Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/247ad9fa-bec9-4b2a-bf50-46f08250e756.roa
File: 247ad9fa-bec9-4b2a-bf50-46f08250e756.roa (raw, json)
Hash identifier: 7bGdQdSZ2b5vWE8ZLwNoBVCcnTnjTrvmVl/1xcowjAE=
Subject key identifier: 17:FA:9D:78:35:93:0A:8E:0B:4E:A2:30:A2:58:0F:D2:67:42:66:87
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 67763D105390047568E3D17077E018178A56C7E9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/247ad9fa-bec9-4b2a-bf50-46f08250e756.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Apr 2024 17:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:76:3d:10:53:90:04:75:68:e3:d1:70:77:e0:18:17:8a:56:c7:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=2a7645171be8705a53e208e632069c981f1dd679e82d8150aa4795e4dcf1af30, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:4e:86:3d:f7:03:18:96:9a:c2:15:27:8d:22:
74:a6:fc:fa:a0:be:63:78:f5:ef:96:72:9a:40:5c:
da:bb:7f:5d:1c:5f:f1:a9:38:f9:5b:32:09:d9:7c:
97:33:ef:4b:0f:58:36:77:ef:cf:03:48:70:f2:1f:
2a:7d:09:c5:fc:01:66:ba:79:8f:99:89:db:90:5b:
52:80:b5:a3:e5:d7:35:fc:4c:db:62:55:5e:e7:f7:
32:be:c0:7e:aa:d5:4d:51:bb:36:27:0c:d2:34:8f:
22:12:32:04:39:9c:f2:ea:8d:db:5d:36:d0:b3:39:
8d:5f:bc:7b:f5:fd:73:1d:37:76:1a:4d:a4:ea:0f:
3b:5f:ea:12:5c:06:ee:8a:52:a0:85:97:b1:3f:ea:
fd:b4:05:8d:09:55:81:b4:57:60:d0:6e:ff:4b:2c:
d9:68:0d:c7:48:21:8b:5b:e9:07:4e:b0:5f:b4:39:
9f:9f:ae:61:96:98:a5:6f:4b:f0:ae:82:82:87:be:
8b:d5:43:39:58:4b:c5:87:d2:1e:ad:ae:1b:0f:53:
8f:cb:a9:a9:74:18:eb:3f:7b:32:ec:20:5a:81:41:
71:19:fd:e9:2f:87:b2:84:77:04:ca:4e:2c:c6:a9:
d9:6f:34:31:02:3d:69:b9:cf:57:71:98:d8:ae:35:
29:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:FA:9D:78:35:93:0A:8E:0B:4E:A2:30:A2:58:0F:D2:67:42:66:87
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/247ad9fa-bec9-4b2a-bf50-46f08250e756.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:5000::/40
Signature Algorithm: sha256WithRSAEncryption
36:ea:a8:ba:30:c1:9b:d6:40:05:74:6d:ca:1e:8a:1b:2e:0a:
8b:15:2c:c0:31:40:3c:f0:f2:e9:f1:0b:64:32:78:4e:e5:68:
b0:ce:33:72:0f:2b:27:62:4e:44:15:a9:ef:f3:01:e3:cb:cc:
f6:8c:98:f1:26:a7:70:0a:9f:f3:f1:8a:54:75:f8:ea:6e:6a:
f9:4a:84:c3:73:4a:e8:a7:bf:c0:3a:cf:02:a2:ce:ae:fa:2c:
64:fe:df:77:8d:00:8f:79:54:27:d6:7c:55:e4:26:27:c7:f1:
15:b9:b4:8b:46:94:6f:51:f3:0f:d8:07:71:59:96:69:7a:2a:
42:76:86:76:fe:aa:0d:d1:08:1a:fe:c2:21:3b:06:d2:83:48:
c3:7b:37:f2:69:44:62:23:5a:8a:1c:9a:ed:f5:78:0e:2e:be:
4d:df:24:bf:6e:36:af:fc:e5:dd:34:fc:b2:74:e3:58:24:00:
7f:1f:e3:a4:a2:76:65:0a:a0:60:d6:1a:67:db:b7:94:4e:91:
80:55:42:c3:87:aa:46:d1:47:00:42:7f:a7:58:13:83:79:7c:
c3:4f:1d:54:52:30:19:7a:aa:b1:3f:09:fb:d0:77:68:0f:80:
e3:68:43:0d:cb:37:dc:48:e9:ab:09:87:c3:e6:92:4a:dc:15:
bb:1a:b8:57
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZ3Y9EFOQBHVo49Fwd+AYF4pWx+kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhNzY0NTE3MWJlODcwNWE1M2UyMDhlNjMyMDY5Yzk4MWYxZGQ2NzllODJk
ODE1MGFhNDc5NWU0ZGNmMWFmMzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJFOhj33AxiWmsIVJ40idKb8+qC+Y3j175ZymkBc2rt/XRxf8ak4+VsyCdl8
lzPvSw9YNnfvzwNIcPIfKn0JxfwBZrp5j5mJ25BbUoC1o+XXNfxM22JVXuf3Mr7A
fqrVTVG7NicM0jSPIhIyBDmc8uqN21020LM5jV+8e/X9cx03dhpNpOoPO1/qElwG
7opSoIWXsT/q/bQFjQlVgbRXYNBu/0ss2WgNx0ghi1vpB06wX7Q5n5+uYZaYpW9L
8K6Cgoe+i9VDOVhLxYfSHq2uGw9Tj8upqXQY6z97MuwgWoFBcRn96S+HsoR3BMpO
LMap2W80MQI9abnPV3GY2K41KYUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQX+p14
NZMKjgtOojCiWA/SZ0JmhzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjQ3YWQ5ZmEtYmVjOS00YjJhLWJmNTAtNDZmMDgyNTBlNzU2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DpQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA26qi6MMGb1kAFdG3KHoobLgqLFSzAMUA88PLp
8QtkMnhO5WiwzjNyDysnYk5EFanv8wHjy8z2jJjxJqdwCp/z8YpUdfjqbmr5SoTD
c0rop7/AOs8Cos6u+ixk/t93jQCPeVQn1nxV5CYnx/EVubSLRpRvUfMP2AdxWZZp
eipCdoZ2/qoN0Qga/sIhOwbSg0jDezfyaURiI1qKHJrt9XgOLr5N3yS/bjav/OXd
NPyydONYJAB/H+OkonZlCqBg1hpn27eUTpGAVULDh6pG0UcAQn+nWBODeXzDTx1U
UjAZeqqxPwn70HdoD4DjaEMNyzfcSOmrCYfD5pJK3BW7GrhX
-----END CERTIFICATE-----
Generated at Sat Apr 20 01:09:33 2024 by rpki-client on console-ams.rpki-client.org