Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4eac002e-4d26-4f92-ab97-0d7001e1cf2f.roa
File: 4eac002e-4d26-4f92-ab97-0d7001e1cf2f.roa (raw, json)
Hash identifier: EshWs49dcFC3aP6Zbak6Top4evH868l019mbqwDohfA=
Subject key identifier: 05:83:0C:56:A2:1F:B1:98:13:38:E5:49:5F:A5:6C:F5:72:9C:18:42
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 62D10668B6BEF570C39F871600AD719AA8DA8B4A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4eac002e-4d26-4f92-ab97-0d7001e1cf2f.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d079:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:d1:06:68:b6:be:f5:70:c3:9f:87:16:00:ad:71:9a:a8:da:8b:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=e12887dd9a8804a563e71a69443f432c1e1dff9b8a182b89674f56d100c3f73b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:5b:b0:79:59:6a:20:76:e0:d5:66:83:74:d3:
60:2e:77:37:86:2b:1c:aa:c0:09:49:c2:da:81:84:
22:fd:f3:c0:a8:5f:ba:4e:fa:0c:49:ce:e8:37:c7:
1c:46:45:06:44:77:15:c2:5e:fc:0c:82:4f:0b:f4:
b2:84:93:86:55:91:81:38:d4:5a:d6:39:0f:35:21:
c4:e8:48:66:bf:6a:99:9c:02:3d:b0:05:ac:4a:d8:
b9:49:1d:d1:8e:98:6e:45:b2:84:9d:10:19:8b:26:
0a:e2:2a:90:f7:6e:c6:a8:b9:df:a2:1b:69:cb:55:
d8:70:29:23:58:33:a1:a1:9e:5c:9e:54:90:86:1e:
ac:11:13:a6:9e:36:a1:f4:98:9a:03:32:c2:b8:e9:
8f:0b:83:6c:f0:5b:07:9a:79:a6:75:b5:7c:51:dd:
e0:52:c9:09:35:4d:4b:bb:95:fa:3d:05:82:e3:49:
b9:d1:04:c9:d0:4c:7e:f5:9d:d0:bd:57:52:00:75:
aa:0b:79:7f:a3:5d:f5:14:ab:ec:ac:28:cf:54:50:
da:b7:2b:97:3a:b5:0c:0c:e6:4e:01:e5:d9:ec:78:
37:d0:0a:36:90:a6:9b:fa:c4:56:47:c8:06:10:2f:
68:c3:98:49:79:b6:80:9a:5f:dd:f3:e9:ae:0d:a1:
ae:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:83:0C:56:A2:1F:B1:98:13:38:E5:49:5F:A5:6C:F5:72:9C:18:42
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4eac002e-4d26-4f92-ab97-0d7001e1cf2f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d079:a000::/40
Signature Algorithm: sha256WithRSAEncryption
bf:b0:15:8e:28:74:b4:81:30:20:d1:59:6f:e7:6c:61:88:17:
d4:6a:17:b7:bd:ce:aa:27:ca:7d:52:6a:18:ca:84:c8:fc:1b:
95:01:9e:fe:bf:db:3f:53:c8:4e:e7:7b:24:e4:bd:e2:b9:70:
39:b2:56:2d:20:5a:21:14:2d:5a:43:d6:58:45:27:1f:11:21:
ba:c2:23:85:50:41:4e:72:60:b0:5a:4d:c2:06:ca:2c:70:3f:
e4:f8:bc:3f:02:16:d2:2f:2c:3f:a4:cc:c5:72:bb:02:3d:a2:
56:2b:af:b4:69:e7:7e:16:e5:78:26:a0:9a:8d:5f:08:0c:83:
24:3b:57:5e:56:82:86:6c:56:bd:b0:45:72:ad:ec:dd:36:96:
b8:e1:40:0e:da:6b:9b:b2:da:b7:c9:65:0c:55:b4:81:ed:fd:
4b:6c:03:52:20:ec:12:07:3f:b1:ed:8d:bc:6f:74:6e:0f:ac:
e7:88:38:56:3d:a4:45:45:fa:01:7b:4b:66:b2:86:a5:5b:68:
45:b0:38:18:fb:9d:2b:62:a8:27:fd:85:d9:3c:cc:46:ef:88:
d7:9b:61:0e:b1:f2:20:1e:63:7e:1a:51:12:80:7e:49:78:e6:
5e:31:94:e3:ad:d5:ca:fb:e1:1c:3c:02:40:4b:c8:76:94:55:
e0:eb:5b:13
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYtEGaLa+9XDDn4cWAK1xmqjai0owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxMjg4N2RkOWE4ODA0YTU2M2U3MWE2OTQ0M2Y0MzJjMWUxZGZmOWI4YTE4
MmI4OTY3NGY1NmQxMDBjM2Y3M2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM9bsHlZaiB24NVmg3TTYC53N4YrHKrACUnC2oGEIv3zwKhfuk76DEnO6DfH
HEZFBkR3FcJe/AyCTwv0soSThlWRgTjUWtY5DzUhxOhIZr9qmZwCPbAFrErYuUkd
0Y6YbkWyhJ0QGYsmCuIqkPduxqi536IbactV2HApI1gzoaGeXJ5UkIYerBETpp42
ofSYmgMywrjpjwuDbPBbB5p5pnW1fFHd4FLJCTVNS7uV+j0FguNJudEEydBMfvWd
0L1XUgB1qgt5f6Nd9RSr7Kwoz1RQ2rcrlzq1DAzmTgHl2ex4N9AKNpCmm/rEVkfI
BhAvaMOYSXm2gJpf3fPprg2hrq0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQFgwxW
oh+xmBM45UlfpWz1cpwYQjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGVhYzAwMmUtNGQyNi00ZjkyLWFiOTctMGQ3MDAxZTFjZjJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hmg
MA0GCSqGSIb3DQEBCwUAA4IBAQC/sBWOKHS0gTAg0Vlv52xhiBfUahe3vc6qJ8p9
UmoYyoTI/BuVAZ7+v9s/U8hO53sk5L3iuXA5slYtIFohFC1aQ9ZYRScfESG6wiOF
UEFOcmCwWk3CBsoscD/k+Lw/AhbSLyw/pMzFcrsCPaJWK6+0aed+FuV4JqCajV8I
DIMkO1deVoKGbFa9sEVyrezdNpa44UAO2mubstq3yWUMVbSB7f1LbANSIOwSBz+x
7Y28b3RuD6zniDhWPaRFRfoBe0tmsoalW2hFsDgY+50rYqgn/YXZPMxG74jXm2EO
sfIgHmN+GlESgH5JeOZeMZTjrdXK++EcPAJAS8h2lFXg61sT
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:50:17 2023 by rpki-client on console-ams.rpki-client.org