Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3711d18e-8589-4699-9cf4-2646a99f3614.roa
File: 3711d18e-8589-4699-9cf4-2646a99f3614.roa (raw, json)
Hash identifier: PaqT6v1zniHXapWAZtEYj5n+M2XW43LBVPCXO+iKbg4=
Subject key identifier: 4C:4C:14:59:40:25:B7:40:AB:BB:02:C1:8C:FA:5B:40:9F:77:E5:7A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 330005B2BCC303E58E37C51E511167DFEB377E87
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3711d18e-8589-4699-9cf4-2646a99f3614.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:00:05:b2:bc:c3:03:e5:8e:37:c5:1e:51:11:67:df:eb:37:7e:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=ebd860c126708b3917135d3d251dba77bb9c3eec784da00666fcf3d13ba7a5c9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:98:6b:b3:c7:72:70:33:ad:b2:55:ad:cb:2d:
22:c8:19:2d:36:cc:cb:47:14:29:9c:36:9a:cc:bc:
14:b4:bf:53:99:a3:d0:72:45:c0:f4:0a:bb:28:59:
89:e1:dc:31:72:ad:51:0e:29:6c:27:ae:9b:54:f2:
00:f1:4e:f9:b0:1d:86:2c:8d:01:e2:4f:44:3a:f0:
4b:72:da:1b:ed:87:7a:c4:37:98:c6:ac:6c:52:80:
d1:3c:62:14:0a:8b:6b:e9:bd:67:07:30:a6:af:8f:
fc:a7:ce:a3:84:e8:cd:28:30:0c:1f:16:dd:6a:d1:
ad:90:6b:ec:2c:36:fa:ac:76:8e:3f:0c:f3:33:8e:
36:9f:75:2e:c1:70:c8:01:8e:71:be:40:4d:f6:3d:
20:fe:57:8a:65:ee:dd:81:24:0e:5a:8d:aa:88:78:
00:67:c6:5b:5d:95:ec:e2:1f:d2:8c:7b:b5:68:8b:
38:20:14:18:1f:40:90:4b:38:5b:77:e8:7a:33:47:
2d:f1:04:b6:6c:68:7b:cf:c7:2c:fa:de:3e:ee:79:
48:b3:b0:5d:20:ac:3e:00:42:77:7e:04:8f:b7:24:
a2:6d:8b:34:f8:ad:9d:c9:b5:db:42:03:0d:f6:73:
50:70:64:6a:fd:7b:81:dc:b1:3b:2f:50:d0:f7:37:
de:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:4C:14:59:40:25:B7:40:AB:BB:02:C1:8C:FA:5B:40:9F:77:E5:7A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3711d18e-8589-4699-9cf4-2646a99f3614.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4000::/40
Signature Algorithm: sha256WithRSAEncryption
38:f6:cc:7a:14:c9:93:4a:c3:8b:f0:d2:3b:f6:02:4b:29:3e:
f5:d0:42:06:e9:9a:a2:d9:a1:26:d2:28:4b:67:f5:75:d1:ba:
f1:ca:0c:0e:41:51:ba:c5:ea:f8:ad:47:58:cd:7e:b9:da:b7:
9a:ce:e7:ad:7a:35:fa:55:11:e6:aa:f8:08:56:20:98:36:0f:
36:60:22:3a:3a:3e:71:29:21:0c:bb:78:2b:ae:7c:f7:20:f4:
13:f5:d7:11:aa:4c:32:c5:4b:1c:45:46:d4:aa:46:fe:0c:e2:
a8:44:79:ff:b3:81:1b:45:d7:0d:52:90:13:8b:bf:2f:d8:c2:
55:9b:54:cf:96:fe:e8:ad:c5:88:a4:a5:c1:cf:b6:b0:80:b2:
62:83:77:87:09:66:f0:da:82:62:f5:24:20:3f:fe:0a:c6:0f:
67:1d:10:59:7b:f7:b3:11:9e:d8:df:5e:9c:c5:f1:46:bc:f6:
27:45:28:05:94:9c:cb:b3:3b:35:fd:15:ff:3f:f7:3e:82:1f:
8e:27:30:e4:c3:3b:ac:98:63:9e:9c:26:62:e2:15:23:6c:10:
ca:a2:22:d9:47:72:38:5a:35:53:9d:47:a8:43:2a:eb:12:c9:
8e:29:55:8c:33:58:01:51:c0:59:73:d2:11:e2:30:75:99:bb:
26:07:a9:a5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMwAFsrzDA+WON8UeURFn3+s3focwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGViZDg2MGMxMjY3MDhiMzkxNzEzNWQzZDI1MWRiYTc3YmI5YzNlZWM3ODRk
YTAwNjY2ZmNmM2QxM2JhN2E1YzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALeYa7PHcnAzrbJVrcstIsgZLTbMy0cUKZw2msy8FLS/U5mj0HJFwPQKuyhZ
ieHcMXKtUQ4pbCeum1TyAPFO+bAdhiyNAeJPRDrwS3LaG+2HesQ3mMasbFKA0Txi
FAqLa+m9Zwcwpq+P/KfOo4TozSgwDB8W3WrRrZBr7Cw2+qx2jj8M8zOONp91LsFw
yAGOcb5ATfY9IP5XimXu3YEkDlqNqoh4AGfGW12V7OIf0ox7tWiLOCAUGB9AkEs4
W3foejNHLfEEtmxoe8/HLPrePu55SLOwXSCsPgBCd34Ej7ckom2LNPitncm120ID
DfZzUHBkav17gdyxOy9Q0Pc33pMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRMTBRZ
QCW3QKu7AsGM+ltAn3flejAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzcxMWQxOGUtODU4OS00Njk5LTljZjQtMjY0NmE5OWYzNjE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H9A
MA0GCSqGSIb3DQEBCwUAA4IBAQA49sx6FMmTSsOL8NI79gJLKT710EIG6Zqi2aEm
0ihLZ/V10brxygwOQVG6xer4rUdYzX652reazuetejX6VRHmqvgIViCYNg82YCI6
Oj5xKSEMu3grrnz3IPQT9dcRqkwyxUscRUbUqkb+DOKoRHn/s4EbRdcNUpATi78v
2MJVm1TPlv7orcWIpKXBz7awgLJig3eHCWbw2oJi9SQgP/4Kxg9nHRBZe/ezEZ7Y
316cxfFGvPYnRSgFlJzLszs1/RX/P/c+gh+OJzDkwzusmGOenCZi4hUjbBDKoiLZ
R3I4WjVTnUeoQyrrEsmOKVWMM1gBUcBZc9IR4jB1mbsmB6ml
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:26 2023 by rpki-client on console-ams.rpki-client.org