Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa
File: 4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa (raw, json)
Hash identifier: DptwJOtgvMBnY832euagb5eUF/tmr79YffIupjsutLo=
Subject key identifier: 7D:D6:1C:98:1A:D0:C8:47:C7:D9:74:F5:27:4B:75:57:C1:00:E7:33
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 793D16D5C3772544D52DB2EFDBD7A17DDA75C81F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:3d:16:d5:c3:77:25:44:d5:2d:b2:ef:db:d7:a1:7d:da:75:c8:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=98da9e0d6980f23899b1a70c3b36a7de333edcebb9ab609cc52fee3368b80bc1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:bf:65:40:7f:04:49:74:57:4a:cb:03:ea:08:
41:6b:99:ea:c6:4b:95:96:18:27:cb:83:af:9f:ce:
bc:ad:e5:b1:7d:ec:02:d5:44:32:3f:b5:2e:a9:c4:
bc:ee:4c:d2:10:84:eb:17:44:d0:81:d0:6b:19:a2:
23:45:15:7a:aa:b5:65:bf:03:4f:0a:ea:44:1f:a5:
93:59:fa:c9:f4:61:e9:c6:cd:67:93:1f:2f:8a:00:
5f:35:76:73:11:6f:3c:77:8a:a0:97:c8:39:35:ae:
e1:60:1b:65:dd:73:40:e8:d2:bd:20:de:85:3c:bf:
d7:cc:82:11:58:0d:de:3d:ec:98:d9:21:94:1d:7b:
3b:78:e7:2b:5a:76:c8:7e:96:e4:8c:51:6c:fd:e9:
5a:be:3d:e1:6a:8e:6f:c6:73:48:26:90:1b:05:2b:
fb:b9:34:0a:9b:b0:72:fe:23:0f:97:f5:d3:83:9b:
36:dc:7c:7c:97:71:38:2a:8c:54:f2:a4:67:de:58:
20:3c:8e:66:ae:9b:36:dd:9d:40:ef:10:51:9c:b4:
7a:f2:1d:e0:58:f2:fe:95:a5:33:32:11:ef:5d:c3:
2e:64:9f:71:74:58:42:2c:89:2b:c1:d3:76:e7:6d:
79:12:79:2a:c1:23:6e:c7:47:b4:11:43:aa:04:a0:
6d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:D6:1C:98:1A:D0:C8:47:C7:D9:74:F5:27:4B:75:57:C1:00:E7:33
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:c000::/40
Signature Algorithm: sha256WithRSAEncryption
a0:db:07:bb:71:d6:9f:78:fa:f7:2a:3f:45:3b:40:ed:50:d5:
2d:70:f2:c1:67:16:7d:5a:f8:83:14:43:9d:87:ba:13:7d:bc:
a4:ea:90:27:54:1a:0f:48:9f:fd:60:e0:5d:6a:22:76:74:ac:
ed:f1:68:ec:38:ae:7f:da:b7:c7:f5:7a:71:89:c3:06:7f:35:
fe:f3:8f:b6:b8:a8:80:9c:7f:ea:f8:0d:60:c1:2e:d9:b0:22:
45:92:5a:e2:81:34:f7:c1:53:ec:d6:0f:a5:81:39:a2:b0:3a:
1d:b6:6d:f6:00:81:b8:b2:16:3b:30:c8:f5:2c:84:64:89:14:
66:9a:17:7a:d7:a3:e4:a3:90:de:ca:d0:8c:11:89:bf:09:15:
50:3b:f6:fa:1b:6a:64:a9:a3:ac:81:01:1d:e9:4a:e1:b3:f7:
d7:5d:a1:41:92:70:49:2d:c2:4d:65:d3:87:61:49:f4:7d:6d:
fa:a2:f7:b2:84:83:f5:c2:ec:52:6d:c4:be:83:20:98:ce:39:
d6:68:43:73:24:fb:37:5f:02:d0:fa:30:8b:c0:f9:7d:2c:b4:
4f:16:d9:ac:12:7d:fc:38:82:eb:cf:ed:3c:76:53:09:40:e8:
d2:a0:0d:d2:14:c1:a2:65:c8:1e:cc:ab:f7:a6:a5:d0:03:db:
38:be:c3:3a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeT0W1cN3JUTVLbLv29ehfdp1yB8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDk4ZGE5ZTBkNjk4MGYyMzg5OWIxYTcwYzNiMzZhN2RlMzMzZWRjZWJiOWFi
NjA5Y2M1MmZlZTMzNjhiODBiYzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJO/ZUB/BEl0V0rLA+oIQWuZ6sZLlZYYJ8uDr5/OvK3lsX3sAtVEMj+1LqnE
vO5M0hCE6xdE0IHQaxmiI0UVeqq1Zb8DTwrqRB+lk1n6yfRh6cbNZ5MfL4oAXzV2
cxFvPHeKoJfIOTWu4WAbZd1zQOjSvSDehTy/18yCEVgN3j3smNkhlB17O3jnK1p2
yH6W5IxRbP3pWr494WqOb8ZzSCaQGwUr+7k0Cpuwcv4jD5f104ObNtx8fJdxOCqM
VPKkZ95YIDyOZq6bNt2dQO8QUZy0evId4Fjy/pWlMzIR713DLmSfcXRYQiyJK8HT
dudteRJ5KsEjbsdHtBFDqgSgbWUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR91hyY
GtDIR8fZdPUnS3VXwQDnMzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFkNGIxZDUtMTczZS00YzEzLTgwMzItYWIyZGQxZmFmZWU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FDA
MA0GCSqGSIb3DQEBCwUAA4IBAQCg2we7cdafePr3Kj9FO0DtUNUtcPLBZxZ9WviD
FEOdh7oTfbyk6pAnVBoPSJ/9YOBdaiJ2dKzt8WjsOK5/2rfH9XpxicMGfzX+84+2
uKiAnH/q+A1gwS7ZsCJFklrigTT3wVPs1g+lgTmisDodtm32AIG4shY7MMj1LIRk
iRRmmhd616Pko5DeytCMEYm/CRVQO/b6G2pkqaOsgQEd6Urhs/fXXaFBknBJLcJN
ZdOHYUn0fW36oveyhIP1wuxSbcS+gyCYzjnWaENzJPs3XwLQ+jCLwPl9LLRPFtms
En38OILrz+08dlMJQOjSoA3SFMGiZcgezKv3pqXQA9s4vsM6
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:23 2024 by rpki-client on console-ams.rpki-client.org