Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2f449809-abd8-4202-adc3-ce8dd1767b62.roa
File: 2f449809-abd8-4202-adc3-ce8dd1767b62.roa (raw, json)
Hash identifier: YFxqPfPwdmb63qhQgmj1DVcJOfdVXhk1MM/HxaTVHIM=
Subject key identifier: 4F:A7:20:FD:8E:A6:67:1A:54:A6:AD:8A:FF:11:71:8D:00:CB:12:A0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0ABB38AC6A67ACFB0680E3DBC71282AB2B67A14F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2f449809-abd8-4202-adc3-ce8dd1767b62.roa
Signing time: Fri 22 Nov 2024 00:00:00 +0000
ROA not before: Fri 22 Nov 2024 00:00:00 +0000
ROA not after: Fri 27 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:bb:38:ac:6a:67:ac:fb:06:80:e3:db:c7:12:82:ab:2b:67:a1:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 22 00:00:00 2024 GMT
Not After : Dec 27 23:59:59 2024 GMT
Subject: serialNumber=4a7461e30bcf6880e820a7e3893479635d2ca0c0333faffb8393b7a23f5d261e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:31:18:c4:aa:24:1b:32:ce:44:57:47:d3:03:
8e:c1:48:49:09:16:1c:36:04:6d:61:4a:20:7a:ad:
74:0d:73:73:dd:42:44:5c:15:88:84:12:1e:8c:dc:
95:82:b1:8a:bf:4c:b7:63:46:e9:08:55:c9:8f:2f:
bc:3c:39:f8:02:0b:fe:32:e1:b5:42:81:5c:39:22:
4e:f1:d1:d7:6c:b2:82:b5:12:5b:33:51:86:f9:8a:
b9:3c:b1:fc:5d:dd:99:bf:3c:42:c6:56:21:60:7a:
82:fd:09:26:84:5f:ed:17:3c:8b:bf:67:e5:a9:1d:
ed:7f:33:5a:0d:70:27:39:b5:75:26:cb:eb:e0:f8:
ab:f9:4b:42:08:a9:2b:1a:65:4b:9d:aa:7c:f6:79:
59:5b:9d:ba:8b:9a:90:65:5e:6b:48:0f:8a:b2:83:
e2:f6:bb:79:5c:8e:d2:7c:ee:99:5c:1b:75:fe:a4:
b5:12:31:c0:bd:6d:69:8b:f3:c3:af:bb:fb:d5:ac:
38:cf:1c:71:27:30:11:de:df:a3:cc:c1:92:57:2b:
28:38:f4:39:4a:a1:67:d9:72:c9:c9:b5:43:58:0f:
89:72:55:16:3a:93:ab:8c:2d:fb:d3:57:cd:ff:ab:
48:62:ea:b7:90:ea:51:7c:03:ed:9e:4f:d4:51:9f:
eb:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:A7:20:FD:8E:A6:67:1A:54:A6:AD:8A:FF:11:71:8D:00:CB:12:A0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2f449809-abd8-4202-adc3-ce8dd1767b62.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:5000::/40
Signature Algorithm: sha256WithRSAEncryption
6c:6a:8e:2d:03:c4:27:6f:37:f8:11:ef:63:a9:64:e4:fc:fe:
a9:4f:1b:51:a3:25:5b:f0:ab:60:2d:0f:7e:da:2f:18:8c:24:
bf:55:c9:17:5b:4b:14:8b:d2:02:da:e5:ee:ce:2c:4b:3c:d3:
e8:f4:3c:b4:c2:71:ec:b8:ad:1e:ed:fa:4f:3b:c5:30:15:e1:
4a:a7:d3:fa:af:fc:9a:ca:9b:2d:7d:26:e7:f7:52:15:90:54:
9d:2d:ce:d1:17:e4:08:63:24:8f:3d:4f:64:b3:91:8a:c4:15:
8d:e9:c0:ee:0c:12:fb:3b:0d:13:ed:47:92:13:9f:5e:6a:4d:
ef:71:8c:a5:8e:eb:ee:fa:24:eb:21:12:b9:36:00:bd:56:79:
ee:8f:83:fb:50:df:09:4b:a0:64:3d:ec:d1:85:5c:df:c3:6f:
a3:19:85:55:59:8b:a5:db:ff:28:4b:b2:91:ba:a0:06:80:95:
ff:67:62:ba:98:3c:f3:1e:be:6e:8a:15:5a:e2:45:89:ea:28:
39:06:fb:c5:b6:e5:2b:16:f2:9d:47:20:e6:69:5a:46:d5:47:
84:63:32:65:8e:5a:6b:25:96:97:02:45:a1:1a:8b:e8:d1:f9:
10:df:e8:a6:2c:cf:8f:ce:53:b3:7c:51:75:8b:e4:9c:8d:20:
7f:5b:68:da
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCrs4rGpnrPsGgOPbxxKCqytnoU8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMjIwMDAwMDBaFw0yNDEyMjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhNzQ2MWUzMGJjZjY4ODBlODIwYTdlMzg5MzQ3OTYzNWQyY2EwYzAzMzNm
YWZmYjgzOTNiN2EyM2Y1ZDI2MWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALIxGMSqJBsyzkRXR9MDjsFISQkWHDYEbWFKIHqtdA1zc91CRFwViIQSHozc
lYKxir9Mt2NG6QhVyY8vvDw5+AIL/jLhtUKBXDkiTvHR12yygrUSWzNRhvmKuTyx
/F3dmb88QsZWIWB6gv0JJoRf7Rc8i79n5akd7X8zWg1wJzm1dSbL6+D4q/lLQgip
KxplS52qfPZ5WVuduouakGVea0gPirKD4va7eVyO0nzumVwbdf6ktRIxwL1taYvz
w6+7+9WsOM8ccScwEd7fo8zBklcrKDj0OUqhZ9lyycm1Q1gPiXJVFjqTq4wt+9NX
zf+rSGLqt5DqUXwD7Z5P1FGf6yECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRPpyD9
jqZnGlSmrYr/EXGNAMsSoDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmY0NDk4MDktYWJkOC00MjAyLWFkYzMtY2U4ZGQxNzY3YjYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DhQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBsao4tA8Qnbzf4Ee9jqWTk/P6pTxtRoyVb8Ktg
LQ9+2i8YjCS/VckXW0sUi9IC2uXuzixLPNPo9Dy0wnHsuK0e7fpPO8UwFeFKp9P6
r/yaypstfSbn91IVkFSdLc7RF+QIYySPPU9ks5GKxBWN6cDuDBL7Ow0T7UeSE59e
ak3vcYyljuvu+iTrIRK5NgC9Vnnuj4P7UN8JS6BkPezRhVzfw2+jGYVVWYul2/8o
S7KRuqAGgJX/Z2K6mDzzHr5uihVa4kWJ6ig5BvvFtuUrFvKdRyDmaVpG1UeEYzJl
jlprJZaXAkWhGovo0fkQ3+imLM+PzlOzfFF1i+ScjSB/W2ja
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:07:44 2024 by rpki-client on console-ams.rpki-client.org