Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36c029c8-f6f6-4807-9160-3de52083e319.roa
File: 36c029c8-f6f6-4807-9160-3de52083e319.roa (raw, json)
Hash identifier: 4D5BuYntxD4yCanEVlLMI41sXIUHB6U0rNH6YwFLMvE=
Subject key identifier: D3:6A:9F:8E:C5:CB:11:64:2A:AF:C8:EC:37:97:6B:CA:32:4B:C1:35
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7EACFBC8ED9043A2555C90104AA64DAE7E523B2F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36c029c8-f6f6-4807-9160-3de52083e319.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018::/35 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:ac:fb:c8:ed:90:43:a2:55:5c:90:10:4a:a6:4d:ae:7e:52:3b:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=0bda6a2e526e306505feb1e0d79d5612e2537f149d231d8f5fc134ffea846f47, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:72:16:04:8a:63:a6:f0:02:39:f2:68:c7:13:
64:73:2b:05:6b:86:96:3a:b9:7c:50:6d:23:bc:76:
51:bb:d4:fe:c5:5f:e6:fd:84:31:b2:fc:32:a7:8f:
c9:5a:85:27:15:b8:d8:0a:3b:04:92:3f:62:bb:ff:
09:b0:6b:73:49:3f:a9:39:7a:ac:80:64:9a:ac:87:
01:0d:d5:f7:9b:7f:ba:59:d2:32:40:b7:38:ff:5a:
0f:ea:d6:a3:04:cf:84:66:11:fc:9e:63:a2:45:a0:
57:9f:64:6a:a7:0e:cc:b6:06:d1:79:36:33:ab:4a:
0b:34:7a:fa:89:fc:b4:54:7e:1f:ef:49:11:8a:d8:
18:9c:1b:0d:9c:63:9f:30:d6:c8:4f:04:fd:b4:da:
76:60:54:16:84:3c:5c:ec:4a:40:d6:ef:1e:88:5d:
fd:95:26:5b:65:36:c6:d8:74:2d:4d:6e:d6:85:93:
bf:cc:99:fd:4f:16:30:6d:11:7a:a2:fc:fb:78:f7:
d6:42:48:bc:97:42:47:85:aa:ee:86:cc:24:5a:10:
b0:a7:61:1e:75:ff:fb:aa:21:e2:0b:19:68:ae:d9:
fe:63:92:5e:a1:05:9a:37:0f:3d:88:3e:6f:b6:43:
7a:8b:2a:fa:fd:6c:a6:fa:1e:d9:78:d8:3d:a7:ff:
1f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:6A:9F:8E:C5:CB:11:64:2A:AF:C8:EC:37:97:6B:CA:32:4B:C1:35
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36c029c8-f6f6-4807-9160-3de52083e319.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018::/35
Signature Algorithm: sha256WithRSAEncryption
a3:b3:93:2d:c3:02:ca:46:78:3c:c6:e0:4c:cf:61:66:ac:b7:
6e:67:28:3e:f6:0f:4e:6a:80:ae:a2:0c:02:57:5b:49:9a:2c:
0e:3f:86:31:32:c9:aa:8b:08:2c:30:27:1f:a4:26:42:b6:90:
62:9d:7b:c6:88:86:fe:f7:70:3d:d2:b7:f1:5b:6f:e9:60:f6:
6b:09:7d:5b:83:5d:43:ba:fa:4c:0e:9a:44:b4:39:e6:32:ad:
97:7a:16:ed:ae:2b:2a:61:15:12:e4:b8:ee:a8:c0:80:29:8c:
d2:c5:02:07:d1:7b:6b:c3:81:44:2e:82:ee:bb:4d:ca:c2:5f:
d8:46:f0:ae:ac:cc:fb:50:95:d3:0c:b3:55:ed:20:a3:c7:2e:
93:ce:3b:a5:81:50:59:d3:12:77:00:93:75:66:61:64:7f:4f:
4e:71:1e:12:b5:35:f0:ed:d2:06:f3:8a:46:03:59:99:b9:39:
83:f8:8a:a0:fe:5e:53:0e:ac:0b:44:58:1d:cf:e6:07:a3:a2:
27:7b:51:0f:4f:b5:14:d3:ef:78:8e:00:12:8f:9f:af:3a:f6:
c2:cd:e4:7e:9e:63:2e:d2:12:b1:8a:92:9d:ae:09:8b:e3:ea:
e2:2f:9a:22:53:b4:e3:24:41:7f:20:d5:b0:e7:ff:7b:34:43:
a7:01:c3:b1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfqz7yO2QQ6JVXJAQSqZNrn5SOy8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDBiZGE2YTJlNTI2ZTMwNjUwNWZlYjFlMGQ3OWQ1NjEyZTI1MzdmMTQ5ZDIz
MWQ4ZjVmYzEzNGZmZWE4NDZmNDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMVyFgSKY6bwAjnyaMcTZHMrBWuGljq5fFBtI7x2UbvU/sVf5v2EMbL8MqeP
yVqFJxW42Ao7BJI/Yrv/CbBrc0k/qTl6rIBkmqyHAQ3V95t/ulnSMkC3OP9aD+rW
owTPhGYR/J5jokWgV59kaqcOzLYG0Xk2M6tKCzR6+on8tFR+H+9JEYrYGJwbDZxj
nzDWyE8E/bTadmBUFoQ8XOxKQNbvHohd/ZUmW2U2xth0LU1u1oWTv8yZ/U8WMG0R
eqL8+3j31kJIvJdCR4Wq7obMJFoQsKdhHnX/+6oh4gsZaK7Z/mOSXqEFmjcPPYg+
b7ZDeosq+v1spvoe2XjYPaf/H6sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTTap+O
xcsRZCqvyOw3l2vKMkvBNTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzZjMDI5YzgtZjZmNi00ODA3LTkxNjAtM2RlNTIwODNlMzE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBSoF0BgA
MA0GCSqGSIb3DQEBCwUAA4IBAQCjs5MtwwLKRng8xuBMz2FmrLduZyg+9g9OaoCu
ogwCV1tJmiwOP4YxMsmqiwgsMCcfpCZCtpBinXvGiIb+93A90rfxW2/pYPZrCX1b
g11DuvpMDppEtDnmMq2XehbtrisqYRUS5LjuqMCAKYzSxQIH0Xtrw4FELoLuu03K
wl/YRvCurMz7UJXTDLNV7SCjxy6TzjulgVBZ0xJ3AJN1ZmFkf09OcR4StTXw7dIG
84pGA1mZuTmD+Iqg/l5TDqwLRFgdz+YHo6Ine1EPT7UU0+94jgASj5+vOvbCzeR+
nmMu0hKxipKdrgmL4+riL5oiU7TjJEF/INWw5/97NEOnAcOx
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:26 2023 by rpki-client on console-ams.rpki-client.org