Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/44d8b686-7db5-4309-8f09-3af611be3753.roa
File: 44d8b686-7db5-4309-8f09-3af611be3753.roa (raw, json)
Hash identifier: lvD9p2Wb5mrsQ1jYitG7kapXAAwtR2xJv48vyw5nuig=
Subject key identifier: 4B:59:D0:7A:BA:5C:C8:9F:FE:DA:31:6D:5F:FE:58:BB:1B:BB:18:87
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2F0C10447FD9489ACAFE95668A2DAB4B0479F6C7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/44d8b686-7db5-4309-8f09-3af611be3753.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Apr 2024 08:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:0c:10:44:7f:d9:48:9a:ca:fe:95:66:8a:2d:ab:4b:04:79:f6:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=fe73f0a3fb048be72f765ffdca0b028840ab349eac72d10e5d7f0e49b198f135, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:61:0b:24:da:65:1b:15:ef:c5:49:f1:a5:02:
63:3a:1c:bc:9f:d3:a9:f9:ab:6d:83:70:a5:08:f8:
b4:43:a0:67:76:08:32:6e:d2:48:90:e2:b1:be:a4:
62:4c:ce:b6:a7:c9:e1:d0:69:ce:a5:c3:bd:94:a2:
f0:07:cd:62:a1:49:80:47:e3:82:12:a9:74:d3:6d:
36:46:d4:bf:d4:40:4d:cf:a4:66:ec:dc:92:45:57:
76:b6:9f:b9:5a:89:97:40:9e:b6:56:2a:28:88:28:
98:27:45:c3:77:d0:e1:a0:6d:19:9b:4c:13:12:f3:
3e:5c:4d:b5:ce:6b:68:7d:63:30:43:48:b4:9d:19:
f8:67:3f:47:1c:b3:f6:58:6d:69:00:8f:89:c8:24:
3e:0d:11:0b:91:6d:07:e9:b3:b0:e6:0f:c0:2a:dd:
ef:0a:31:b4:40:aa:c4:c9:f0:c5:d3:e2:88:73:58:
d8:bb:ad:c7:c7:b8:89:c1:e4:1c:36:8f:dd:36:64:
59:64:23:43:ba:dc:8b:21:17:2e:c1:97:a2:3c:12:
3a:b5:f9:51:9b:b0:f0:b1:52:8c:2b:28:0e:64:b5:
a5:c6:42:c5:aa:96:e4:26:de:90:90:ae:e5:b9:f5:
fb:05:9f:a6:7d:99:21:ac:0c:32:de:26:df:3e:db:
c6:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:59:D0:7A:BA:5C:C8:9F:FE:DA:31:6D:5F:FE:58:BB:1B:BB:18:87
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/44d8b686-7db5-4309-8f09-3af611be3753.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:c000::/40
Signature Algorithm: sha256WithRSAEncryption
1a:34:74:e4:06:1f:61:d3:05:8e:4d:ce:0d:64:fc:85:4b:b8:
2f:12:c3:58:c4:83:cd:71:37:b3:52:05:23:3f:dc:dd:82:b2:
7d:1c:f0:91:8c:92:ad:25:73:6d:e4:b8:bf:14:9a:d2:b3:4f:
d1:9b:87:01:b4:46:a2:46:2e:43:89:f8:8a:c2:c3:46:de:8f:
bf:b8:c7:e2:6e:15:48:e0:cd:03:60:8e:a1:6c:fb:b9:94:b3:
36:ba:f7:a7:fa:5a:0f:8b:c2:fc:7f:c2:88:91:e2:82:d0:74:
02:e3:41:cb:7b:7d:cb:92:07:ee:a2:90:b6:b7:4c:b3:86:cb:
40:4b:24:5c:43:17:80:80:8c:35:d7:81:f2:a5:cf:8b:8c:ce:
c9:17:22:16:d4:02:e0:47:ed:6f:e2:16:f8:ab:d4:09:88:f4:
c8:54:93:26:23:7e:12:41:5b:d3:27:ca:8a:38:d8:85:8d:13:
82:5d:1b:d9:31:49:cf:b5:7a:69:1e:b6:c3:ce:f7:91:4f:6a:
27:8b:4c:62:23:8e:47:35:68:4a:8b:ac:33:de:65:a9:fa:a3:
e3:fa:ff:b8:e8:39:97:fa:f0:94:64:ad:92:49:f2:b0:aa:36:
41:f6:42:5b:d0:4c:a6:d5:f6:ec:6f:33:33:4d:f6:4e:3c:ee:
d5:76:a4:e1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULwwQRH/ZSJrK/pVmii2rSwR59scwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGZlNzNmMGEzZmIwNDhiZTcyZjc2NWZmZGNhMGIwMjg4NDBhYjM0OWVhYzcy
ZDEwZTVkN2YwZTQ5YjE5OGYxMzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMthCyTaZRsV78VJ8aUCYzocvJ/TqfmrbYNwpQj4tEOgZ3YIMm7SSJDisb6k
YkzOtqfJ4dBpzqXDvZSi8AfNYqFJgEfjghKpdNNtNkbUv9RATc+kZuzckkVXdraf
uVqJl0CetlYqKIgomCdFw3fQ4aBtGZtMExLzPlxNtc5raH1jMENItJ0Z+Gc/Rxyz
9lhtaQCPicgkPg0RC5FtB+mzsOYPwCrd7woxtECqxMnwxdPiiHNY2Lutx8e4icHk
HDaP3TZkWWQjQ7rciyEXLsGXojwSOrX5UZuw8LFSjCsoDmS1pcZCxaqW5CbekJCu
5bn1+wWfpn2ZIawMMt4m3z7bxkMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRLWdB6
ulzIn/7aMW1f/li7G7sYhzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDRkOGI2ODYtN2RiNS00MzA5LThmMDktM2FmNjExYmUzNzUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HrA
MA0GCSqGSIb3DQEBCwUAA4IBAQAaNHTkBh9h0wWOTc4NZPyFS7gvEsNYxIPNcTez
UgUjP9zdgrJ9HPCRjJKtJXNt5Li/FJrSs0/Rm4cBtEaiRi5DifiKwsNG3o+/uMfi
bhVI4M0DYI6hbPu5lLM2uven+loPi8L8f8KIkeKC0HQC40HLe33LkgfuopC2t0yz
hstASyRcQxeAgIw114Hypc+LjM7JFyIW1ALgR+1v4hb4q9QJiPTIVJMmI34SQVvT
J8qKONiFjROCXRvZMUnPtXppHrbDzveRT2oni0xiI45HNWhKi6wz3mWp+qPj+v+4
6DmX+vCUZK2SSfKwqjZB9kJb0Eym1fbsbzMzTfZOPO7VdqTh
-----END CERTIFICATE-----
Generated at Fri Apr 26 13:36:04 2024 by rpki-client on console-ams.rpki-client.org