Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3d952455-9c5f-4fa9-88c0-abed2531b77e.roa
File: 3d952455-9c5f-4fa9-88c0-abed2531b77e.roa (raw, json)
Hash identifier: EMCVHiitRodlurWd2mFertLTpQNlJHQEFwmsbN0Li1M=
Subject key identifier: F6:5F:D3:C6:F3:15:93:B9:30:CF:86:D4:0A:29:7B:A4:1B:4E:16:CB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 083304454995DB0348AC0E011CC5FD67F65D70B4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3d952455-9c5f-4fa9-88c0-abed2531b77e.roa
Signing time: Tue 23 Apr 2024 00:00:00 +0000
ROA not before: Tue 23 Apr 2024 00:00:00 +0000
ROA not after: Tue 28 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d079:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:33:04:45:49:95:db:03:48:ac:0e:01:1c:c5:fd:67:f6:5d:70:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 23 00:00:00 2024 GMT
Not After : May 28 23:59:59 2024 GMT
Subject: serialNumber=9677f88525fa4530a36992044643e1ad9912a4547872bd48e7b217e35652fc91, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:98:f1:54:64:8c:a3:1e:f1:b8:51:a4:cb:90:
31:ba:f5:7f:66:d2:83:7b:4f:e9:b6:50:96:6f:bb:
e0:13:67:10:ba:fa:ed:89:0a:e6:47:fb:5d:1f:45:
bf:80:ec:9c:7f:3a:a2:f1:91:3b:42:db:1a:40:f7:
ce:42:ca:c4:36:10:53:79:6f:83:05:c5:9c:f1:d3:
36:2c:d2:30:4d:44:52:c2:db:93:8f:56:75:61:1d:
6b:b8:a4:65:ce:db:cc:46:bf:55:e8:9e:c6:54:83:
50:79:9a:29:73:15:a0:c0:0d:a9:42:29:6d:44:b4:
97:f8:f5:4d:53:ec:fd:e5:f2:2d:9d:15:18:d2:2c:
64:71:58:af:4f:fa:cb:a1:b9:c9:10:bc:4d:2f:ec:
35:78:5d:35:87:dc:02:95:d9:a6:81:e3:8e:7a:49:
5f:8b:69:07:7a:9c:99:82:1d:33:e8:57:60:7e:73:
63:23:84:09:b9:12:bb:26:3e:f5:88:50:8c:53:cb:
b8:f6:93:aa:c7:77:d8:10:a6:2f:58:6a:26:e9:6f:
b8:16:3f:47:45:ab:26:6e:21:c1:3d:33:fb:7c:4b:
20:b0:80:e6:67:92:9d:33:18:17:d4:9e:e0:f9:6c:
bf:7e:e8:2c:2f:98:bc:06:67:e7:bf:e9:fa:d9:34:
bd:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:5F:D3:C6:F3:15:93:B9:30:CF:86:D4:0A:29:7B:A4:1B:4E:16:CB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3d952455-9c5f-4fa9-88c0-abed2531b77e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d079:5000::/40
Signature Algorithm: sha256WithRSAEncryption
8f:42:6a:fc:51:6a:e3:f1:f1:05:8e:45:b4:45:c6:54:ab:6a:
08:5f:da:5a:e1:8c:b6:06:54:ad:a8:42:fd:11:e7:64:4e:fe:
98:7b:48:e8:77:df:6e:e2:21:2b:e7:1b:cb:32:26:41:52:cd:
9c:bd:60:5b:d6:74:e0:9b:4d:3b:0c:19:71:f9:d2:41:3d:be:
63:3b:6c:d3:38:2a:f4:80:da:f5:b8:6c:36:ab:ec:28:12:2d:
8e:c3:ba:d8:f5:be:c7:79:d9:93:d2:b7:67:2a:16:01:a5:c5:
a0:03:78:3d:e1:c8:ad:8f:e7:2f:5a:a6:4b:72:09:9a:c3:dd:
8b:37:e1:ee:6b:9a:83:d1:28:80:ec:67:6d:e1:d9:e0:74:6e:
ed:ae:23:aa:d2:35:24:38:65:97:b7:aa:4a:f9:d3:42:18:c1:
a8:ba:59:13:11:8d:7c:50:b5:e0:85:db:f2:54:72:d7:c6:15:
69:aa:51:1a:1c:13:d9:db:ff:54:53:ad:36:ba:8d:4e:9e:8e:
d0:ea:09:8b:9b:97:fe:14:d4:16:c4:96:a6:34:3c:9a:ca:ee:
b8:6c:0a:9e:dd:b2:84:76:f0:5e:87:96:b5:5c:bd:dc:69:e1:
b0:2a:d3:b0:ef:35:1d:de:bb:a5:ed:7c:30:60:7b:7d:6a:c7:
13:63:e7:01
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCDMERUmV2wNIrA4BHMX9Z/ZdcLQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MjMwMDAwMDBaFw0yNDA1MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDk2NzdmODg1MjVmYTQ1MzBhMzY5OTIwNDQ2NDNlMWFkOTkxMmE0NTQ3ODcy
YmQ0OGU3YjIxN2UzNTY1MmZjOTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALyY8VRkjKMe8bhRpMuQMbr1f2bSg3tP6bZQlm+74BNnELr67YkK5kf7XR9F
v4DsnH86ovGRO0LbGkD3zkLKxDYQU3lvgwXFnPHTNizSME1EUsLbk49WdWEda7ik
Zc7bzEa/VeiexlSDUHmaKXMVoMANqUIpbUS0l/j1TVPs/eXyLZ0VGNIsZHFYr0/6
y6G5yRC8TS/sNXhdNYfcApXZpoHjjnpJX4tpB3qcmYIdM+hXYH5zYyOECbkSuyY+
9YhQjFPLuPaTqsd32BCmL1hqJulvuBY/R0WrJm4hwT0z+3xLILCA5meSnTMYF9Se
4Plsv37oLC+YvAZn57/p+tk0vdECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT2X9PG
8xWTuTDPhtQKKXukG04WyzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2Q5NTI0NTUtOWM1Zi00ZmE5LTg4YzAtYWJlZDI1MzFiNzdlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HlQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCPQmr8UWrj8fEFjkW0RcZUq2oIX9pa4Yy2BlSt
qEL9EedkTv6Ye0jod99u4iEr5xvLMiZBUs2cvWBb1nTgm007DBlx+dJBPb5jO2zT
OCr0gNr1uGw2q+woEi2Ow7rY9b7HedmT0rdnKhYBpcWgA3g94citj+cvWqZLcgma
w92LN+Hua5qD0SiA7Gdt4dngdG7triOq0jUkOGWXt6pK+dNCGMGoulkTEY18ULXg
hdvyVHLXxhVpqlEaHBPZ2/9UU602uo1Ono7Q6gmLm5f+FNQWxJamNDyayu64bAqe
3bKEdvBeh5a1XL3caeGwKtOw7zUd3rul7XwwYHt9ascTY+cB
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:35:27 2024 by rpki-client on console-ams.rpki-client.org