Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
File: 538037c5-70a6-4b45-b84c-b4af8015af39.roa (raw, json)
Hash identifier: olc0swR80y6bZHNJFuetUxNqV8GUeKSGcVe1A52qw6U=
Subject key identifier: AE:D7:80:B4:4E:C1:58:12:B8:E5:DC:C0:6F:83:A0:BF:35:F4:D4:C4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0CF32B6B3166E83ECC2F9985AC6CDC664DD96637
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d029::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Apr 2024 20:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:f3:2b:6b:31:66:e8:3e:cc:2f:99:85:ac:6c:dc:66:4d:d9:66:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=bf75d97d31c1693e825b12b59d6c5830c7ed2cd7272ce472536ae0e12a1088ec, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:55:6c:a8:d8:81:14:21:d2:3a:47:9c:15:32:
5f:d5:c4:2b:73:aa:66:c9:2d:f7:89:3d:ea:b4:b6:
4f:40:ab:35:f2:5b:8e:34:b5:d0:0c:6f:e7:32:e0:
1c:2f:c4:60:70:97:f1:64:4f:86:d8:d9:2a:83:26:
36:3a:27:c9:d1:e2:f0:04:0a:a9:d0:2b:be:64:c8:
0d:01:bc:d9:38:ff:a6:62:a0:5f:ef:85:d7:0f:fa:
dd:82:34:de:30:5f:ec:12:28:5f:30:21:4d:28:2b:
ae:e7:9c:6d:f6:5c:43:54:21:80:fb:7e:58:75:5c:
74:25:9d:db:a8:d6:03:19:b0:e9:d8:0b:31:b3:10:
ed:dd:4a:fc:34:84:d8:53:f1:1f:57:e4:79:a8:e5:
84:3c:ae:d4:cb:b5:d1:ba:c3:41:4d:25:b8:73:e0:
53:8b:d4:dc:fe:74:14:63:b5:2e:16:41:99:f8:1a:
58:e4:e1:61:a0:1e:15:3d:db:76:db:59:fd:46:ea:
68:a2:43:b0:96:12:dc:08:d2:d6:4b:de:29:b9:30:
2a:f3:b6:31:77:de:8e:66:1e:aa:d3:f8:ff:a2:02:
d9:2d:bc:8a:e7:9f:7d:cb:bc:99:12:e9:c1:f3:9a:
23:fc:21:a9:4f:4d:30:f7:58:a2:af:1c:87:dc:ec:
f6:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:D7:80:B4:4E:C1:58:12:B8:E5:DC:C0:6F:83:A0:BF:35:F4:D4:C4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d029::/36
Signature Algorithm: sha256WithRSAEncryption
44:77:02:e5:28:29:53:2c:ab:ab:c3:66:16:a4:64:cd:6b:05:
fb:30:a5:c6:31:81:6f:f6:bb:e7:38:50:1c:94:ab:ca:2c:6e:
b8:99:79:37:08:84:30:6f:16:cb:5f:db:fe:78:9a:39:2f:d8:
8f:76:c7:3d:cc:4a:c5:3a:99:e5:ac:0b:6c:a9:55:d3:fd:6a:
4c:47:7b:1c:6c:bb:03:87:55:57:c6:9f:f4:80:55:0e:6b:f8:
35:4c:54:c9:c1:c5:f6:48:ab:49:49:72:eb:d7:cc:47:45:4f:
bd:7c:78:97:38:53:a0:88:64:96:e7:ac:0c:63:b2:28:55:3e:
f1:ed:01:a3:5e:0f:c2:de:d5:1e:cc:f1:0b:49:5d:f1:84:6b:
6e:b1:23:19:d9:0e:28:a7:1e:14:31:7b:86:df:4e:0e:11:5e:
c9:41:8e:c2:e3:86:3e:fc:04:03:fd:d5:bb:21:17:f8:1b:e0:
a4:22:a5:b6:af:aa:ff:1c:32:b7:66:0e:fb:ef:7f:a1:ee:e2:
42:db:72:02:02:cb:d8:64:4e:13:cd:a2:1c:9c:b3:a1:a8:ae:
98:cd:cc:ac:04:b9:c3:f6:6d:33:61:85:25:52:a1:e1:0d:28:
6f:4f:17:28:29:c9:08:31:27:72:f6:3a:7f:47:8b:6d:ed:3f:
79:42:c1:01
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDPMrazFm6D7ML5mFrGzcZk3ZZjcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGJmNzVkOTdkMzFjMTY5M2U4MjViMTJiNTlkNmM1ODMwYzdlZDJjZDcyNzJj
ZTQ3MjUzNmFlMGUxMmExMDg4ZWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPhVbKjYgRQh0jpHnBUyX9XEK3OqZskt94k96rS2T0CrNfJbjjS10Axv5zLg
HC/EYHCX8WRPhtjZKoMmNjonydHi8AQKqdArvmTIDQG82Tj/pmKgX++F1w/63YI0
3jBf7BIoXzAhTSgrruecbfZcQ1QhgPt+WHVcdCWd26jWAxmw6dgLMbMQ7d1K/DSE
2FPxH1fkeajlhDyu1Mu10brDQU0luHPgU4vU3P50FGO1LhZBmfgaWOThYaAeFT3b
dttZ/UbqaKJDsJYS3AjS1kveKbkwKvO2MXfejmYeqtP4/6IC2S28iueffcu8mRLp
wfOaI/whqU9NMPdYoq8ch9zs9mECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSu14C0
TsFYErjl3MBvg6C/NfTUxDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTM4MDM3YzUtNzBhNi00YjQ1LWI4NGMtYjRhZjgwMTVhZjM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CkA
MA0GCSqGSIb3DQEBCwUAA4IBAQBEdwLlKClTLKurw2YWpGTNawX7MKXGMYFv9rvn
OFAclKvKLG64mXk3CIQwbxbLX9v+eJo5L9iPdsc9zErFOpnlrAtsqVXT/WpMR3sc
bLsDh1VXxp/0gFUOa/g1TFTJwcX2SKtJSXLr18xHRU+9fHiXOFOgiGSW56wMY7Io
VT7x7QGjXg/C3tUezPELSV3xhGtusSMZ2Q4opx4UMXuG304OEV7JQY7C44Y+/AQD
/dW7IRf4G+CkIqW2r6r/HDK3Zg7773+h7uJC23ICAsvYZE4TzaIcnLOhqK6Yzcys
BLnD9m0zYYUlUqHhDShvTxcoKckIMSdy9jp/R4tt7T95QsEB
-----END CERTIFICATE-----
Generated at Thu Apr 18 03:34:50 2024 by rpki-client on console-ams.rpki-client.org