Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f6e3ef9-620e-492b-a475-8d26fd8e0020.roa
File: 3f6e3ef9-620e-492b-a475-8d26fd8e0020.roa (raw, json)
Hash identifier: 6cE6HvASVP7aO44oF8wruhIKN84L+LVUEpJ+S4D5RFA=
Subject key identifier: 1C:74:0B:5D:F2:E0:C4:E0:00:6A:FA:05:2A:A3:8A:0B:EB:70:59:07
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 31915F9AEE1D71D227FF923486171654EE7E1419
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f6e3ef9-620e-492b-a475-8d26fd8e0020.roa
Signing time: Tue 23 Apr 2024 00:00:00 +0000
ROA not before: Tue 23 Apr 2024 00:00:00 +0000
ROA not after: Tue 28 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d016::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:91:5f:9a:ee:1d:71:d2:27:ff:92:34:86:17:16:54:ee:7e:14:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 23 00:00:00 2024 GMT
Not After : May 28 23:59:59 2024 GMT
Subject: serialNumber=39b621c8deb4680664e0a06319920e08b407d08d7d147bb4ab13a23502693aeb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:94:3a:c2:9c:bb:96:3d:e0:ba:44:83:69:0a:
23:c3:33:ab:bb:67:a5:b6:81:bd:c4:0b:ba:62:86:
00:92:ce:80:a1:0b:81:6d:ae:d5:97:15:3e:7c:86:
2f:1c:c9:ec:3f:cd:fb:34:5a:d9:06:c4:9a:9f:41:
76:2e:1a:4c:cc:01:5c:fc:ca:ff:fd:a5:86:78:ba:
4a:56:b4:40:de:b4:33:7e:0d:74:94:65:b6:7f:1c:
67:74:1f:c6:51:09:b5:81:2d:28:af:b2:21:ad:e4:
ad:e3:4e:df:50:bc:fd:6a:f9:93:e8:c4:77:78:d1:
0a:21:ec:4d:8d:73:79:10:38:ca:28:ca:41:79:5c:
52:7c:7c:36:e9:da:98:0e:50:e8:43:73:8c:fe:35:
46:13:f9:ba:9d:80:1d:43:6a:cb:d5:72:28:a1:e6:
cf:75:e6:6c:a7:41:81:77:df:cd:c7:df:97:ef:3e:
65:5c:b0:ee:10:19:69:84:d3:65:83:cc:e0:1f:52:
55:49:7c:5c:50:00:49:42:d2:60:f9:51:1b:59:79:
7e:25:20:1a:6e:d8:71:cb:b4:03:51:fc:98:91:28:
65:1e:cb:c9:f8:88:e2:aa:8c:42:1c:90:2b:e9:21:
ec:ae:df:43:8d:1d:66:f2:88:75:b7:01:22:10:47:
38:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:74:0B:5D:F2:E0:C4:E0:00:6A:FA:05:2A:A3:8A:0B:EB:70:59:07
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f6e3ef9-620e-492b-a475-8d26fd8e0020.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d016::/36
Signature Algorithm: sha256WithRSAEncryption
93:22:1c:25:a9:f8:22:f5:2a:1a:79:d5:a9:e2:8e:a7:c8:67:
a4:49:ab:12:3a:7a:8b:f9:07:c4:ae:e7:13:f7:c8:54:33:a2:
94:17:96:7e:2f:e1:d3:66:8d:c2:55:58:78:ee:0b:ac:0c:63:
f8:c1:9b:3b:c7:40:58:47:10:24:a5:20:fc:d0:a9:09:60:ec:
46:56:5d:0d:ee:28:d4:ba:3e:34:e4:ea:3d:70:74:0b:06:99:
b5:bb:6b:af:70:bb:92:46:49:71:e5:8f:8e:1f:36:56:17:7a:
a2:bb:54:94:bd:1f:08:33:9e:df:07:a9:7a:20:0c:22:5e:5a:
c6:bd:cb:a6:e9:7d:40:64:84:5a:7a:98:8f:9a:61:d0:35:fb:
71:d5:da:ed:4a:2f:f1:9e:1e:2c:c6:4e:b9:07:ad:54:4f:d7:
d5:9a:1f:01:25:17:4b:1f:58:11:0e:93:f1:1f:29:50:53:de:
b7:d4:74:d6:28:3f:b1:73:41:2e:3e:d4:09:fe:43:d2:97:d6:
de:8b:b9:ab:e3:8a:46:fd:12:e4:c9:fd:b4:bb:11:09:37:cb:
4c:74:59:9a:3f:c4:8b:de:9b:84:07:22:77:df:e3:bd:ee:9b:
66:57:b2:4c:58:10:4a:cd:ef:24:68:e4:59:10:19:83:62:65:
2d:ee:76:61
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMZFfmu4dcdIn/5I0hhcWVO5+FBkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MjMwMDAwMDBaFw0yNDA1MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDM5YjYyMWM4ZGViNDY4MDY2NGUwYTA2MzE5OTIwZTA4YjQwN2QwOGQ3ZDE0
N2JiNGFiMTNhMjM1MDI2OTNhZWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL2UOsKcu5Y94LpEg2kKI8Mzq7tnpbaBvcQLumKGAJLOgKELgW2u1ZcVPnyG
LxzJ7D/N+zRa2QbEmp9Bdi4aTMwBXPzK//2lhni6Sla0QN60M34NdJRltn8cZ3Qf
xlEJtYEtKK+yIa3kreNO31C8/Wr5k+jEd3jRCiHsTY1zeRA4yijKQXlcUnx8Nuna
mA5Q6ENzjP41RhP5up2AHUNqy9VyKKHmz3XmbKdBgXffzcffl+8+ZVyw7hAZaYTT
ZYPM4B9SVUl8XFAASULSYPlRG1l5fiUgGm7Yccu0A1H8mJEoZR7LyfiI4qqMQhyQ
K+kh7K7fQ40dZvKIdbcBIhBHOE0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQcdAtd
8uDE4ABq+gUqo4oL63BZBzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2Y2ZTNlZjktNjIwZS00OTJiLWE0NzUtOGQyNmZkOGUwMDIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BYA
MA0GCSqGSIb3DQEBCwUAA4IBAQCTIhwlqfgi9SoaedWp4o6nyGekSasSOnqL+QfE
rucT98hUM6KUF5Z+L+HTZo3CVVh47gusDGP4wZs7x0BYRxAkpSD80KkJYOxGVl0N
7ijUuj405Oo9cHQLBpm1u2uvcLuSRklx5Y+OHzZWF3qiu1SUvR8IM57fB6l6IAwi
XlrGvcum6X1AZIRaepiPmmHQNftx1drtSi/xnh4sxk65B61UT9fVmh8BJRdLH1gR
DpPxHylQU9631HTWKD+xc0EuPtQJ/kPSl9bei7mr44pG/RLkyf20uxEJN8tMdFma
P8SL3puEByJ33+O97ptmV7JMWBBKze8kaORZEBmDYmUt7nZh
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:23 2024 by rpki-client on console-ams.rpki-client.org