Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c53a4e7-7203-4aac-8e2f-110819ae4ce3.roa
File: 4c53a4e7-7203-4aac-8e2f-110819ae4ce3.roa (raw, json)
Hash identifier: uzh0B+Y4LgEawwhRibFOwEW1GMSa/fIctr6XZI1s22M=
Subject key identifier: C9:3E:D7:9C:A4:B2:15:72:3A:47:F7:EE:DF:DD:41:C9:73:88:08:F1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 774BDF3354480DAF65ED8AF9C15C73BAC7530E4E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c53a4e7-7203-4aac-8e2f-110819ae4ce3.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07c:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Apr 2024 08:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:4b:df:33:54:48:0d:af:65:ed:8a:f9:c1:5c:73:ba:c7:53:0e:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=e22f90ad477a033afc744f1c7092fde7af6120026bba64da6fe2f10c466b5622, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:14:68:35:2a:6f:01:e6:63:c7:f4:58:8e:d0:
a0:4f:74:6a:db:e9:fc:b5:81:f5:d2:2c:3a:ff:16:
fa:c1:61:d6:06:41:8a:0d:91:91:0d:72:88:c1:c8:
de:d7:78:6a:66:1d:ac:f7:4e:03:eb:b1:43:37:cb:
59:43:a8:d4:1f:b0:7c:15:be:28:51:83:47:e9:29:
07:15:f9:8c:4e:c2:c0:78:7f:c6:61:92:21:4c:a4:
bf:3f:90:2f:15:96:ae:09:17:e0:d0:a1:21:ee:50:
21:7a:54:ed:7a:72:a9:86:4e:13:d4:3c:a9:2a:ff:
37:aa:ae:a6:60:13:dd:7f:70:2b:29:4f:aa:58:e7:
5b:a8:b0:1d:56:7b:8d:f6:03:a5:9f:74:cb:1b:b0:
1f:c2:81:e4:91:97:85:fe:e2:b0:f5:6b:38:ae:9a:
37:65:62:90:20:7b:7f:db:9d:6e:3b:5c:b2:db:22:
93:78:f8:84:f1:64:b1:33:e7:42:78:48:61:64:94:
f1:ed:67:1d:d6:85:2b:77:64:dc:0a:89:94:04:0d:
37:c5:c9:13:19:b9:76:d5:61:27:44:6a:9a:23:58:
fa:1f:53:54:06:16:0a:50:a3:f4:61:fc:c4:16:53:
f1:c4:1f:00:c7:9c:ab:07:b0:f8:c1:4d:92:ba:cf:
44:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:3E:D7:9C:A4:B2:15:72:3A:47:F7:EE:DF:DD:41:C9:73:88:08:F1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c53a4e7-7203-4aac-8e2f-110819ae4ce3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07c:1000::/40
Signature Algorithm: sha256WithRSAEncryption
6f:56:63:4b:e9:11:7a:9b:b2:7f:f2:24:be:bd:45:2a:55:d5:
8b:f2:67:a4:24:35:1d:1d:f7:96:f8:31:6a:6f:c0:66:35:a6:
5f:12:ba:34:26:8e:b5:88:08:e1:a3:ad:f4:95:00:7d:dd:f1:
26:44:90:d0:90:7f:ac:22:76:bd:88:ce:95:cb:55:88:b1:3f:
f3:75:71:48:8d:e0:e3:92:0d:58:50:f4:d4:0f:18:cb:b4:7a:
77:50:60:63:64:31:00:5a:55:8c:77:a6:84:68:8f:c6:c1:28:
fa:2b:25:a5:a3:96:90:a7:9a:29:8d:18:1e:7b:aa:51:9a:79:
f0:c8:bb:77:e7:10:22:02:1d:2b:58:65:1c:25:6a:fa:1e:2d:
3c:c4:c1:e6:4a:d2:bb:85:fd:b6:ba:b3:33:e0:74:04:36:1c:
27:e1:51:e3:b1:38:16:87:19:ee:a1:c6:a4:09:b0:da:39:ae:
8a:5e:2c:c2:95:f5:a7:7d:bd:58:19:9f:86:44:e8:26:2d:00:
95:24:e5:09:b8:35:90:54:05:fc:32:d6:4e:2c:29:f8:5a:5d:
0f:88:b5:cd:60:1b:a9:da:5a:48:17:6a:7c:59:20:b6:6e:85:
34:fb:e6:f7:db:e8:55:66:52:58:af:81:40:0c:4c:fc:bb:be:
74:8b:87:ad
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUd0vfM1RIDa9l7Yr5wVxzusdTDk4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyMmY5MGFkNDc3YTAzM2FmYzc0NGYxYzcwOTJmZGU3YWY2MTIwMDI2YmJh
NjRkYTZmZTJmMTBjNDY2YjU2MjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANkUaDUqbwHmY8f0WI7QoE90atvp/LWB9dIsOv8W+sFh1gZBig2RkQ1yiMHI
3td4amYdrPdOA+uxQzfLWUOo1B+wfBW+KFGDR+kpBxX5jE7CwHh/xmGSIUykvz+Q
LxWWrgkX4NChIe5QIXpU7XpyqYZOE9Q8qSr/N6qupmAT3X9wKylPqljnW6iwHVZ7
jfYDpZ90yxuwH8KB5JGXhf7isPVrOK6aN2VikCB7f9udbjtcstsik3j4hPFksTPn
QnhIYWSU8e1nHdaFK3dk3AqJlAQNN8XJExm5dtVhJ0RqmiNY+h9TVAYWClCj9GH8
xBZT8cQfAMecqwew+MFNkrrPRA0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTJPtec
pLIVcjpH9+7f3UHJc4gI8TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGM1M2E0ZTctNzIwMy00YWFjLThlMmYtMTEwODE5YWU0Y2UzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HwQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBvVmNL6RF6m7J/8iS+vUUqVdWL8mekJDUdHfeW
+DFqb8BmNaZfEro0Jo61iAjho630lQB93fEmRJDQkH+sIna9iM6Vy1WIsT/zdXFI
jeDjkg1YUPTUDxjLtHp3UGBjZDEAWlWMd6aEaI/GwSj6KyWlo5aQp5opjRgee6pR
mnnwyLt35xAiAh0rWGUcJWr6Hi08xMHmStK7hf22urMz4HQENhwn4VHjsTgWhxnu
ocakCbDaOa6KXizClfWnfb1YGZ+GROgmLQCVJOUJuDWQVAX8MtZOLCn4Wl0PiLXN
YBup2lpIF2p8WSC2boU0++b32+hVZlJYr4FADEz8u750i4et
-----END CERTIFICATE-----
Generated at Fri Apr 26 13:36:04 2024 by rpki-client on console-ams.rpki-client.org