Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bde61a2-7506-48c2-8365-3447411d858e.roa
File: 3bde61a2-7506-48c2-8365-3447411d858e.roa (raw, json)
Hash identifier: 1nNz0e5CWKYQxIce1XsVx/I8qa+vlbQwtKHyg7QcvD8=
Subject key identifier: CC:2A:EE:23:77:1C:0D:A6:16:F0:81:F9:C2:56:19:59:51:AE:39:5D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 03C11B605B9074FF6A4683F6D14B86DF3744ED0B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bde61a2-7506-48c2-8365-3447411d858e.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:c1:1b:60:5b:90:74:ff:6a:46:83:f6:d1:4b:86:df:37:44:ed:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=0f7739a1bdaddd7620b74dbedbdfa454f2a2de94dea63577ba6178adfc196fd4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:47:2f:4c:0e:25:24:01:1f:ce:9b:62:bf:70:
53:7d:db:ee:12:09:b4:16:c5:f8:90:bf:69:db:85:
42:26:28:f1:22:20:e7:73:61:8e:f9:b6:84:79:ec:
c1:61:7a:1a:de:d1:6a:5c:d4:39:98:fe:59:62:6c:
d2:83:1c:ea:25:d1:77:51:05:1b:b1:29:ba:39:6c:
c2:47:13:4b:f5:dc:3c:5e:12:95:7f:4d:c3:83:73:
5a:0b:9c:74:ab:a9:69:6c:f5:a7:d8:eb:ed:7c:4f:
d3:60:12:93:4c:66:59:2c:47:fd:06:12:58:3d:81:
ae:27:5c:a6:31:b7:30:ad:8a:e2:b6:fd:0c:e2:b2:
1a:a2:2b:c2:5a:b1:df:83:95:2e:de:dd:87:65:f8:
84:3f:4e:43:1a:55:68:96:01:74:72:f1:47:b5:83:
fd:b9:24:49:32:77:67:a4:27:db:4f:cc:a3:c6:8d:
bc:75:3d:9b:79:ca:79:e2:48:3d:28:2e:8d:b8:01:
f5:cd:fb:24:1b:65:3c:f6:f7:76:1f:cf:d0:15:66:
2e:f2:a1:20:2d:45:40:d9:23:a3:d5:24:1b:33:91:
a7:3f:98:74:57:89:17:41:5d:00:63:40:dd:3f:7a:
f1:69:d8:b7:64:c1:bf:ab:37:e9:15:19:b8:c9:4f:
d6:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:2A:EE:23:77:1C:0D:A6:16:F0:81:F9:C2:56:19:59:51:AE:39:5D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bde61a2-7506-48c2-8365-3447411d858e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:5000::/40
Signature Algorithm: sha256WithRSAEncryption
84:26:e0:f9:33:f2:66:9d:c7:84:a3:12:90:6c:d7:64:1a:68:
a6:fb:a1:28:79:cf:3d:60:ee:87:f5:97:ed:c6:a1:8c:ef:8b:
a7:3d:42:23:2e:d3:6c:84:3d:ad:8e:7b:94:87:d1:22:f7:73:
bd:a6:b9:a8:d3:0a:ba:3a:a2:00:db:e6:d6:a4:77:31:e5:e7:
af:84:38:49:26:4d:87:e1:c5:ac:46:c1:24:52:36:38:b4:4d:
20:09:70:0a:42:c9:3e:13:11:0e:ff:19:3b:0e:c2:ba:36:f3:
38:e7:65:00:43:8e:fd:dc:04:a9:94:3d:3d:e1:7a:23:a5:93:
7c:3b:f8:cf:d6:ea:92:5a:46:9d:e1:74:29:c8:e5:d3:8f:8e:
8c:de:dd:28:08:09:f0:46:5b:2d:7f:60:58:d7:88:73:b0:92:
49:b5:8b:5e:06:76:69:83:95:b9:2b:8b:f1:78:1d:6e:49:dc:
2a:af:68:58:58:dc:fa:a4:8f:1a:32:f3:f9:35:b3:bc:05:70:
81:91:22:14:b6:9b:d6:c2:c5:f1:28:d1:7d:d9:1a:5e:17:bc:
5d:78:cf:4a:99:50:a2:28:a6:82:ac:f0:b5:a4:b5:a3:ff:c9:
29:d5:a2:6f:8c:3b:85:0c:2e:53:3f:e4:d7:f1:57:38:b0:bc:
68:ac:f9:fe
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUA8EbYFuQdP9qRoP20UuG3zdE7QswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDBmNzczOWExYmRhZGRkNzYyMGI3NGRiZWRiZGZhNDU0ZjJhMmRlOTRkZWE2
MzU3N2JhNjE3OGFkZmMxOTZmZDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALxHL0wOJSQBH86bYr9wU33b7hIJtBbF+JC/aduFQiYo8SIg53Nhjvm2hHns
wWF6Gt7RalzUOZj+WWJs0oMc6iXRd1EFG7EpujlswkcTS/XcPF4SlX9Nw4NzWguc
dKupaWz1p9jr7XxP02ASk0xmWSxH/QYSWD2BridcpjG3MK2K4rb9DOKyGqIrwlqx
34OVLt7dh2X4hD9OQxpVaJYBdHLxR7WD/bkkSTJ3Z6Qn20/Mo8aNvHU9m3nKeeJI
PSgujbgB9c37JBtlPPb3dh/P0BVmLvKhIC1FQNkjo9UkGzORpz+YdFeJF0FdAGNA
3T968WnYt2TBv6s36RUZuMlP1p0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTMKu4j
dxwNphbwgfnCVhlZUa45XTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2JkZTYxYTItNzUwNi00OGMyLTgzNjUtMzQ0NzQxMWQ4NThlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FBQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCEJuD5M/JmnceEoxKQbNdkGmim+6Eoec89YO6H
9ZftxqGM74unPUIjLtNshD2tjnuUh9Ei93O9prmo0wq6OqIA2+bWpHcx5eevhDhJ
Jk2H4cWsRsEkUjY4tE0gCXAKQsk+ExEO/xk7DsK6NvM452UAQ4793ASplD094Xoj
pZN8O/jP1uqSWkad4XQpyOXTj46M3t0oCAnwRlstf2BY14hzsJJJtYteBnZpg5W5
K4vxeB1uSdwqr2hYWNz6pI8aMvP5NbO8BXCBkSIUtpvWwsXxKNF92RpeF7xdeM9K
mVCiKKaCrPC1pLWj/8kp1aJvjDuFDC5TP+TX8Vc4sLxorPn+
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:26 2023 by rpki-client on console-ams.rpki-client.org