Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27e57c8a-3f63-4773-a205-fef17d1cf1d1.roa
File: 27e57c8a-3f63-4773-a205-fef17d1cf1d1.roa (raw, json)
Hash identifier: SXRL8exvo3iT4qKSuEkiBGxPRZizjthWHNnh9Omk+Gs=
Subject key identifier: A4:73:64:6B:43:19:73:E3:5F:30:9B:95:B5:9C:20:33:7A:B3:CF:C3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5A63CB5DB6ED935F5D8A48840E4E118DBB5E9020
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27e57c8a-3f63-4773-a205-fef17d1cf1d1.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:63:cb:5d:b6:ed:93:5f:5d:8a:48:84:0e:4e:11:8d:bb:5e:90:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=d7399a71309a108fde93dad122645f39652bbddb60d3d36453647a3e6d28768d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:dd:63:b3:6b:6e:2f:9b:37:33:6a:99:02:a3:
b5:7a:0d:77:38:2a:f7:a9:5a:56:37:55:b7:36:57:
72:81:76:85:aa:02:91:02:0c:a1:11:61:cc:d3:ca:
a2:07:31:7c:ed:5e:e9:55:53:e7:6b:d1:ed:86:05:
b9:f3:90:bf:3c:98:5c:f6:8c:3e:86:c8:31:b2:c8:
d5:b3:07:30:cc:42:e7:e8:b8:7f:7d:45:58:65:a8:
f7:cc:42:da:cb:ec:f3:eb:64:ed:c3:47:d0:61:67:
a2:2b:0a:d4:7b:1a:2b:5d:94:34:b2:9d:5a:0f:0c:
31:f1:c2:9f:a6:23:f2:6b:1c:d9:c9:9d:f4:70:1e:
21:5b:0c:c9:f1:b6:23:39:46:a4:8d:b3:37:34:45:
38:3b:49:b4:5f:b5:df:5c:b1:09:e8:c0:56:eb:83:
1e:09:b4:ed:3a:1d:c4:b6:a5:ee:e1:80:6b:62:56:
ac:2d:b6:61:8b:79:56:1d:e9:0f:d5:73:7f:f4:3a:
e4:e8:bd:9e:25:5e:0b:15:dc:75:a2:6b:46:89:93:
9a:4c:e9:cc:5d:45:6e:c4:33:3e:96:3a:6c:8b:95:
3d:20:6b:12:7e:8b:2e:27:f4:3b:34:e4:92:c9:3f:
d1:f1:1f:4e:3f:db:7e:9b:1f:bf:4b:9f:8f:e2:a7:
15:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:73:64:6B:43:19:73:E3:5F:30:9B:95:B5:9C:20:33:7A:B3:CF:C3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27e57c8a-3f63-4773-a205-fef17d1cf1d1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:5000::/40
Signature Algorithm: sha256WithRSAEncryption
1b:9b:2f:28:21:db:90:66:be:c7:b7:44:83:b4:73:32:3b:f3:
9c:62:08:9e:2d:7a:c1:a7:d6:8d:23:9e:cc:ce:b1:28:fa:36:
7d:59:3b:2e:21:80:1b:e8:73:ec:7f:32:66:f8:0a:9c:f6:d8:
d9:39:a7:a9:3c:67:10:9f:cb:b2:ed:aa:bb:43:56:95:8f:e4:
3b:3c:57:ff:65:07:7b:36:b9:f4:c7:46:96:c1:51:8b:0e:6b:
7b:36:74:39:38:a4:c9:17:7c:a9:72:3b:43:4e:4a:93:a2:90:
a9:71:3a:1d:d6:13:9b:03:d2:8b:8d:46:1c:1f:fe:64:2a:51:
36:b6:b9:cb:ea:25:d1:76:7f:6c:eb:d5:0b:78:f8:2b:fe:de:
ef:66:10:c7:48:fc:21:9a:7f:8b:e4:c7:fd:e1:fe:f5:eb:a7:
39:17:8d:c6:d3:38:6f:96:76:bc:f7:81:62:12:eb:68:91:22:
66:17:97:b1:ac:15:60:85:94:1e:40:af:e4:ea:9c:25:40:fa:
ed:7a:12:64:6f:d7:37:69:4a:d1:f4:2e:c7:07:bd:3e:44:5d:
94:30:3e:4c:a1:ab:11:3e:02:1a:a9:f9:fe:6f:36:21:47:69:
dd:bb:c5:bd:bb:b9:6a:ad:35:ad:1d:47:d4:d0:33:66:24:c8:
1d:c0:4d:fc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWmPLXbbtk19dikiEDk4RjbtekCAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ3Mzk5YTcxMzA5YTEwOGZkZTkzZGFkMTIyNjQ1ZjM5NjUyYmJkZGI2MGQz
ZDM2NDUzNjQ3YTNlNmQyODc2OGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALHdY7Nrbi+bNzNqmQKjtXoNdzgq96laVjdVtzZXcoF2haoCkQIMoRFhzNPK
ogcxfO1e6VVT52vR7YYFufOQvzyYXPaMPobIMbLI1bMHMMxC5+i4f31FWGWo98xC
2svs8+tk7cNH0GFnoisK1HsaK12UNLKdWg8MMfHCn6Yj8msc2cmd9HAeIVsMyfG2
IzlGpI2zNzRFODtJtF+131yxCejAVuuDHgm07TodxLal7uGAa2JWrC22YYt5Vh3p
D9Vzf/Q65Oi9niVeCxXcdaJrRomTmkzpzF1FbsQzPpY6bIuVPSBrEn6LLif0OzTk
ksk/0fEfTj/bfpsfv0ufj+KnFWECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSkc2Rr
Qxlz418wm5W1nCAzerPPwzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjdlNTdjOGEtM2Y2My00NzczLWEyMDUtZmVmMTdkMWNmMWQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAbmy8oIduQZr7Ht0SDtHMyO/OcYgieLXrBp9aN
I57MzrEo+jZ9WTsuIYAb6HPsfzJm+Aqc9tjZOaepPGcQn8uy7aq7Q1aVj+Q7PFf/
ZQd7Nrn0x0aWwVGLDmt7NnQ5OKTJF3ypcjtDTkqTopCpcTod1hObA9KLjUYcH/5k
KlE2trnL6iXRdn9s69ULePgr/t7vZhDHSPwhmn+L5Mf94f7166c5F43G0zhvlna8
94FiEutokSJmF5exrBVghZQeQK/k6pwlQPrtehJkb9c3aUrR9C7HB70+RF2UMD5M
oasRPgIaqfn+bzYhR2ndu8W9u7lqrTWtHUfU0DNmJMgdwE38
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:26 2023 by rpki-client on console-ams.rpki-client.org