Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
File: 538037c5-70a6-4b45-b84c-b4af8015af39.roa (raw, json)
Hash identifier: XtfyK3W7U+etzhqHJfLvNLks3lzDhTYp/qfFU007Fkc=
Subject key identifier: 56:52:96:78:22:BB:A2:AC:72:D0:F4:45:1F:93:82:51:A7:28:A1:2A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 109DA2DE3C5DDD65B4CBDCA7E8FC3716F7C1837D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
Signing time: Sun 19 Mar 2023 00:00:00 +0000
ROA not before: Sun 19 Mar 2023 00:00:00 +0000
ROA not after: Sun 23 Apr 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d029::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Mar 2023 08:58:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:9d:a2:de:3c:5d:dd:65:b4:cb:dc:a7:e8:fc:37:16:f7:c1:83:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 19 00:00:00 2023 GMT
Not After : Apr 23 23:59:59 2023 GMT
Subject: serialNumber=6d9ed46a3926987e2d4067065dd6527efea4afd3f32bbbfa93e841fc1aab883f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:5b:20:07:35:bd:c5:6d:8f:ac:dc:e9:e7:47:
fa:44:0f:37:e8:a6:69:6f:21:d5:b4:cf:91:1b:7d:
ef:6b:65:3a:f2:ed:4b:ec:dd:f1:aa:72:30:37:bf:
ae:2e:14:58:fe:98:1c:8d:c8:52:00:fa:40:c3:af:
96:e7:4b:24:25:e1:8d:d6:23:95:a7:3e:0e:f0:92:
bc:e0:90:2d:02:5f:3d:1c:46:a2:0f:e2:a1:01:0d:
51:a0:f8:be:7d:e2:25:4f:4f:a3:06:dc:dd:07:83:
85:ef:ec:a1:72:1e:68:03:53:09:69:31:a0:93:c0:
06:41:bf:6f:e1:6c:f7:7f:6e:7b:13:7b:88:5a:2a:
de:6d:61:b4:ba:75:a1:9e:0c:15:af:51:7d:61:f0:
8e:50:4f:22:91:62:8b:f5:77:6d:3f:31:c3:db:09:
34:b7:2c:47:79:b4:bb:be:28:ec:ab:89:33:f6:ea:
44:95:a7:c7:e2:06:0f:60:1e:cb:a3:00:98:01:45:
f5:05:50:1b:e3:75:a4:c2:49:5a:2c:96:d9:10:4a:
59:68:eb:ce:1b:96:0b:c4:a6:95:6a:23:2a:28:e9:
20:3a:43:30:fb:11:93:cf:9c:5c:a8:7f:8c:df:36:
a0:34:1c:fb:88:51:e1:16:56:9b:6b:f3:c4:5b:ca:
ac:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:52:96:78:22:BB:A2:AC:72:D0:F4:45:1F:93:82:51:A7:28:A1:2A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d029::/36
Signature Algorithm: sha256WithRSAEncryption
ad:d3:49:0b:65:cf:06:7d:a4:d3:1e:a7:ee:7e:fc:c1:32:c7:
78:73:d2:c4:b2:c9:c0:82:85:20:de:ef:29:c3:b5:53:68:e4:
16:e9:30:f1:11:2c:5f:fc:22:8a:59:03:fb:7c:76:05:cd:93:
08:d2:09:38:b2:0f:6d:65:ba:af:c2:21:7e:8d:8c:8d:c6:e7:
c8:ad:20:f9:65:40:8e:92:e7:ba:22:58:f1:3e:49:18:61:1d:
1a:5b:5a:c5:60:1d:f6:91:94:33:7f:22:ab:1a:cb:c9:bf:73:
5e:85:45:39:0e:84:77:ad:18:93:17:74:15:e0:67:84:a2:0c:
8b:f0:84:08:60:55:f1:8d:bd:59:7c:8f:a2:d3:ba:cf:58:da:
fc:83:a7:e3:ed:39:0f:65:c1:07:e4:ef:1a:ec:29:35:9d:22:
10:2c:89:77:0a:bd:db:a3:90:a2:0d:3e:40:2c:7a:4f:8a:4e:
04:3a:95:44:c9:79:dd:43:91:9f:68:94:36:5b:7a:c3:7e:cd:
3a:06:bf:83:79:97:c0:a9:70:d4:f5:d5:09:ec:b6:ad:41:f1:
4a:af:23:4b:fd:bd:9e:cf:09:a5:69:dc:fe:ee:8c:a7:de:6b:
3f:0e:63:be:dd:77:89:dd:1f:d5:df:19:b1:fe:03:7e:ae:c0:
11:a7:d5:18
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIUEJ2i3jxd3WW0y9yn6Pw3FvfBg30wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzAzMTkwMDAwMDBaFw0yMzA0MjMyMzU5NTlaMIGlMUkwRwYD
VQQFE0A2ZDllZDQ2YTM5MjY5ODdlMmQ0MDY3MDY1ZGQ2NTI3ZWZlYTRhZmQzZjMy
YmJiZmE5M2U4NDFmYzFhYWI4ODNmMS0wKwYDVQQDEyQ2NjE1YTM4Yi0zYWQ3LTQ3
YjctOGZiMi02ODVjMzhkMDA5MTQxFDASBgNVBAsTC0FtYXpvbiBSUEtJMRMwEQYD
VQQKEwpBbWF6b24uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
yVsgBzW9xW2PrNzp50f6RA836KZpbyHVtM+RG33va2U68u1L7N3xqnIwN7+uLhRY
/pgcjchSAPpAw6+W50skJeGN1iOVpz4O8JK84JAtAl89HEaiD+KhAQ1RoPi+feIl
T0+jBtzdB4OF7+yhch5oA1MJaTGgk8AGQb9v4Wz3f257E3uIWirebWG0unWhngwV
r1F9YfCOUE8ikWKL9XdtPzHD2wk0tyxHebS7vijsq4kz9upElafH4gYPYB7LowCY
AUX1BVAb43WkwklaLJbZEEpZaOvOG5YLxKaVaiMqKOkgOkMw+xGTz5xcqH+M3zag
NBz7iFHhFlaba/PEW8qsRQIDAQABo4ICIzCCAh8wHQYDVR0OBBYEFFZSlngiu6Ks
ctD0RR+TglGnKKEqMB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8MA4G
A1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVuZFo1
UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsGAQUF
BzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5jb20v
dm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC81Mzgw
MzdjNS03MGE2LTRiNDUtYjg0Yy1iNGFmODAxNWFmMzkucm9hMIGIBgNVHR8EgYAw
fjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
dU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgXQKQAwDQYJ
KoZIhvcNAQELBQADggEBAK3TSQtlzwZ9pNMep+5+/MEyx3hz0sSyycCChSDe7ynD
tVNo5BbpMPERLF/8IopZA/t8dgXNkwjSCTiyD21luq/CIX6NjI3G58itIPllQI6S
57oiWPE+SRhhHRpbWsVgHfaRlDN/Iqsay8m/c16FRTkOhHetGJMXdBXgZ4SiDIvw
hAhgVfGNvVl8j6LTus9Y2vyDp+PtOQ9lwQfk7xrsKTWdIhAsiXcKvdujkKINPkAs
ek+KTgQ6lUTJed1DkZ9olDZbesN+zToGv4N5l8CpcNT11Qnstq1B8UqvI0v9vZ7P
CaVp3P7ujKfeaz8OY77dd4ndH9XfGbH+A36uwBGn1Rg=
-----END CERTIFICATE-----
Generated at Sun Mar 19 16:34:20 2023 by rpki-client on console-ams.rpki-client.org