Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/39877ac0-d1f5-4cc3-b476-ba3a7fa0a0e0.roa
File: 39877ac0-d1f5-4cc3-b476-ba3a7fa0a0e0.roa (raw, json)
Hash identifier: Q9St82aaZij05GoCtvr5+pwftpo/hcclJx9zd1rJWas=
Subject key identifier: 68:BB:03:ED:91:2C:13:EA:FC:E2:D5:AA:29:64:E9:AF:EB:CE:14:1D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 03286E314125A0D56BBC5F1866F4F0B3ED11F518
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/39877ac0-d1f5-4cc3-b476-ba3a7fa0a0e0.roa
Signing time: Fri 30 Aug 2024 00:00:00 +0000
ROA not before: Fri 30 Aug 2024 00:00:00 +0000
ROA not after: Fri 04 Oct 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Sep 2024 20:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:28:6e:31:41:25:a0:d5:6b:bc:5f:18:66:f4:f0:b3:ed:11:f5:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 30 00:00:00 2024 GMT
Not After : Oct 4 23:59:59 2024 GMT
Subject: serialNumber=39ef2e43eece446c62edeac0d88aa239021cf7f976324713c18d3e7e46caf47f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:e8:9c:7d:b1:fd:eb:49:89:6c:8b:54:ef:89:
37:34:6e:02:9d:07:f8:84:98:3c:45:3a:2e:4e:3e:
15:37:09:23:da:84:0e:64:f6:04:35:f1:5d:cc:24:
f3:d9:81:2a:f1:f2:90:da:d3:c9:c5:ab:c7:01:f8:
c1:ec:0a:51:a2:b2:bd:d4:5b:c6:3e:ac:c0:dc:01:
aa:a6:e9:b5:e3:53:c5:f8:29:18:cc:6c:a8:e4:7a:
30:af:a6:50:23:34:64:50:fe:78:d6:3a:e4:dd:ad:
18:27:81:2b:c5:e1:e4:aa:c1:af:29:3c:c8:3c:36:
3a:ad:53:d5:54:8e:b9:ea:90:30:d4:ff:db:ab:49:
50:0b:e6:fa:3f:68:b1:bc:c3:94:3b:1b:28:f4:41:
90:71:7a:17:e8:89:b7:3e:8a:c1:f7:52:8b:58:c8:
ac:13:45:bf:4d:80:3b:b2:c5:15:49:eb:d7:46:14:
1b:27:f9:70:fa:61:d0:02:29:ac:a0:67:1d:ca:bc:
29:81:ad:74:a5:91:11:26:a3:ac:53:89:1e:8f:84:
4f:b7:33:7c:76:f8:80:07:f9:5d:9b:d7:78:0c:5b:
8f:3c:04:28:a7:8f:0d:f2:f8:4a:ae:e6:69:9a:95:
74:7a:61:41:f4:70:01:48:99:99:80:e1:fc:72:f1:
3f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:BB:03:ED:91:2C:13:EA:FC:E2:D5:AA:29:64:E9:AF:EB:CE:14:1D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/39877ac0-d1f5-4cc3-b476-ba3a7fa0a0e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:2000::/40
Signature Algorithm: sha256WithRSAEncryption
6c:9c:4d:52:b0:78:3b:c1:7e:5b:d9:ad:1c:39:76:53:60:31:
75:b5:83:b2:68:6f:bf:f5:82:6f:2f:5a:0a:f9:42:36:5a:b9:
c7:11:6a:88:a4:dd:8e:59:83:98:e1:42:04:45:01:d5:ec:2d:
ec:cc:58:e2:3f:e0:61:c6:40:f6:49:3f:20:40:26:48:4c:a9:
1d:6e:96:34:e6:de:a9:2b:25:c9:4f:dc:20:cb:ca:d9:34:79:
4b:75:6e:2a:ea:37:5d:12:e4:a5:4f:c6:f6:31:1b:02:cd:96:
69:ec:e4:9f:09:9e:11:aa:8c:97:11:b5:62:4d:cc:14:1b:80:
1e:40:cd:2f:67:0a:63:73:09:5e:68:c6:b7:c5:77:05:dd:3b:
0d:10:66:7e:a0:2a:09:ff:19:7f:fd:d1:46:d0:c2:f1:2e:45:
4d:00:d8:ae:a7:71:8f:3b:1a:f7:79:8f:63:ac:a4:1d:75:10:
59:04:3d:00:01:1b:cb:4b:dd:f0:78:bd:42:0e:2a:6c:64:0b:
68:93:b1:7f:fb:fc:2b:33:cd:ce:66:78:21:38:38:05:e0:cd:
9c:a7:3a:c9:20:88:66:71:e0:1c:bc:73:a7:18:98:35:61:e8:
ff:e6:41:c5:fd:22:fe:ba:88:71:ac:0a:ff:ab:47:b8:bb:31:
45:ce:bb:69
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAyhuMUEloNVrvF8YZvTws+0R9RgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA4MzAwMDAwMDBaFw0yNDEwMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDM5ZWYyZTQzZWVjZTQ0NmM2MmVkZWFjMGQ4OGFhMjM5MDIxY2Y3Zjk3NjMy
NDcxM2MxOGQzZTdlNDZjYWY0N2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO/onH2x/etJiWyLVO+JNzRuAp0H+ISYPEU6Lk4+FTcJI9qEDmT2BDXxXcwk
89mBKvHykNrTycWrxwH4wewKUaKyvdRbxj6swNwBqqbpteNTxfgpGMxsqOR6MK+m
UCM0ZFD+eNY65N2tGCeBK8Xh5KrBryk8yDw2Oq1T1VSOueqQMNT/26tJUAvm+j9o
sbzDlDsbKPRBkHF6F+iJtz6KwfdSi1jIrBNFv02AO7LFFUnr10YUGyf5cPph0AIp
rKBnHcq8KYGtdKWRESajrFOJHo+ET7czfHb4gAf5XZvXeAxbjzwEKKePDfL4Sq7m
aZqVdHphQfRwAUiZmYDh/HLxP2UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRouwPt
kSwT6vzi1aopZOmv684UHTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mzk4NzdhYzAtZDFmNS00Y2MzLWI0NzYtYmEzYTdmYTBhMGUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hcg
MA0GCSqGSIb3DQEBCwUAA4IBAQBsnE1SsHg7wX5b2a0cOXZTYDF1tYOyaG+/9YJv
L1oK+UI2WrnHEWqIpN2OWYOY4UIERQHV7C3szFjiP+BhxkD2ST8gQCZITKkdbpY0
5t6pKyXJT9wgy8rZNHlLdW4q6jddEuSlT8b2MRsCzZZp7OSfCZ4RqoyXEbViTcwU
G4AeQM0vZwpjcwleaMa3xXcF3TsNEGZ+oCoJ/xl//dFG0MLxLkVNANiup3GPOxr3
eY9jrKQddRBZBD0AARvLS93weL1CDipsZAtok7F/+/wrM83OZnghODgF4M2cpzrJ
IIhmceAcvHOnGJg1Yej/5kHF/SL+uohxrAr/q0e4uzFFzrtp
-----END CERTIFICATE-----
Generated at Sat Sep 7 01:39:49 2024 by rpki-client on console-ams.rpki-client.org