Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b3ff608-6c53-42b9-811d-968096b30ae5.roa
File: 4b3ff608-6c53-42b9-811d-968096b30ae5.roa (raw, json)
Hash identifier: q7Qj1awkRieF+1UjJKS8tZ5VPHdQL4EhYZKC5yvxCiw=
Subject key identifier: E0:C7:7A:10:C3:08:E0:95:04:43:C0:01:F8:C4:08:C1:26:4B:1B:9B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 587236D10783410397A846DA9D2F8FBAC9D37601
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b3ff608-6c53-42b9-811d-968096b30ae5.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d079:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:72:36:d1:07:83:41:03:97:a8:46:da:9d:2f:8f:ba:c9:d3:76:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=83dd138d380007e7e359d283fd0f347d4d8b6bd8ab77f41b50a16a9d0ce9a154, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:bf:8a:13:44:d3:35:cd:22:c2:11:a9:9a:8b:
20:b5:65:7a:7a:74:9f:d6:ba:d4:4c:d0:a6:43:92:
86:6d:dc:87:fd:56:38:6a:f8:7d:ac:2b:11:43:8b:
a8:cc:58:5d:c9:cc:eb:b5:88:25:f9:6b:c9:7c:d4:
40:00:2c:f4:52:3c:34:dc:78:75:39:f1:36:40:7c:
be:b1:dd:3b:56:2e:12:cc:5d:ba:a4:3c:af:be:3c:
79:da:30:7d:ad:62:1a:83:4d:00:3b:fa:64:97:c9:
65:9f:7d:b3:e3:7d:1e:41:7c:ae:53:ce:85:19:cc:
4b:b4:2c:9c:41:0a:cc:ae:a8:64:9f:5a:bb:1c:fe:
c7:22:e1:64:67:43:f4:b9:39:db:5e:c4:d3:36:fb:
2b:7e:c3:09:31:20:c2:c2:c9:b9:df:6e:96:ef:f4:
5b:28:90:54:e6:b6:af:be:35:20:87:ad:a9:34:25:
08:84:43:4e:77:d9:a0:d2:1a:3a:64:98:bf:3c:db:
93:bb:99:e3:d9:fd:e8:e0:86:2d:f0:28:96:4a:12:
68:ae:3a:d5:bc:73:b4:4c:ff:35:9a:fe:2f:7e:93:
f0:15:19:54:92:d8:47:5d:7a:20:e8:26:e2:dc:bb:
c1:2c:58:3e:a4:a0:96:26:a6:06:b7:e7:38:a2:d5:
24:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:C7:7A:10:C3:08:E0:95:04:43:C0:01:F8:C4:08:C1:26:4B:1B:9B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b3ff608-6c53-42b9-811d-968096b30ae5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d079:e000::/40
Signature Algorithm: sha256WithRSAEncryption
20:f6:4c:36:03:e8:bd:3d:31:e8:16:f1:e7:99:6b:d5:b3:7b:
02:ae:16:37:90:8a:0d:f5:0d:05:71:7b:1d:58:ba:37:e7:9c:
84:e0:a8:43:2f:d5:ce:e9:ce:44:d9:f4:e5:58:a9:ec:11:5d:
9c:39:92:a3:36:ec:13:2a:7a:7a:95:4b:c5:46:52:44:3a:ab:
40:55:2a:af:d3:29:f0:71:45:8f:08:56:e1:eb:46:ff:9f:1e:
65:cd:3a:af:f8:80:d1:cd:9e:9f:88:50:cc:ff:f6:77:6d:0d:
e5:9b:c5:5b:09:0a:38:86:c5:78:f5:ae:8d:e5:b4:42:cc:bf:
ce:34:ef:d4:98:9d:46:2f:77:ca:13:7e:93:ff:24:7a:c3:57:
d1:00:f2:f3:b4:4a:e3:e3:7c:a2:e0:35:74:60:18:ac:96:f9:
f6:8d:b8:5e:78:37:4d:f2:5f:ce:7a:fc:00:ee:e7:11:d2:21:
93:80:7e:7a:ee:c1:54:66:96:bd:73:2a:f3:6b:1d:fa:1c:9f:
3a:ab:04:75:72:8b:89:e9:7a:c0:5d:98:3a:13:f5:4b:c1:41:
5c:e5:17:a1:ea:b3:95:ee:24:bc:ce:4d:7b:ef:32:ce:80:b1:
2d:14:7a:0d:54:45:0f:90:bb:c2:e4:bb:73:7d:90:53:fa:ae:
5d:2c:d6:35
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWHI20QeDQQOXqEbanS+PusnTdgEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDgzZGQxMzhkMzgwMDA3ZTdlMzU5ZDI4M2ZkMGYzNDdkNGQ4YjZiZDhhYjc3
ZjQxYjUwYTE2YTlkMGNlOWExNTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALa/ihNE0zXNIsIRqZqLILVlenp0n9a61EzQpkOShm3ch/1WOGr4fawrEUOL
qMxYXcnM67WIJflryXzUQAAs9FI8NNx4dTnxNkB8vrHdO1YuEsxduqQ8r748edow
fa1iGoNNADv6ZJfJZZ99s+N9HkF8rlPOhRnMS7QsnEEKzK6oZJ9auxz+xyLhZGdD
9Lk5217E0zb7K37DCTEgwsLJud9ulu/0WyiQVOa2r741IIetqTQlCIRDTnfZoNIa
OmSYvzzbk7uZ49n96OCGLfAolkoSaK461bxztEz/NZr+L36T8BUZVJLYR116IOgm
4ty7wSxYPqSgliamBrfnOKLVJP8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTgx3oQ
wwjglQRDwAH4xAjBJksbmzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGIzZmY2MDgtNmM1My00MmI5LTgxMWQtOTY4MDk2YjMwYWU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hng
MA0GCSqGSIb3DQEBCwUAA4IBAQAg9kw2A+i9PTHoFvHnmWvVs3sCrhY3kIoN9Q0F
cXsdWLo355yE4KhDL9XO6c5E2fTlWKnsEV2cOZKjNuwTKnp6lUvFRlJEOqtAVSqv
0ynwcUWPCFbh60b/nx5lzTqv+IDRzZ6fiFDM//Z3bQ3lm8VbCQo4hsV49a6N5bRC
zL/ONO/UmJ1GL3fKE36T/yR6w1fRAPLztErj43yi4DV0YBislvn2jbheeDdN8l/O
evwA7ucR0iGTgH567sFUZpa9cyrzax36HJ86qwR1couJ6XrAXZg6E/VLwUFc5Reh
6rOV7iS8zk177zLOgLEtFHoNVEUPkLvC5LtzfZBT+q5dLNY1
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:50:17 2023 by rpki-client on console-ams.rpki-client.org