Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c53a4e7-7203-4aac-8e2f-110819ae4ce3.roa
File: 4c53a4e7-7203-4aac-8e2f-110819ae4ce3.roa (raw, json)
Hash identifier: LwX5nIW50QNr/vKmhtjiD6kkAvGizkMCvVgRCka0HkY=
Subject key identifier: E4:29:A8:C8:58:CC:F8:0C:6B:0D:29:C0:50:93:A9:AD:48:4C:58:F7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7FD848E67282B185AE2F53DBFBDED3F82B957EAD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c53a4e7-7203-4aac-8e2f-110819ae4ce3.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07c:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:d8:48:e6:72:82:b1:85:ae:2f:53:db:fb:de:d3:f8:2b:95:7e:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=5bbd9d59b60974d553e4771912bfd99b2b165f0b00b35cddee28550a53abc2f7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c9:4d:6d:f6:02:a9:30:08:28:1c:39:05:bb:
5e:5e:27:a6:8d:7b:f9:28:53:d3:38:5d:ec:c7:ef:
f1:6f:71:ea:c7:d3:53:0d:33:b9:89:3b:ae:71:e4:
a0:a7:17:17:0f:51:90:4a:31:16:7d:bc:90:46:28:
39:44:a5:38:70:16:27:52:85:27:36:bd:c5:e5:ea:
13:c6:0a:7a:e8:ee:97:0c:8e:96:f5:19:aa:20:54:
c1:ce:5c:05:1e:0b:66:6f:1d:e0:ad:8e:a2:09:65:
6a:e9:31:c0:06:df:8f:eb:eb:e7:79:80:eb:97:08:
7b:38:cf:22:c6:1d:f6:a6:7e:4d:3c:c5:75:d8:f4:
3f:8a:5c:56:55:47:01:f7:3b:59:29:60:e6:b2:cd:
ae:6c:a5:4b:89:8c:42:3b:33:a5:0f:8a:da:d5:98:
2a:7d:48:e2:ed:33:0f:d9:ce:32:af:1e:0a:a1:a7:
1b:6f:1a:84:d2:1c:d9:e2:16:c2:73:ee:0d:0b:8a:
46:e7:90:89:46:5d:a7:77:57:76:73:ce:8d:76:5f:
71:58:77:7f:ce:4a:32:ef:e2:fb:9a:36:3e:24:b9:
b1:f7:29:cf:34:0c:cf:f8:55:16:c0:f5:ff:e2:d9:
21:72:14:a8:ef:f8:c4:74:2d:5b:d2:63:78:38:3f:
d3:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:29:A8:C8:58:CC:F8:0C:6B:0D:29:C0:50:93:A9:AD:48:4C:58:F7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c53a4e7-7203-4aac-8e2f-110819ae4ce3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07c:1000::/40
Signature Algorithm: sha256WithRSAEncryption
90:af:a5:7e:62:95:85:da:81:9b:ba:a5:47:0d:91:4d:df:dc:
8a:d6:68:e2:5f:1f:19:f3:d9:02:a9:85:a5:3c:16:75:62:06:
ab:44:e6:28:eb:6b:a3:b9:4d:cb:97:80:10:ee:17:28:bb:e4:
6a:7a:91:b2:df:b3:eb:fc:43:46:c7:23:dd:91:f6:72:ca:53:
43:4d:bf:45:fa:44:ec:b8:18:35:a9:ed:0e:01:f8:6e:aa:1b:
8f:d7:60:73:e0:39:7f:ef:b5:5e:66:ba:0a:ea:86:ad:7a:fd:
ff:d3:89:bb:dc:f5:99:c3:bd:3c:cb:84:96:06:87:89:49:a7:
de:b7:dd:94:c6:a9:a7:7f:e7:4b:b5:64:1b:77:f2:95:1f:6a:
8e:85:d1:db:15:36:f6:7d:89:ff:ef:9f:d9:c9:c0:99:1d:35:
70:52:f8:bf:6b:01:f0:86:25:58:36:a4:03:74:d0:5e:c8:d8:
76:f5:ac:20:8c:56:ad:8e:fc:28:0c:ea:48:75:d6:49:19:e7:
3f:2e:a2:20:94:81:0f:60:52:2b:31:7f:f4:f0:82:44:fe:c3:
1b:52:86:6e:b2:ed:c4:a7:ed:16:01:ae:f4:2b:a2:8b:9f:0a:
00:94:b0:97:c6:d8:4b:4b:e1:5c:f8:78:4e:92:ac:bf:68:ea:
1c:dd:39:65
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUf9hI5nKCsYWuL1Pb+97T+CuVfq0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDViYmQ5ZDU5YjYwOTc0ZDU1M2U0NzcxOTEyYmZkOTliMmIxNjVmMGIwMGIz
NWNkZGVlMjg1NTBhNTNhYmMyZjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKjJTW32AqkwCCgcOQW7Xl4npo17+ShT0zhd7Mfv8W9x6sfTUw0zuYk7rnHk
oKcXFw9RkEoxFn28kEYoOUSlOHAWJ1KFJza9xeXqE8YKeujulwyOlvUZqiBUwc5c
BR4LZm8d4K2OogllaukxwAbfj+vr53mA65cIezjPIsYd9qZ+TTzFddj0P4pcVlVH
Afc7WSlg5rLNrmylS4mMQjszpQ+K2tWYKn1I4u0zD9nOMq8eCqGnG28ahNIc2eIW
wnPuDQuKRueQiUZdp3dXdnPOjXZfcVh3f85KMu/i+5o2PiS5sfcpzzQMz/hVFsD1
/+LZIXIUqO/4xHQtW9JjeDg/02cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTkKajI
WMz4DGsNKcBQk6mtSExY9zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGM1M2E0ZTctNzIwMy00YWFjLThlMmYtMTEwODE5YWU0Y2UzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HwQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCQr6V+YpWF2oGbuqVHDZFN39yK1mjiXx8Z89kC
qYWlPBZ1YgarROYo62ujuU3Ll4AQ7hcou+RqepGy37Pr/ENGxyPdkfZyylNDTb9F
+kTsuBg1qe0OAfhuqhuP12Bz4Dl/77VeZroK6oatev3/04m73PWZw708y4SWBoeJ
Safet92Uxqmnf+dLtWQbd/KVH2qOhdHbFTb2fYn/75/ZycCZHTVwUvi/awHwhiVY
NqQDdNBeyNh29awgjFatjvwoDOpIddZJGec/LqIglIEPYFIrMX/08IJE/sMbUoZu
su3Ep+0WAa70K6KLnwoAlLCXxthLS+Fc+HhOkqy/aOoc3Tll
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:26 2023 by rpki-client on console-ams.rpki-client.org