Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/526189e2-ebfe-4a60-bf04-fb0c279c1c14.roa
File: 526189e2-ebfe-4a60-bf04-fb0c279c1c14.roa (raw, json)
Hash identifier: AAuAckLoLXQL+Id3YCyUe3wdDoX1kMuSRin+gLDFceo=
Subject key identifier: 07:E2:66:E8:F7:40:C2:D0:29:F5:D6:8E:B7:4D:7F:58:0B:0A:31:2F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2EB88F46DB1552F27E0AE0AC9F26AB2C43D886FE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/526189e2-ebfe-4a60-bf04-fb0c279c1c14.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07c:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:b8:8f:46:db:15:52:f2:7e:0a:e0:ac:9f:26:ab:2c:43:d8:86:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=2c01b9c93b42d7adf287d58a617177bf9ce7a3b598b6f0cbed133edb0c1a7a54, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:78:37:fe:7c:ab:27:fe:69:9f:3b:0b:94:65:
d4:8b:27:ec:79:af:fa:ac:b7:02:6d:20:5a:f5:ce:
79:f6:bb:12:7c:46:85:49:61:5d:96:ec:cb:f6:6e:
02:7c:23:4c:9c:8a:ec:fe:a9:fc:6f:0a:cf:de:67:
8a:ee:90:71:fb:6d:6e:94:75:c1:e5:b1:ab:cd:a5:
f7:14:d9:fe:80:95:5d:58:d5:ba:4d:3a:7b:ce:a5:
79:1d:c7:91:94:71:69:10:27:3e:d3:75:e3:34:f3:
5a:6b:65:a2:df:d1:0c:2c:c6:ae:a7:90:6d:23:42:
55:c6:4a:f3:0a:18:44:ee:89:a7:27:8a:97:07:f1:
ba:05:07:e2:7e:6f:b3:6d:5f:70:95:61:9b:47:e7:
99:5a:78:62:90:38:f4:44:b0:b8:ba:13:5c:a6:3b:
92:28:3f:fd:1d:9f:bb:2b:a8:da:90:44:cb:f1:2a:
8c:24:b7:d1:96:42:e5:ed:be:87:e1:dd:37:ec:c1:
4f:b2:a1:30:f8:e4:81:e9:dc:6b:a1:cf:05:4b:f5:
9e:04:0a:03:3d:48:be:5c:13:f5:0f:32:40:7b:43:
7d:45:5a:89:73:1c:cd:fc:e4:4a:c9:ea:77:0a:3b:
b2:b2:82:93:e1:4c:3d:70:e9:aa:f4:f3:49:d3:ef:
5a:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:E2:66:E8:F7:40:C2:D0:29:F5:D6:8E:B7:4D:7F:58:0B:0A:31:2F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/526189e2-ebfe-4a60-bf04-fb0c279c1c14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07c:5000::/40
Signature Algorithm: sha256WithRSAEncryption
b2:51:f0:b7:50:e0:3a:7f:cb:cf:cf:ad:73:66:12:0e:cd:85:
a5:59:bb:bf:1b:a9:21:af:42:8d:71:ba:ec:af:fd:1c:bf:7a:
00:6c:10:40:29:48:ee:9a:00:8f:bd:53:9b:02:4f:80:d2:99:
c9:ac:bb:ba:cb:75:27:05:0c:26:84:55:ee:ca:05:49:ff:fa:
6b:53:c0:55:b6:b5:f7:de:70:17:0c:c4:05:20:17:f9:bd:60:
a2:57:ae:a1:20:4a:35:fe:fa:e6:db:d1:6a:3d:52:29:87:4f:
30:d0:b0:2a:02:91:4f:32:be:c3:83:b2:4d:e3:dd:ff:68:33:
64:0e:66:c5:76:b2:fa:09:d1:08:1a:1c:16:ce:5d:a9:4b:f1:
bf:4c:32:c1:85:83:07:c7:f2:4a:9f:22:e2:32:00:82:2a:d0:
01:50:f8:e0:b2:1c:82:17:c2:15:b2:72:22:a5:7a:15:ea:dd:
0a:93:d1:eb:38:96:09:fc:14:8f:94:a4:b2:18:48:5a:3a:60:
f2:ac:58:0e:09:38:58:49:20:c2:61:86:91:28:aa:49:ca:78:
92:67:74:7e:b7:5a:20:b0:76:29:23:db:fa:ed:5b:dd:6b:19:
f6:c9:d5:08:b9:e7:04:f5:0a:31:05:d1:10:47:a0:2e:d5:d8:
4f:bc:90:c3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULriPRtsVUvJ+CuCsnyarLEPYhv4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjMDFiOWM5M2I0MmQ3YWRmMjg3ZDU4YTYxNzE3N2JmOWNlN2EzYjU5OGI2
ZjBjYmVkMTMzZWRiMGMxYTdhNTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ14N/58qyf+aZ87C5Rl1Isn7Hmv+qy3Am0gWvXOefa7EnxGhUlhXZbsy/Zu
AnwjTJyK7P6p/G8Kz95niu6QcfttbpR1weWxq82l9xTZ/oCVXVjVuk06e86leR3H
kZRxaRAnPtN14zTzWmtlot/RDCzGrqeQbSNCVcZK8woYRO6JpyeKlwfxugUH4n5v
s21fcJVhm0fnmVp4YpA49ESwuLoTXKY7kig//R2fuyuo2pBEy/EqjCS30ZZC5e2+
h+HdN+zBT7KhMPjkgenca6HPBUv1ngQKAz1IvlwT9Q8yQHtDfUVaiXMczfzkSsnq
dwo7srKCk+FMPXDpqvTzSdPvWnMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQH4mbo
90DC0Cn11o63TX9YCwoxLzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTI2MTg5ZTItZWJmZS00YTYwLWJmMDQtZmIwYzI3OWMxYzE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HxQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCyUfC3UOA6f8vPz61zZhIOzYWlWbu/G6khr0KN
cbrsr/0cv3oAbBBAKUjumgCPvVObAk+A0pnJrLu6y3UnBQwmhFXuygVJ//prU8BV
trX33nAXDMQFIBf5vWCiV66hIEo1/vrm29FqPVIph08w0LAqApFPMr7Dg7JN493/
aDNkDmbFdrL6CdEIGhwWzl2pS/G/TDLBhYMHx/JKnyLiMgCCKtABUPjgshyCF8IV
snIipXoV6t0Kk9HrOJYJ/BSPlKSyGEhaOmDyrFgOCThYSSDCYYaRKKpJyniSZ3R+
t1ogsHYpI9v67Vvdaxn2ydUIuecE9QoxBdEQR6Au1dhPvJDD
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:26 2023 by rpki-client on console-ams.rpki-client.org