Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455a2efe-3411-42cf-a196-73c25845d48c.roa
File: 455a2efe-3411-42cf-a196-73c25845d48c.roa (raw, json)
Hash identifier: 48fj7D3n7uCdXAxtY0rdIgi+prtKGm9Qou138QShTAE=
Subject key identifier: B2:99:43:F5:C6:5D:ED:A3:BD:33:15:1D:1C:57:24:17:0D:47:23:02
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 194BE78740FFBE960B48276845402FC3900375F4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455a2efe-3411-42cf-a196-73c25845d48c.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:4b:e7:87:40:ff:be:96:0b:48:27:68:45:40:2f:c3:90:03:75:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=75c32320f72132a9d88e104a889fc199b4ad539b65586cfbf3264ed1d9255e09, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:99:2d:8f:e8:09:7e:25:b6:1a:b2:2f:ff:0d:
a2:a7:f2:30:8d:ff:18:8c:4e:9f:c0:82:bf:c0:73:
b3:da:59:68:5e:1f:ab:92:0a:4e:1a:da:23:df:45:
13:3c:45:01:24:4e:5a:28:83:e1:e9:b8:4f:39:84:
d5:59:53:7c:88:f6:4f:ce:1c:bc:9a:78:45:44:6e:
1c:8b:0f:0e:b2:fe:50:17:2e:03:6b:dd:c1:07:79:
b2:59:f1:89:ac:80:0e:aa:65:b9:1c:b3:73:33:9e:
94:eb:ac:06:81:08:e5:70:68:7a:de:51:14:30:46:
0c:9c:11:85:fb:04:fc:49:58:fa:47:35:62:7e:22:
ef:b2:3f:95:9e:06:df:82:5e:c1:b1:4f:c3:01:8d:
ab:08:e5:20:5e:0b:74:ea:9b:41:87:d8:37:1b:c6:
33:07:9e:55:0f:1c:9e:ef:20:6d:9d:cf:d0:96:86:
6a:7c:6e:26:94:9d:9e:e7:50:2a:aa:e6:86:94:08:
5c:19:bc:ac:8d:6b:49:25:7b:d4:bd:59:55:7e:d3:
2a:5e:6f:dc:b0:43:49:5a:e7:f4:95:d2:af:fe:d8:
fb:d1:2e:52:9b:dd:c8:f1:9c:9f:2e:5a:28:77:58:
3a:01:c8:67:d1:62:46:f5:38:4b:3e:1e:75:5e:28:
08:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:99:43:F5:C6:5D:ED:A3:BD:33:15:1D:1C:57:24:17:0D:47:23:02
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455a2efe-3411-42cf-a196-73c25845d48c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:2000::/40
Signature Algorithm: sha256WithRSAEncryption
b9:7e:5a:e5:ac:65:81:52:02:c5:22:c2:cd:54:24:0d:0a:0d:
28:dc:e9:3b:31:53:57:b7:fe:d0:6b:67:ad:b4:24:e9:c4:a3:
30:dd:e2:39:f9:27:6e:e7:03:07:ab:e6:66:29:d4:e5:8d:03:
6f:3f:ff:0c:59:7a:36:20:31:c7:4f:6c:a4:53:14:f2:35:d0:
28:b3:0a:5c:29:b2:93:a2:68:f2:5c:5c:dc:93:46:b9:4e:b2:
ac:7c:f7:af:e5:14:fa:0d:e6:03:1e:9f:d3:42:f4:76:dc:cd:
63:c7:c9:ce:fe:f1:af:53:f7:5d:b5:82:29:73:5f:a9:63:a8:
31:e3:fe:1f:79:76:3a:74:e3:3b:c1:a9:9a:eb:15:e3:ae:e1:
7e:d3:87:6b:5e:da:cb:82:0b:2f:81:bb:e3:85:b2:ba:6f:02:
1d:db:17:ff:2a:91:fd:52:52:84:f1:d4:cd:1a:81:84:ab:77:
b1:03:2c:f2:94:2e:68:7c:98:3a:62:91:62:fe:c1:36:df:fc:
e1:f1:8a:9d:f7:0a:90:fa:b7:4d:66:02:70:f6:a3:88:71:5e:
bb:7a:d9:1b:41:8f:1a:c3:4d:b0:ed:29:81:0a:50:b3:17:89:
ef:70:87:50:52:64:5d:fb:c0:9b:3d:b4:60:fd:e5:3e:f5:66:
41:33:ef:4d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGUvnh0D/vpYLSCdoRUAvw5ADdfQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDc1YzMyMzIwZjcyMTMyYTlkODhlMTA0YTg4OWZjMTk5YjRhZDUzOWI2NTU4
NmNmYmYzMjY0ZWQxZDkyNTVlMDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALmZLY/oCX4lthqyL/8NoqfyMI3/GIxOn8CCv8Bzs9pZaF4fq5IKThraI99F
EzxFASROWiiD4em4TzmE1VlTfIj2T84cvJp4RURuHIsPDrL+UBcuA2vdwQd5slnx
iayADqpluRyzczOelOusBoEI5XBoet5RFDBGDJwRhfsE/ElY+kc1Yn4i77I/lZ4G
34JewbFPwwGNqwjlIF4LdOqbQYfYNxvGMweeVQ8cnu8gbZ3P0JaGanxuJpSdnudQ
KqrmhpQIXBm8rI1rSSV71L1ZVX7TKl5v3LBDSVrn9JXSr/7Y+9EuUpvdyPGcny5a
KHdYOgHIZ9FiRvU4Sz4edV4oCE0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSymUP1
xl3to70zFR0cVyQXDUcjAjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDU1YTJlZmUtMzQxMS00MmNmLWExOTYtNzNjMjU4NDVkNDhjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fgg
MA0GCSqGSIb3DQEBCwUAA4IBAQC5flrlrGWBUgLFIsLNVCQNCg0o3Ok7MVNXt/7Q
a2ettCTpxKMw3eI5+Sdu5wMHq+ZmKdTljQNvP/8MWXo2IDHHT2ykUxTyNdAoswpc
KbKTomjyXFzck0a5TrKsfPev5RT6DeYDHp/TQvR23M1jx8nO/vGvU/ddtYIpc1+p
Y6gx4/4feXY6dOM7wama6xXjruF+04drXtrLggsvgbvjhbK6bwId2xf/KpH9UlKE
8dTNGoGEq3exAyzylC5ofJg6YpFi/sE23/zh8Yqd9wqQ+rdNZgJw9qOIcV67etkb
QY8aw02w7SmBClCzF4nvcIdQUmRd+8CbPbRg/eU+9WZBM+9N
-----END CERTIFICATE-----
Generated at Sat Apr 27 17:54:23 2024 by rpki-client on console-ams.rpki-client.org