Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
File: 4aa6172c-f263-4645-8d7a-40a15aee233f.roa (raw, json)
Hash identifier: g71gFAmwc+sCuIMYlgp+C3m+D2WPGcgiduOeqxLpbBU=
Subject key identifier: 8F:34:68:1C:BC:80:38:4F:4B:48:7D:79:62:48:42:E8:3A:A5:86:9A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4F7120B8C022CD5641FCDF1E797B446D1DBE4C20
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Apr 2024 17:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:71:20:b8:c0:22:cd:56:41:fc:df:1e:79:7b:44:6d:1d:be:4c:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=57a673cb80d83d8c316b6a57782545a1278976e2cb628f14cb7132b2785b091e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a1:7e:28:58:fe:fc:53:d4:35:9b:65:3f:10:
53:96:c6:6f:63:d0:51:81:e0:4b:07:c9:db:29:70:
1c:e5:06:2b:ba:e4:64:e2:8b:7b:fc:cc:02:18:7c:
53:37:c8:89:62:44:a0:0a:3d:57:90:c3:58:67:5d:
c6:f3:70:8b:7c:ec:54:a8:ed:2d:04:7a:7c:7a:b7:
95:e6:f7:fa:ec:dd:aa:36:73:a1:48:80:0f:7d:ed:
4d:52:08:52:e2:eb:d6:4d:bd:cd:1f:0a:6b:ff:60:
75:ec:f1:23:8c:f7:7b:27:92:55:26:5b:14:e1:a4:
1e:94:e3:99:51:f6:f0:71:55:5f:fe:04:35:4a:9d:
ee:f1:12:5e:42:a1:6a:01:15:0b:ca:cc:64:e6:61:
f3:3b:a1:4f:c3:ff:43:a1:af:0c:41:8e:60:5d:69:
6f:3b:d4:3c:9d:9a:55:56:b3:66:4c:98:1b:fb:b4:
9f:f6:f0:c1:c4:92:a1:f5:8d:da:9b:b1:af:b0:96:
8c:31:df:9a:46:5b:20:98:c4:b9:8c:7c:cd:68:34:
1e:fa:99:35:c5:c0:48:92:96:5c:9e:37:f3:99:eb:
11:cf:48:b0:38:92:4a:26:ca:a2:83:96:2b:97:94:
38:4f:9e:6f:07:13:7b:60:5a:56:dc:70:e4:32:ac:
3c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:34:68:1C:BC:80:38:4F:4B:48:7D:79:62:48:42:E8:3A:A5:86:9A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:8000::/40
Signature Algorithm: sha256WithRSAEncryption
22:d2:98:ab:a6:b7:44:4b:f6:f3:5f:a8:a6:19:8f:39:1a:d7:
47:fd:d3:45:b8:82:6b:3a:f3:2e:f2:03:e0:2c:c3:42:e7:15:
0d:cb:f5:b7:39:ae:e4:4b:4d:53:a1:a8:2d:6f:3f:3a:5a:ca:
eb:d7:1e:0e:d2:3e:d0:85:4c:9d:ab:d9:2e:82:a2:7b:44:91:
57:2c:fc:be:86:06:b4:4a:0a:af:bd:62:35:05:99:7e:bc:81:
ae:0c:4b:fa:08:7e:25:4f:44:54:28:e8:8b:3d:46:81:28:30:
15:f1:2f:58:fc:d8:0d:db:3e:7a:03:3a:c5:ce:89:86:e0:d3:
d6:81:c2:5b:bf:13:f4:72:e0:62:f4:0b:0d:1c:7b:2d:68:d5:
14:93:4a:65:91:e8:3d:cb:17:35:80:35:f4:11:9b:10:65:a3:
f1:00:16:76:0a:00:65:15:c7:d3:3b:09:0f:13:85:55:83:50:
e5:c8:a2:c7:84:39:d5:cf:a3:fe:ef:c0:0b:94:43:b2:c2:ab:
23:d6:9e:20:b4:60:09:7a:c4:b3:ed:c9:4d:8f:22:29:6a:8b:
15:c2:a2:95:5b:fc:11:2b:eb:3d:63:15:f0:1a:8d:44:d5:9d:
e5:14:1f:89:3a:fd:6e:83:e6:e8:15:ef:1e:92:da:8a:9c:c5:
f1:5c:c9:f2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUT3EguMAizVZB/N8eeXtEbR2+TCAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDU3YTY3M2NiODBkODNkOGMzMTZiNmE1Nzc4MjU0NWExMjc4OTc2ZTJjYjYy
OGYxNGNiNzEzMmIyNzg1YjA5MWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKyhfihY/vxT1DWbZT8QU5bGb2PQUYHgSwfJ2ylwHOUGK7rkZOKLe/zMAhh8
UzfIiWJEoAo9V5DDWGddxvNwi3zsVKjtLQR6fHq3leb3+uzdqjZzoUiAD33tTVII
UuLr1k29zR8Ka/9gdezxI4z3eyeSVSZbFOGkHpTjmVH28HFVX/4ENUqd7vESXkKh
agEVC8rMZOZh8zuhT8P/Q6GvDEGOYF1pbzvUPJ2aVVazZkyYG/u0n/bwwcSSofWN
2puxr7CWjDHfmkZbIJjEuYx8zWg0HvqZNcXASJKWXJ4385nrEc9IsDiSSibKooOW
K5eUOE+ebwcTe2BaVtxw5DKsPMECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSPNGgc
vIA4T0tIfXliSELoOqWGmjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFhNjE3MmMtZjI2My00NjQ1LThkN2EtNDBhMTVhZWUyMzNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGA
MA0GCSqGSIb3DQEBCwUAA4IBAQAi0pirprdES/bzX6imGY85GtdH/dNFuIJrOvMu
8gPgLMNC5xUNy/W3Oa7kS01Toagtbz86Wsrr1x4O0j7QhUydq9kugqJ7RJFXLPy+
hga0SgqvvWI1BZl+vIGuDEv6CH4lT0RUKOiLPUaBKDAV8S9Y/NgN2z56AzrFzomG
4NPWgcJbvxP0cuBi9AsNHHstaNUUk0plkeg9yxc1gDX0EZsQZaPxABZ2CgBlFcfT
OwkPE4VVg1DlyKLHhDnVz6P+78ALlEOywqsj1p4gtGAJesSz7clNjyIpaosVwqKV
W/wRK+s9YxXwGo1E1Z3lFB+JOv1ug+boFe8ektqKnMXxXMny
-----END CERTIFICATE-----
Generated at Sat Apr 20 01:09:33 2024 by rpki-client on console-ams.rpki-client.org