Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa20760-fb28-4393-bec8-9ffb467f03e4.roa
File: 4aa20760-fb28-4393-bec8-9ffb467f03e4.roa (raw, json)
Hash identifier: G8YfWVD7Pdq0MhRkz84ZnJly780BZK3huyyAGym/xtU=
Subject key identifier: E9:83:70:BE:96:83:A4:27:81:97:CC:B4:0D:B4:47:61:DE:27:52:0F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 665DB802A4304B681C7868AFC090540301A071C3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa20760-fb28-4393-bec8-9ffb467f03e4.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Apr 2024 08:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:5d:b8:02:a4:30:4b:68:1c:78:68:af:c0:90:54:03:01:a0:71:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=9dd633fd5a688383929bad5c2ce9cf04e0345fe518de969a08946302b72378f9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:8c:ab:57:d2:3d:a8:78:aa:43:a4:24:a4:92:
e6:e1:34:dd:44:2e:3e:4e:e2:49:5f:83:2e:c0:ea:
39:73:ba:18:26:89:4f:a5:4e:a7:c1:cd:b7:2e:d7:
93:da:ec:9b:8e:54:ee:b2:ad:bf:24:8a:20:45:05:
11:0c:bd:e3:ca:ac:5d:c4:10:4b:80:b5:b2:4b:59:
dd:6e:6c:85:6b:79:2c:24:36:14:a4:d1:75:83:5f:
d8:d1:fe:ca:93:7a:3c:d0:42:52:67:65:a0:39:e5:
c1:98:6d:e7:a8:8c:0a:31:a5:28:b6:e3:99:31:fe:
d6:c3:a5:2f:b4:ff:31:62:56:b6:98:a8:cd:92:5b:
ca:26:5b:25:d5:7e:28:c5:ff:9b:4f:7b:8a:c2:6d:
2d:cc:91:e4:9a:10:dd:31:0c:d5:35:80:3b:4b:5e:
26:48:cb:f9:e1:3a:93:fa:af:6f:83:3a:38:81:7b:
e8:0a:4e:97:71:1b:16:f1:e2:21:7c:0c:ae:8e:e4:
c8:7b:95:64:88:43:c4:4c:22:41:0b:c8:e8:e7:d2:
b1:e3:e3:4d:48:1e:24:68:70:9e:7d:78:00:48:9f:
de:0a:57:a8:ac:7f:de:bc:5f:fc:78:c8:3d:81:c4:
98:cb:80:5d:97:77:60:39:16:3c:b8:40:fa:19:0a:
3b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:83:70:BE:96:83:A4:27:81:97:CC:B4:0D:B4:47:61:DE:27:52:0F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa20760-fb28-4393-bec8-9ffb467f03e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:6000::/40
Signature Algorithm: sha256WithRSAEncryption
52:e9:59:6a:33:83:11:cc:33:8b:81:dd:4b:d7:37:a4:0b:b5:
43:dd:55:78:00:cc:ec:75:84:08:1b:cb:4e:4a:f0:b1:d1:46:
e4:30:fe:3e:62:82:c1:27:18:b9:34:ed:23:1c:df:e9:20:e0:
d6:b3:7c:13:88:cf:25:0b:13:18:eb:54:78:23:a4:6f:08:9b:
1c:85:9e:5c:f3:9b:da:b7:30:b5:e2:15:05:19:e7:a5:b7:b5:
9e:3a:f3:f8:78:44:9a:16:cf:27:9e:02:0e:2d:b2:83:a1:b1:
ac:4c:0b:9b:1b:aa:5a:b5:bf:73:8e:37:e6:0e:47:98:c5:df:
1b:c2:ca:89:cc:64:03:a5:9b:ef:fe:01:de:ef:ec:e0:ec:ef:
c9:77:74:76:40:9b:79:f7:a3:2d:54:1b:eb:c9:d6:54:4f:ad:
06:97:93:e1:54:22:e8:87:cc:22:e3:e1:62:ee:96:d4:47:ac:
2b:17:7c:c5:1d:16:49:d5:17:9d:6e:23:a9:cb:9f:de:1a:a3:
86:5f:5b:0c:7e:36:23:49:3c:f7:c0:a4:0f:47:fc:5d:6c:75:
f6:54:ac:f8:3f:e0:f6:7e:2a:f0:de:d8:4a:db:82:e0:56:36:
8d:56:2c:0d:84:b1:99:22:78:ae:07:2c:b0:e4:58:8b:f6:81:
ea:c6:e8:75
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZl24AqQwS2gceGivwJBUAwGgccMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDlkZDYzM2ZkNWE2ODgzODM5MjliYWQ1YzJjZTljZjA0ZTAzNDVmZTUxOGRl
OTY5YTA4OTQ2MzAyYjcyMzc4ZjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANCMq1fSPah4qkOkJKSS5uE03UQuPk7iSV+DLsDqOXO6GCaJT6VOp8HNty7X
k9rsm45U7rKtvySKIEUFEQy948qsXcQQS4C1sktZ3W5shWt5LCQ2FKTRdYNf2NH+
ypN6PNBCUmdloDnlwZht56iMCjGlKLbjmTH+1sOlL7T/MWJWtpiozZJbyiZbJdV+
KMX/m097isJtLcyR5JoQ3TEM1TWAO0teJkjL+eE6k/qvb4M6OIF76ApOl3EbFvHi
IXwMro7kyHuVZIhDxEwiQQvI6OfSsePjTUgeJGhwnn14AEif3gpXqKx/3rxf/HjI
PYHEmMuAXZd3YDkWPLhA+hkKO68CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTpg3C+
loOkJ4GXzLQNtEdh3idSDzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFhMjA3NjAtZmIyOC00MzkzLWJlYzgtOWZmYjQ2N2YwM2U0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hpg
MA0GCSqGSIb3DQEBCwUAA4IBAQBS6VlqM4MRzDOLgd1L1zekC7VD3VV4AMzsdYQI
G8tOSvCx0UbkMP4+YoLBJxi5NO0jHN/pIODWs3wTiM8lCxMY61R4I6RvCJschZ5c
85vatzC14hUFGeelt7WeOvP4eESaFs8nngIOLbKDobGsTAubG6patb9zjjfmDkeY
xd8bwsqJzGQDpZvv/gHe7+zg7O/Jd3R2QJt596MtVBvrydZUT60Gl5PhVCLoh8wi
4+Fi7pbUR6wrF3zFHRZJ1RedbiOpy5/eGqOGX1sMfjYjSTz3wKQPR/xdbHX2VKz4
P+D2firw3thK24LgVjaNViwNhLGZIniuByyw5FiL9oHqxuh1
-----END CERTIFICATE-----
Generated at Fri Apr 26 13:36:04 2024 by rpki-client on console-ams.rpki-client.org