Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e8ff46f-71d1-4144-ae66-7a9b70606834.roa
File: 2e8ff46f-71d1-4144-ae66-7a9b70606834.roa (raw, json)
Hash identifier: QUewneIJbQsgp9M+ykG1lkU9oWn9GOTb2XizTKXU838=
Subject key identifier: 5A:E5:52:27:A2:FD:4A:3D:22:D7:01:4B:52:4E:8D:9A:62:8A:09:51
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5812E74C5ECD8B9FB14A86DB2FA51F68272D2944
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e8ff46f-71d1-4144-ae66-7a9b70606834.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:12:e7:4c:5e:cd:8b:9f:b1:4a:86:db:2f:a5:1f:68:27:2d:29:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=30f2ad4034154b9c8bf408c70f2c6bef27b4080b10bc1621b0eebfe550b7b9d4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b1:e4:19:e7:f1:7a:41:55:e6:3f:99:86:3d:
3a:e5:c6:4d:f8:65:f2:ad:9d:bb:ea:51:61:87:e3:
f9:32:8d:9b:11:12:6c:eb:b0:35:fb:be:a0:f0:1a:
27:86:4d:ba:66:66:0f:c1:7b:d3:32:9c:79:91:6a:
ab:67:e4:77:46:ad:f5:e6:20:e5:91:d8:4b:81:62:
bb:bb:ae:27:a8:ef:22:02:dd:1e:30:55:32:fe:4b:
b3:56:fd:e8:38:3d:b7:46:19:95:dc:17:fe:05:02:
ee:9e:4c:e9:d0:2f:32:f9:08:52:2b:37:c9:78:3f:
ab:31:1d:91:23:e6:85:79:43:f3:63:8b:cd:8c:e3:
83:f6:c5:60:f5:0d:af:58:56:84:34:50:72:af:c6:
cf:c1:f5:14:40:f4:e6:3f:f2:ed:e0:b1:ae:38:b1:
2e:31:e2:04:19:91:8c:5f:01:2d:8e:37:f3:b8:7c:
d3:fe:bb:9c:6f:10:4a:f7:73:0e:6f:96:48:b0:21:
b5:98:fc:4d:e3:a2:9c:0a:8b:35:5e:00:f4:8a:84:
ca:f7:82:cc:65:21:ce:f3:fc:5c:55:c1:ac:4e:99:
05:7d:d7:08:06:5a:80:f1:73:40:97:ee:8d:f4:00:
cc:42:9e:d1:7a:e9:4d:1b:77:e6:a2:c2:15:73:72:
8b:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:E5:52:27:A2:FD:4A:3D:22:D7:01:4B:52:4E:8D:9A:62:8A:09:51
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e8ff46f-71d1-4144-ae66-7a9b70606834.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:9000::/40
Signature Algorithm: sha256WithRSAEncryption
59:4f:64:e9:60:2c:cd:b6:c2:58:a1:74:54:93:0d:f2:2b:e2:
8c:ba:fd:22:ae:14:63:4a:17:b4:27:ef:54:55:4a:00:df:86:
2d:cd:05:cd:fd:00:90:ac:93:92:44:ac:02:85:34:1e:5b:b2:
32:b9:d8:b8:c4:5b:e3:f9:d1:f6:94:8c:75:23:ef:df:7e:72:
b3:c4:67:2b:ba:74:83:52:f2:49:74:32:e0:94:bb:ae:8a:51:
8f:4e:d7:44:17:5b:42:7d:43:36:80:fb:1a:48:35:91:db:94:
f5:44:9c:a2:ab:c1:58:b4:f2:df:c7:b3:cc:5d:e1:e4:34:8b:
3d:73:92:5f:6c:16:2e:2a:a9:c9:66:01:ab:3a:d8:d0:6d:0c:
4b:03:1f:41:b5:e2:f6:82:24:20:97:39:52:44:ef:2e:04:9f:
f8:62:e1:54:6e:08:29:32:0f:b9:48:3e:23:4a:42:e7:af:ac:
f9:a2:62:60:9c:ca:99:d8:46:dd:31:52:e5:8a:eb:da:de:82:
17:a7:70:cc:cf:28:bb:bf:e3:07:af:48:a3:60:64:ab:81:d1:
1c:42:72:64:48:c8:82:20:d6:fe:55:1b:f9:91:b5:b5:0f:af:
8c:29:69:9e:69:be:b4:85:fa:20:90:0f:f2:20:a1:86:ae:a7:
13:18:c1:89
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWBLnTF7Ni5+xSobbL6UfaCctKUQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwZjJhZDQwMzQxNTRiOWM4YmY0MDhjNzBmMmM2YmVmMjdiNDA4MGIxMGJj
MTYyMWIwZWViZmU1NTBiN2I5ZDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIGx5Bnn8XpBVeY/mYY9OuXGTfhl8q2du+pRYYfj+TKNmxESbOuwNfu+oPAa
J4ZNumZmD8F70zKceZFqq2fkd0at9eYg5ZHYS4Fiu7uuJ6jvIgLdHjBVMv5Ls1b9
6Dg9t0YZldwX/gUC7p5M6dAvMvkIUis3yXg/qzEdkSPmhXlD82OLzYzjg/bFYPUN
r1hWhDRQcq/Gz8H1FED05j/y7eCxrjixLjHiBBmRjF8BLY4387h80/67nG8QSvdz
Dm+WSLAhtZj8TeOinAqLNV4A9IqEyveCzGUhzvP8XFXBrE6ZBX3XCAZagPFzQJfu
jfQAzEKe0XrpTRt35qLCFXNyi/cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRa5VIn
ov1KPSLXAUtSTo2aYooJUTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmU4ZmY0NmYtNzFkMS00MTQ0LWFlNjYtN2E5YjcwNjA2ODM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ACQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBZT2TpYCzNtsJYoXRUkw3yK+KMuv0irhRjShe0
J+9UVUoA34YtzQXN/QCQrJOSRKwChTQeW7Iyudi4xFvj+dH2lIx1I+/ffnKzxGcr
unSDUvJJdDLglLuuilGPTtdEF1tCfUM2gPsaSDWR25T1RJyiq8FYtPLfx7PMXeHk
NIs9c5JfbBYuKqnJZgGrOtjQbQxLAx9BteL2giQglzlSRO8uBJ/4YuFUbggpMg+5
SD4jSkLnr6z5omJgnMqZ2EbdMVLliuva3oIXp3DMzyi7v+MHr0ijYGSrgdEcQnJk
SMiCINb+VRv5kbW1D6+MKWmeab60hfogkA/yIKGGrqcTGMGJ
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:50:17 2023 by rpki-client on console-ams.rpki-client.org