJlZGIyNDc4YjJlYzJhYzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALqtpCrfxGmIioPtvAW1Ctb0GTrtDSQaopnqo7qDoSDNLyvTEQhYx1SY+k9F
1/7DiCZEMEKLpQOYcP5+9x0UbTexRzPJjh/zHeiOUdiqY9CicDwPsWQWyJBExQ1F
CwacSg0S8qPnAKkFd0vcV1SkiYam+MUe7GoxDTcrB4Xx07DaG6CDbMzPtnDbjsr5
6h4OUqxHbVnf1IdgcbZHCsBKF/LKCg8MdYVj56EXY1WdxfZJxVVa9xHuJGz+aMtE
ATbfdtSnbSyU78fdfgkKfHsy4vgtI0vWIAEf0yyTy0rlGD9PSHtD/0/mo/MYCbwU
1JS7Fk20fxH8/LTTb3T82AKupf8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS56lHK
TwXzVKZc2j7lEZhp5W8jEjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTkwZTE2NDUtODE0Ni00ZDMyLWJlMGEtZmVlZDMyNGY4ZWZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DSg
MA0GCSqGSIb3DQEBCwUAA4IBAQCG196MTMrFBUPCnIX2DicVkJxT11xp/YR8c8IT
oO40tI5R8XiZEJm/S098/VP5xfjF/kK2RkhP+43fa8VDI1fgx4Ir9jtpGQuoJ20c
bRp045p6eVAD8a5u90w6L+vQ5QueuZ/E13WXL5e3H6BCdGbS4tufuF2OpMTg3aGJ
czTLZsUPlRCH4W5w7syApKHh6omNL43s7/Q9dVlmxQMSzQuUywxznyI3T9Z5OldE
LCrjleKTgStLhJzGPKIo24wXsn0UKNjLrx6/0JvVdlov+2ZmBnzeerEOJLPmBuSM
DyFlKcI8T4lv6s3sOJbLqSDyyhuRSCJplajWJbdmDOLuxv8r
-----END CERTIFICATE-----
Generated at Fri Apr 26 02:47:30 2024 by rpki-client on console-ams.rpki-client.org