Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/39877ac0-d1f5-4cc3-b476-ba3a7fa0a0e0.roa
File: 39877ac0-d1f5-4cc3-b476-ba3a7fa0a0e0.roa (raw, json)
Hash identifier: WQEuTgsfN0CADZcrMOY84/PWauHylP8EXgcNypa0cao=
Subject key identifier: 6C:A8:71:F4:C0:A4:AA:1A:B7:05:65:6B:C1:83:87:5D:2B:63:74:29
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4F3531677B5FC1E20D1BF134458410493360983F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/39877ac0-d1f5-4cc3-b476-ba3a7fa0a0e0.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:35:31:67:7b:5f:c1:e2:0d:1b:f1:34:45:84:10:49:33:60:98:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=0a07445bdeac32b71fc0fe126ca7d3f8f44a3dfa1bc0d9c06ee846e2c55a44a3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:62:b4:9a:d1:92:af:4a:9c:11:1e:d1:f6:c8:
31:21:81:ea:57:f4:62:2b:eb:9f:d1:26:57:e8:6f:
f9:6b:ea:8c:9b:fe:b2:b1:a8:10:72:8c:64:c6:3f:
d5:7b:1d:5a:17:e8:88:d9:37:86:55:e1:43:f2:9e:
f1:d3:f8:d7:86:e0:b2:92:39:55:a3:c9:3d:5d:f9:
b4:70:20:6a:30:0b:48:5d:6f:ed:04:b8:88:b3:89:
7d:3f:4c:97:09:61:ed:d7:7d:98:9d:78:65:da:fb:
5b:47:9a:f6:84:e1:89:e9:5c:77:20:f6:84:3d:4b:
33:e5:a3:8e:0f:d8:34:50:a8:49:3e:c5:ea:ff:69:
6c:2b:16:d8:24:81:1c:0a:0f:80:e2:9b:fd:a6:a6:
18:05:eb:0d:36:39:ea:47:6e:5f:36:b8:d1:12:0a:
36:2f:d0:49:22:22:e1:c6:e2:cf:ff:6b:52:73:9c:
77:12:bd:e0:8b:96:87:35:83:5d:2b:83:c3:2a:2b:
53:58:cd:c0:dc:30:4e:95:e9:2d:e7:e8:4b:cd:e1:
46:38:b0:ae:c4:3f:7d:2f:2f:07:2b:3d:1c:a5:4c:
3d:22:3b:a0:7d:ab:9b:10:76:bf:f6:c6:fe:df:3e:
1e:64:62:0a:ec:5e:75:d7:cf:c6:02:65:e1:01:81:
23:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:A8:71:F4:C0:A4:AA:1A:B7:05:65:6B:C1:83:87:5D:2B:63:74:29
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/39877ac0-d1f5-4cc3-b476-ba3a7fa0a0e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:2000::/40
Signature Algorithm: sha256WithRSAEncryption
74:f4:e7:10:87:1b:cb:ed:67:e0:3e:18:e2:60:20:1b:60:6f:
3a:b6:37:3b:fa:83:3a:1a:e7:a9:70:92:b6:ca:8b:8a:fd:3f:
b6:61:3c:b2:e6:55:c1:02:be:56:f9:2e:87:da:d6:e9:07:b1:
f2:2f:d7:38:7b:fd:9d:b9:e3:37:7f:34:f3:35:a3:cf:90:5d:
96:fc:a4:71:d6:ba:97:f5:49:d8:0d:52:48:49:89:a8:e3:60:
f3:c2:f9:b0:ee:4b:7a:3d:2e:78:7d:ee:6f:8f:61:84:b0:23:
be:49:7c:a3:80:fa:8a:e8:71:22:5e:fc:66:92:81:8c:89:a4:
91:49:36:8c:33:83:34:9c:06:e7:db:72:e8:ab:e3:e5:aa:d8:
a0:b7:5f:4c:e8:9c:3c:04:ab:b3:c6:b2:69:b8:b3:bf:e5:ea:
9d:4a:f5:23:ce:7b:36:be:ce:fa:85:ab:65:71:16:b1:e5:b2:
48:93:88:ac:05:e6:b4:26:5c:b5:b5:ad:75:8b:da:5b:b8:d0:
43:19:44:a8:3c:b0:b4:7f:5d:72:a6:52:04:98:dc:67:3b:36:
7b:84:80:83:67:c3:77:7d:4d:8c:3c:4f:b8:3d:6f:9e:7a:a5:
e5:18:02:57:92:83:75:c3:d0:1a:df:d5:5e:2a:2a:5d:b5:17:
91:8a:25:0f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTzUxZ3tfweING/E0RYQQSTNgmD8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDBhMDc0NDViZGVhYzMyYjcxZmMwZmUxMjZjYTdkM2Y4ZjQ0YTNkZmExYmMw
ZDljMDZlZTg0NmUyYzU1YTQ0YTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKtitJrRkq9KnBEe0fbIMSGB6lf0Yivrn9EmV+hv+WvqjJv+srGoEHKMZMY/
1XsdWhfoiNk3hlXhQ/Ke8dP414bgspI5VaPJPV35tHAgajALSF1v7QS4iLOJfT9M
lwlh7dd9mJ14Zdr7W0ea9oThielcdyD2hD1LM+Wjjg/YNFCoST7F6v9pbCsW2CSB
HAoPgOKb/aamGAXrDTY56kduXza40RIKNi/QSSIi4cbiz/9rUnOcdxK94IuWhzWD
XSuDwyorU1jNwNwwTpXpLefoS83hRjiwrsQ/fS8vBys9HKVMPSI7oH2rmxB2v/bG
/t8+HmRiCuxeddfPxgJl4QGBI7sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRsqHH0
wKSqGrcFZWvBg4ddK2N0KTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mzk4NzdhYzAtZDFmNS00Y2MzLWI0NzYtYmEzYTdmYTBhMGUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hcg
MA0GCSqGSIb3DQEBCwUAA4IBAQB09OcQhxvL7WfgPhjiYCAbYG86tjc7+oM6Guep
cJK2youK/T+2YTyy5lXBAr5W+S6H2tbpB7HyL9c4e/2dueM3fzTzNaPPkF2W/KRx
1rqX9UnYDVJISYmo42Dzwvmw7kt6PS54fe5vj2GEsCO+SXyjgPqK6HEiXvxmkoGM
iaSRSTaMM4M0nAbn23Loq+Plqtigt19M6Jw8BKuzxrJpuLO/5eqdSvUjzns2vs76
hatlcRax5bJIk4isBea0Jly1ta11i9pbuNBDGUSoPLC0f11yplIEmNxnOzZ7hICD
Z8N3fU2MPE+4PW+eeqXlGAJXkoN1w9Aa39VeKipdtReRiiUP
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:50:17 2023 by rpki-client on console-ams.rpki-client.org