Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f324111-4b95-44d9-93fa-2778bdda69e8.roa
File: 3f324111-4b95-44d9-93fa-2778bdda69e8.roa (raw, json)
Hash identifier: PIvdI8XfVJw3Ni54KeSvq4ycjHzCNSz743K75Z+eE/I=
Subject key identifier: D5:B8:DF:E0:F9:E9:5D:90:A9:9D:DE:3B:08:5D:6E:91:3D:FF:4D:64
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D16FA5894F5E42E679AB700C11230AFB9A9B48D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f324111-4b95-44d9-93fa-2778bdda69e8.roa
Signing time: Fri 29 Mar 2024 00:00:00 +0000
ROA not before: Fri 29 Mar 2024 00:00:00 +0000
ROA not after: Fri 03 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Apr 2024 17:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:16:fa:58:94:f5:e4:2e:67:9a:b7:00:c1:12:30:af:b9:a9:b4:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 29 00:00:00 2024 GMT
Not After : May 3 23:59:59 2024 GMT
Subject: serialNumber=7691f4f5a10b69f5b1b113081ba844c883d290fe82aa785151cacdd99e273542, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:b9:34:d6:95:30:0b:32:3f:72:05:49:a4:9e:
0e:c9:12:ac:d7:65:b3:52:82:2d:63:a6:0d:7d:2d:
53:96:b2:aa:98:44:70:4e:ea:38:da:b7:5d:c1:4e:
6c:5a:72:ab:21:03:0d:e5:76:50:31:3d:db:0b:b9:
3e:62:ff:3d:eb:e2:00:44:6b:f1:2e:4c:f7:ca:ce:
47:ea:34:a6:a2:18:6d:9c:e3:40:b8:97:9d:94:1b:
98:49:c4:01:1b:6d:25:a7:2f:5f:2d:14:90:2d:1d:
6f:ef:d4:46:31:ad:fb:c0:96:8d:5b:af:5f:30:9b:
be:a1:ed:c3:d0:25:66:fa:d9:b8:40:83:e2:e0:64:
46:ba:88:0a:5b:8b:f5:35:8c:dc:d2:5a:47:a0:7c:
e8:f9:e9:85:b0:0f:f0:f6:c8:60:bb:fb:3b:53:ad:
d0:fe:e9:ee:d0:b1:5a:e2:cd:b4:bb:47:20:6b:1d:
30:94:d0:bf:94:fa:c0:da:30:7d:71:0f:24:42:49:
74:d9:06:f4:b7:72:4b:69:38:9c:97:55:bc:29:85:
f4:c8:ea:c0:bd:6f:f0:7e:7c:5d:56:ee:f6:ee:1e:
4d:d7:5b:15:ef:a5:8d:47:d8:6c:d9:6a:d1:6a:76:
10:d9:3d:9c:ea:2e:20:5a:3e:7e:34:46:3a:6c:cc:
df:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:B8:DF:E0:F9:E9:5D:90:A9:9D:DE:3B:08:5D:6E:91:3D:FF:4D:64
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f324111-4b95-44d9-93fa-2778bdda69e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:4000::/40
Signature Algorithm: sha256WithRSAEncryption
36:98:c8:77:49:89:6b:74:ca:d7:5c:1f:08:fd:a7:48:a7:c0:
5e:c8:da:8c:de:de:a4:76:38:e4:d8:9c:e5:eb:60:e3:3d:f8:
d2:58:8a:64:2b:9c:55:07:d9:89:59:5f:47:b0:4e:c4:4f:a6:
3b:71:d2:db:5a:e6:91:3f:a0:ef:a2:ee:83:45:69:59:6d:9c:
96:01:c8:1b:00:9f:09:b8:70:0d:69:ca:7a:3d:e2:a5:6e:f8:
4f:a9:21:fa:4d:8b:25:f4:e2:b4:18:65:55:fc:10:69:42:d2:
da:56:d8:bd:f8:18:b4:e7:9d:88:2d:a9:3d:37:e6:92:93:56:
99:4d:ef:b2:e5:e4:dc:a3:2f:d2:97:ce:c3:63:42:39:b8:fd:
79:8e:20:89:8a:e6:96:6b:90:0c:c0:66:2a:e3:71:ae:79:ee:
e3:8d:1e:3b:7d:77:af:6f:6c:20:7a:99:bb:5d:d9:b8:50:39:
8d:81:51:b9:2a:20:f5:32:0d:60:06:75:32:11:01:f7:4a:15:
a3:27:ea:25:d9:b4:5e:28:ba:36:e5:e0:6c:a1:98:24:a5:21:
10:0d:eb:dc:2c:79:f7:3a:1d:1a:6b:b9:d1:68:f7:59:d5:ff:
0d:b0:54:a9:cb:32:08:fb:28:9b:e6:d1:18:7d:a3:25:26:7c:
5f:10:4e:9e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHRb6WJT15C5nmrcAwRIwr7mptI0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDAzMjkwMDAwMDBaFw0yNDA1MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2OTFmNGY1YTEwYjY5ZjViMWIxMTMwODFiYTg0NGM4ODNkMjkwZmU4MmFh
Nzg1MTUxY2FjZGQ5OWUyNzM1NDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANa5NNaVMAsyP3IFSaSeDskSrNdls1KCLWOmDX0tU5ayqphEcE7qONq3XcFO
bFpyqyEDDeV2UDE92wu5PmL/PeviAERr8S5M98rOR+o0pqIYbZzjQLiXnZQbmEnE
ARttJacvXy0UkC0db+/URjGt+8CWjVuvXzCbvqHtw9AlZvrZuECD4uBkRrqICluL
9TWM3NJaR6B86PnphbAP8PbIYLv7O1Ot0P7p7tCxWuLNtLtHIGsdMJTQv5T6wNow
fXEPJEJJdNkG9LdyS2k4nJdVvCmF9MjqwL1v8H58XVbu9u4eTddbFe+ljUfYbNlq
0Wp2ENk9nOouIFo+fjRGOmzM39ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTVuN/g
+eldkKmd3jsIXW6RPf9NZDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2YzMjQxMTEtNGI5NS00NGQ5LTkzZmEtMjc3OGJkZGE2OWU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DpA
MA0GCSqGSIb3DQEBCwUAA4IBAQA2mMh3SYlrdMrXXB8I/adIp8BeyNqM3t6kdjjk
2Jzl62DjPfjSWIpkK5xVB9mJWV9HsE7ET6Y7cdLbWuaRP6Dvou6DRWlZbZyWAcgb
AJ8JuHANacp6PeKlbvhPqSH6TYsl9OK0GGVV/BBpQtLaVti9+Bi0552ILak9N+aS
k1aZTe+y5eTcoy/Sl87DY0I5uP15jiCJiuaWa5AMwGYq43Guee7jjR47fXevb2wg
epm7Xdm4UDmNgVG5KiD1Mg1gBnUyEQH3ShWjJ+ol2bReKLo25eBsoZgkpSEQDevc
LHn3Oh0aa7nRaPdZ1f8NsFSpyzII+yib5tEYfaMlJnxfEE6e
-----END CERTIFICATE-----
Generated at Sat Apr 20 01:09:33 2024 by rpki-client on console-ams.rpki-client.org