Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d9a8425-e89b-4598-a680-84c5b341edfd.roa
File: 1d9a8425-e89b-4598-a680-84c5b341edfd.roa (raw, json)
Hash identifier: e/cVCeabxYq/bu+iKARDvqfoM2wx2NrrRtxWWJRprfE=
Subject key identifier: 20:4B:C3:B9:95:2B:00:F6:24:28:4F:43:F9:FD:D1:ED:A8:28:89:F1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7F6DB55DEDF09B3B4521ED441CCFEAB801FA5DFF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d9a8425-e89b-4598-a680-84c5b341edfd.roa
Signing time: Fri 29 Mar 2024 00:00:00 +0000
ROA not before: Fri 29 Mar 2024 00:00:00 +0000
ROA not after: Fri 03 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Apr 2024 19:21:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:6d:b5:5d:ed:f0:9b:3b:45:21:ed:44:1c:cf:ea:b8:01:fa:5d:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 29 00:00:00 2024 GMT
Not After : May 3 23:59:59 2024 GMT
Subject: serialNumber=d09e5270995b785e9f3a8e27a26e3d77a1e0c0644778e2463f71acdd178f1b0b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:af:d8:67:39:76:dd:5e:5b:e4:95:3f:c6:b5:
7b:33:08:f0:d8:0b:44:21:d2:ba:df:f3:9c:01:4e:
b5:c6:90:5d:7b:0a:6c:4e:38:4f:b1:ac:ec:7a:a9:
d9:48:1f:d9:2b:83:84:b3:84:eb:da:a1:87:06:0b:
14:d1:f9:ee:83:1d:8e:83:e5:18:42:3a:93:cc:ae:
68:31:95:9f:02:52:d9:7f:ce:24:27:1f:05:50:a0:
45:8d:5b:3f:bb:e5:3b:a5:7a:db:72:6b:22:40:ea:
b1:15:66:bc:7a:51:d7:ef:d5:e6:8e:e4:98:cf:22:
b8:1f:29:8d:c2:0d:fa:b6:7e:a4:ae:bc:a8:3d:e5:
45:4d:e3:d5:3a:b0:ea:b3:3c:58:08:cf:52:db:99:
79:1d:fc:03:9c:68:e7:8a:dd:78:65:44:74:34:0f:
a6:7c:30:b1:91:88:43:f2:54:6c:3f:f3:26:84:b2:
0b:2d:a3:58:cc:67:91:54:d6:f8:b8:dd:b8:38:0f:
21:98:2d:22:ee:0e:e4:aa:5c:2b:3b:4a:19:a7:4a:
fc:fa:2c:46:0a:64:7e:9b:8a:7c:5a:27:1f:74:96:
dc:78:05:4b:b5:cc:e5:6b:0d:0e:fa:0e:df:8c:d8:
6c:aa:9f:c0:c4:af:05:e3:ae:23:d6:30:6b:64:6b:
ec:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:4B:C3:B9:95:2B:00:F6:24:28:4F:43:F9:FD:D1:ED:A8:28:89:F1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d9a8425-e89b-4598-a680-84c5b341edfd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:2000::/40
Signature Algorithm: sha256WithRSAEncryption
7c:48:00:96:7f:bc:8f:52:19:02:d0:e9:8b:ca:9e:fb:61:74:
72:87:b8:55:49:cd:be:ea:6f:02:ce:16:72:1f:09:8f:4d:9d:
c2:89:fc:af:85:ec:13:a4:9e:86:98:e2:fd:29:8a:2d:6e:29:
78:fe:cf:2c:c5:c8:d2:1e:28:bd:1c:d9:5e:b7:e0:22:9b:9b:
95:ab:ef:b4:82:7e:0b:a4:0d:97:99:21:4a:56:d2:1d:a0:24:
e3:91:dc:0e:b2:62:64:41:dc:f7:c1:f3:43:2a:b8:c4:83:ca:
73:22:d2:61:47:09:94:0b:ee:14:98:40:05:ad:03:48:6f:66:
02:00:41:f6:0f:d3:22:05:2c:f2:e6:1e:53:a7:fb:12:b4:d4:
71:6e:44:29:ff:89:32:c8:5e:af:5e:85:94:43:b2:a8:1d:2d:
e3:ca:71:47:f6:29:20:01:34:59:5f:e9:89:e5:7d:af:e3:d0:
32:ba:2b:16:61:cf:51:12:70:cf:b7:da:95:3d:40:38:aa:8e:
ed:de:d2:4d:e5:b3:02:4c:90:1a:53:09:97:ea:a2:47:a6:40:
95:12:41:a9:77:77:de:d1:e3:12:fa:f2:b4:2d:3a:8f:cd:f7:
dd:d0:57:09:d1:75:20:8e:6b:3f:fb:99:ca:60:6e:ba:b4:bb:
cf:97:d7:86
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUf221Xe3wmztFIe1EHM/quAH6Xf8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDAzMjkwMDAwMDBaFw0yNDA1MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQwOWU1MjcwOTk1Yjc4NWU5ZjNhOGUyN2EyNmUzZDc3YTFlMGMwNjQ0Nzc4
ZTI0NjNmNzFhY2RkMTc4ZjFiMGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ2v2Gc5dt1eW+SVP8a1ezMI8NgLRCHSut/znAFOtcaQXXsKbE44T7Gs7Hqp
2Ugf2SuDhLOE69qhhwYLFNH57oMdjoPlGEI6k8yuaDGVnwJS2X/OJCcfBVCgRY1b
P7vlO6V623JrIkDqsRVmvHpR1+/V5o7kmM8iuB8pjcIN+rZ+pK68qD3lRU3j1Tqw
6rM8WAjPUtuZeR38A5xo54rdeGVEdDQPpnwwsZGIQ/JUbD/zJoSyCy2jWMxnkVTW
+LjduDgPIZgtIu4O5KpcKztKGadK/PosRgpkfpuKfFonH3SW3HgFS7XM5WsNDvoO
34zYbKqfwMSvBeOuI9Ywa2Rr7F0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQgS8O5
lSsA9iQoT0P5/dHtqCiJ8TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWQ5YTg0MjUtZTg5Yi00NTk4LWE2ODAtODRjNWIzNDFlZGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FAg
MA0GCSqGSIb3DQEBCwUAA4IBAQB8SACWf7yPUhkC0OmLyp77YXRyh7hVSc2+6m8C
zhZyHwmPTZ3CifyvhewTpJ6GmOL9KYotbil4/s8sxcjSHii9HNlet+Aim5uVq++0
gn4LpA2XmSFKVtIdoCTjkdwOsmJkQdz3wfNDKrjEg8pzItJhRwmUC+4UmEAFrQNI
b2YCAEH2D9MiBSzy5h5Tp/sStNRxbkQp/4kyyF6vXoWUQ7KoHS3jynFH9ikgATRZ
X+mJ5X2v49AyuisWYc9REnDPt9qVPUA4qo7t3tJN5bMCTJAaUwmX6qJHpkCVEkGp
d3fe0eMS+vK0LTqPzffd0FcJ0XUgjms/+5nKYG66tLvPl9eG
-----END CERTIFICATE-----
Generated at Tue Apr 16 01:21:47 2024 by rpki-client on console-ams.rpki-client.org