Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa
File: 2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa (raw, json)
Hash identifier: rZI3i+5Llolu6obKnZvfl/AZS2ZCLfqKVPj0WcTyhOM=
Subject key identifier: 60:60:77:43:C3:0A:32:63:AE:FF:92:9A:31:61:16:3F:EE:19:6D:34
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1723556B6F6EB26194C0DCC8ECC11A237F705B0E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:23:55:6b:6f:6e:b2:61:94:c0:dc:c8:ec:c1:1a:23:7f:70:5b:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=fff3016d91334c9a774e6ea3762a40c1b627c1316e77cf82900f2ff8811e78ef, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:66:45:01:dc:a1:c5:0f:2c:b1:86:9f:44:f8:
f9:91:19:e9:ae:7b:46:90:1d:36:91:c7:9d:f9:6e:
bc:1e:2a:78:82:78:fe:4d:9a:46:41:36:00:3f:a9:
32:1a:9d:11:9e:7a:c4:e2:75:04:64:c4:7e:dd:e2:
19:ce:a8:57:62:8e:b0:55:70:d8:b0:b2:c2:24:f0:
31:1b:79:3c:7b:86:90:5b:bd:56:97:d8:08:6d:31:
7a:54:98:2a:05:27:4c:38:b8:a2:d2:8d:e5:23:53:
ae:85:b2:cc:e6:9c:11:8a:6c:cd:9b:26:34:14:f6:
a5:6b:43:48:cf:e3:87:d1:94:85:9e:4e:73:a6:3d:
9b:43:14:dd:33:79:cc:bf:c9:35:86:ee:8b:b7:26:
bc:4f:5b:91:8e:1a:41:ad:78:f5:bb:d7:4a:d5:e9:
9f:2f:56:c4:16:cf:b0:f2:69:56:5d:c0:db:98:2f:
96:1c:8a:cf:23:f9:86:74:b4:12:8c:e4:83:6e:8b:
3c:92:f3:43:1a:53:41:da:e1:fa:f5:db:b3:6b:19:
4e:16:14:3e:bb:56:ac:5b:a3:2c:cd:9a:5e:ee:78:
2b:a1:ec:05:3d:e7:2d:bb:19:e7:55:f5:e3:b7:6f:
37:93:98:f0:f3:b8:ee:db:cb:f8:96:7e:d6:ef:73:
ad:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:60:77:43:C3:0A:32:63:AE:FF:92:9A:31:61:16:3F:EE:19:6D:34
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:9000::/40
Signature Algorithm: sha256WithRSAEncryption
08:87:a3:9a:0c:a5:65:89:e1:c8:85:7e:60:7e:3e:6d:d4:64:
ef:9b:0b:0b:27:09:5c:d4:a0:f1:e2:28:e9:03:f4:4e:71:f7:
f2:b9:0c:ff:aa:fe:0c:fc:85:af:44:23:06:1e:c3:5b:ce:c5:
5f:f1:8c:99:85:e6:e0:d6:1f:67:7a:ac:bb:04:53:45:ec:51:
11:51:1c:76:b5:dc:b1:70:cf:3e:b7:91:64:68:7e:41:f7:63:
59:2c:92:9e:cd:d1:22:48:c9:ee:b8:04:56:50:23:cd:d5:bf:
42:cf:84:e2:20:19:e0:41:64:ce:44:05:5b:cd:f3:63:1d:6f:
f3:dc:76:ad:d6:28:55:10:fc:71:5f:63:09:1c:62:b6:1c:49:
b8:f6:bb:1c:e6:b0:45:e7:4f:8f:9a:7b:9e:f3:f8:9c:10:0a:
cf:23:4d:86:38:3d:3e:36:b2:37:4b:af:8e:e5:1a:f0:e5:d8:
c1:7f:db:73:2a:ea:d7:37:90:f6:07:17:81:99:b9:3d:a3:46:
a0:fb:88:ac:da:d0:34:a6:31:03:28:93:97:59:09:e6:31:86:
5f:5b:a9:58:79:06:d7:21:25:2b:38:6b:50:1b:ec:20:3c:d5:
03:27:ff:8d:96:50:e8:bb:da:61:7a:b0:72:eb:66:08:05:d4:
9f:79:da:21
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFyNVa29usmGUwNzI7MEaI39wWw4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmZjMwMTZkOTEzMzRjOWE3NzRlNmVhMzc2MmE0MGMxYjYyN2MxMzE2ZTc3
Y2Y4MjkwMGYyZmY4ODExZTc4ZWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKFmRQHcocUPLLGGn0T4+ZEZ6a57RpAdNpHHnfluvB4qeIJ4/k2aRkE2AD+p
MhqdEZ56xOJ1BGTEft3iGc6oV2KOsFVw2LCywiTwMRt5PHuGkFu9VpfYCG0xelSY
KgUnTDi4otKN5SNTroWyzOacEYpszZsmNBT2pWtDSM/jh9GUhZ5Oc6Y9m0MU3TN5
zL/JNYbui7cmvE9bkY4aQa149bvXStXpny9WxBbPsPJpVl3A25gvlhyKzyP5hnS0
Eozkg26LPJLzQxpTQdrh+vXbs2sZThYUPrtWrFujLM2aXu54K6HsBT3nLbsZ51X1
47dvN5OY8PO47tvL+JZ+1u9zrQECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRgYHdD
wwoyY67/kpoxYRY/7hltNDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmRmYjIwMmYtNjIwMi00OGRhLWEzYjMtOTRmMWFjMDAwYmM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FCQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAIh6OaDKVlieHIhX5gfj5t1GTvmwsLJwlc1KDx
4ijpA/ROcffyuQz/qv4M/IWvRCMGHsNbzsVf8YyZhebg1h9neqy7BFNF7FERURx2
tdyxcM8+t5FkaH5B92NZLJKezdEiSMnuuARWUCPN1b9Cz4TiIBngQWTORAVbzfNj
HW/z3Hat1ihVEPxxX2MJHGK2HEm49rsc5rBF50+Pmnue8/icEArPI02GOD0+NrI3
S6+O5Rrw5djBf9tzKurXN5D2BxeBmbk9o0ag+4is2tA0pjEDKJOXWQnmMYZfW6lY
eQbXISUrOGtQG+wgPNUDJ/+NllDou9pherBy62YIBdSfedoh
-----END CERTIFICATE-----
Generated at Fri Apr 19 01:44:15 2024 by rpki-client on console-ams.rpki-client.org