Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa20760-fb28-4393-bec8-9ffb467f03e4.roa
File: 4aa20760-fb28-4393-bec8-9ffb467f03e4.roa (raw, json)
Hash identifier: kGWqDQ59hW1xcnV3k+bcZ72YrETZiC2244F10UM4HE4=
Subject key identifier: 5C:80:6E:D8:AB:37:34:C3:37:66:56:AD:91:2C:6C:15:3B:00:67:4A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6DBDD750C2EA7BAB7AF3A83FA98EB74E5D584CD8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa20760-fb28-4393-bec8-9ffb467f03e4.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:bd:d7:50:c2:ea:7b:ab:7a:f3:a8:3f:a9:8e:b7:4e:5d:58:4c:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=1499cc2aba83843dc6279034c5f5138868ca5012029fc87148b17caf796b602c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:86:d1:41:e4:0a:92:88:fa:38:bc:3b:5b:71:
88:96:5e:00:8c:3b:62:cc:97:b2:7c:c2:40:c3:be:
8d:2e:5d:9f:98:fb:2f:65:5d:22:c1:95:e6:0e:f9:
f1:15:09:bb:c9:ae:ac:16:d1:4e:0a:37:7b:7c:b9:
2a:dd:ef:2a:1f:c7:90:70:cb:16:c4:7d:64:91:ca:
15:95:82:9d:77:3b:43:92:9f:30:1f:07:bc:f3:5e:
af:47:a0:71:df:07:cc:13:23:f4:a8:88:2d:82:a0:
f4:4f:2c:99:b6:ba:74:92:44:ec:f4:f6:92:cd:21:
b2:47:77:4f:98:6b:55:7b:c3:2c:ee:c1:fb:8d:f8:
ee:ed:ff:82:9e:60:bf:91:11:89:ae:79:47:70:04:
8d:ec:6a:3a:33:8c:13:60:cd:c6:9c:2e:1c:72:1d:
ae:78:b0:4c:39:69:66:55:2f:ac:b2:ae:c6:ad:3f:
1e:03:fe:40:f9:9f:93:5a:9d:b0:c7:32:61:6d:59:
74:09:1b:e8:88:79:b3:82:8c:fd:0f:5e:85:41:aa:
46:42:1b:c1:44:c6:0e:85:eb:6e:32:d4:2d:f6:e5:
f5:cf:b6:7a:da:58:fb:b8:3f:f2:02:a0:13:8e:44:
86:33:82:b6:0a:66:06:71:c7:09:fc:20:24:21:f9:
76:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:80:6E:D8:AB:37:34:C3:37:66:56:AD:91:2C:6C:15:3B:00:67:4A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa20760-fb28-4393-bec8-9ffb467f03e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:6000::/40
Signature Algorithm: sha256WithRSAEncryption
a8:17:00:d0:db:10:9f:5b:55:44:94:d4:46:94:37:e4:14:ae:
98:98:74:20:a3:d9:1d:c9:e3:f6:b0:46:c4:14:87:ba:f0:ad:
01:b9:fc:6d:7f:75:e6:ff:cd:01:39:ee:7c:9c:3f:38:1e:a9:
1b:cd:95:f2:d9:d7:08:71:03:ab:7f:b6:47:44:fc:49:37:14:
45:e0:79:53:a1:70:32:00:3f:b6:00:63:1c:ea:9b:64:73:9b:
bf:c5:47:d7:31:bf:5e:61:9a:3f:90:5f:a2:e5:93:c5:19:25:
57:b9:99:55:73:d2:2d:b1:60:0a:79:c2:21:bd:b0:79:e4:c3:
72:de:17:b8:16:2a:33:b1:5b:2c:5a:76:9c:cb:7c:de:c9:e0:
f4:4e:4f:90:77:73:da:13:f9:f1:3d:c5:7b:39:9c:1d:ec:12:
14:7e:f9:86:a7:5a:ec:ce:31:8b:b0:44:9d:1c:36:2e:81:83:
f3:13:b5:56:af:cf:d8:af:20:84:f1:07:78:02:20:9d:56:0e:
38:4c:f9:48:b6:eb:93:3c:e1:3c:3f:2a:00:3b:f7:02:ae:42:
97:47:a5:c2:13:97:46:70:2f:a4:e3:de:4a:2e:09:70:2f:ca:
a5:35:c3:90:93:59:06:ec:a9:d3:ce:1a:69:6c:8b:5e:f9:47:
fe:53:61:eb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbb3XUMLqe6t686g/qY63Tl1YTNgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0OTljYzJhYmE4Mzg0M2RjNjI3OTAzNGM1ZjUxMzg4NjhjYTUwMTIwMjlm
Yzg3MTQ4YjE3Y2FmNzk2YjYwMmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMaG0UHkCpKI+ji8O1txiJZeAIw7YsyXsnzCQMO+jS5dn5j7L2VdIsGV5g75
8RUJu8murBbRTgo3e3y5Kt3vKh/HkHDLFsR9ZJHKFZWCnXc7Q5KfMB8HvPNer0eg
cd8HzBMj9KiILYKg9E8smba6dJJE7PT2ks0hskd3T5hrVXvDLO7B+4347u3/gp5g
v5ERia55R3AEjexqOjOME2DNxpwuHHIdrniwTDlpZlUvrLKuxq0/HgP+QPmfk1qd
sMcyYW1ZdAkb6Ih5s4KM/Q9ehUGqRkIbwUTGDoXrbjLULfbl9c+2etpY+7g/8gKg
E45EhjOCtgpmBnHHCfwgJCH5dtUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRcgG7Y
qzc0wzdmVq2RLGwVOwBnSjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFhMjA3NjAtZmIyOC00MzkzLWJlYzgtOWZmYjQ2N2YwM2U0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hpg
MA0GCSqGSIb3DQEBCwUAA4IBAQCoFwDQ2xCfW1VElNRGlDfkFK6YmHQgo9kdyeP2
sEbEFIe68K0Bufxtf3Xm/80BOe58nD84HqkbzZXy2dcIcQOrf7ZHRPxJNxRF4HlT
oXAyAD+2AGMc6ptkc5u/xUfXMb9eYZo/kF+i5ZPFGSVXuZlVc9ItsWAKecIhvbB5
5MNy3he4FiozsVssWnacy3zeyeD0Tk+Qd3PaE/nxPcV7OZwd7BIUfvmGp1rszjGL
sESdHDYugYPzE7VWr8/YryCE8Qd4AiCdVg44TPlItuuTPOE8PyoAO/cCrkKXR6XC
E5dGcC+k495KLglwL8qlNcOQk1kG7KnTzhppbIte+Uf+U2Hr
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:26 2023 by rpki-client on console-ams.rpki-client.org