Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/595250c3-e9f2-4e23-9779-87c47497f520.roa
File: 595250c3-e9f2-4e23-9779-87c47497f520.roa (raw, json)
Hash identifier: cKEPash0J/6L40cAx0qCrVarMSH9OfBxkIfkVOcwLh4=
Subject key identifier: F2:4B:89:D1:1E:0E:EC:61:81:CC:95:C3:96:F9:AA:A3:21:AB:7C:BF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7014D2ECF54C5DB752F99BE53E8F9AF8AD4FDB7C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/595250c3-e9f2-4e23-9779-87c47497f520.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:14:d2:ec:f5:4c:5d:b7:52:f9:9b:e5:3e:8f:9a:f8:ad:4f:db:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=f6513135fb57f5a4c3f534a4eab3e4e8ba99d84d54f76b15343724f25d4e9040, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:72:c3:73:5f:3a:62:48:fe:e6:aa:d2:05:4f:
52:3f:5d:d9:98:a1:f5:90:1c:d9:25:e3:4d:6c:32:
73:54:ae:bd:1b:70:b2:d0:b0:ee:23:4a:d8:58:7a:
18:e8:41:52:53:3b:d3:fe:0b:f9:a4:e5:9e:cc:94:
e9:ac:68:b6:23:e6:26:01:2e:e7:72:35:69:00:0a:
48:30:4c:bc:85:b8:f8:ef:54:22:d9:54:19:3c:b6:
c5:6d:1c:cb:b5:a9:d6:f2:0a:cd:d1:df:34:0a:d3:
10:56:72:d6:bd:aa:13:94:ba:90:44:69:d8:aa:f6:
7f:c4:56:f9:7d:38:23:24:65:4d:58:d7:4a:ee:ce:
ca:2d:8e:0b:51:97:c6:f6:91:af:cf:0d:cb:1a:38:
5d:3e:43:19:fc:ce:35:80:37:ea:5f:3d:9c:01:e7:
d0:79:9f:f8:a3:25:67:5a:3d:a1:0b:7f:de:aa:1e:
b3:fa:1f:54:2f:fe:c1:5e:81:56:10:5f:61:97:9e:
c7:8a:ad:f7:ab:57:b1:c6:f7:bc:c5:c8:f2:22:22:
8e:c4:cf:ae:d0:e6:52:67:fb:59:95:2d:25:95:c7:
86:6a:0d:db:97:14:e5:74:4e:47:49:95:ba:68:02:
03:c4:cb:7a:8f:d5:48:c2:e7:af:a1:7b:ed:a8:dc:
13:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:4B:89:D1:1E:0E:EC:61:81:CC:95:C3:96:F9:AA:A3:21:AB:7C:BF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/595250c3-e9f2-4e23-9779-87c47497f520.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:5000::/40
Signature Algorithm: sha256WithRSAEncryption
62:e8:19:d0:fd:68:39:d4:95:ee:20:91:ef:61:e6:2e:07:f5:
e9:b8:a4:a2:9c:89:5c:6b:b2:73:27:ee:d3:18:f4:f4:fa:ee:
09:72:31:04:7e:cd:7e:b4:0e:c1:2f:2d:2b:3a:8f:19:47:3b:
68:a4:d1:a0:0f:1e:49:5d:7e:d4:4f:89:78:e2:92:94:b9:aa:
3a:0d:59:f7:38:5b:cb:d3:f9:8e:de:85:c8:7e:53:76:f8:b7:
c8:06:14:5d:65:7e:c5:5f:f9:3b:bd:e6:71:ee:19:fc:9b:c4:
2e:04:ea:bf:b4:21:fa:4c:de:6e:2a:42:ac:a1:5e:e8:3f:db:
37:4f:e0:a3:51:de:a6:1c:6d:fe:98:5b:af:fd:b4:7f:d7:db:
4a:8a:c9:6f:e1:85:0e:dc:21:a9:c8:0e:3a:2d:21:66:10:d1:
33:cd:b5:a3:f8:0a:29:a4:64:be:d2:ac:d5:e4:65:e3:4d:89:
da:ab:0f:58:5e:1e:38:9a:9a:40:7f:84:44:98:cd:e8:58:1c:
29:3a:5b:01:4b:3e:ac:6a:82:eb:dc:a0:d8:6a:3b:1f:5f:6e:
3a:32:6c:0b:1f:89:a1:50:04:92:fb:f2:2f:58:94:ff:d1:25:
7e:58:3e:3a:b8:f1:a9:5d:7b:be:d3:45:e4:1f:c1:b7:2a:b3:
07:89:86:8e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcBTS7PVMXbdS+ZvlPo+a+K1P23wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGY2NTEzMTM1ZmI1N2Y1YTRjM2Y1MzRhNGVhYjNlNGU4YmE5OWQ4NGQ1NGY3
NmIxNTM0MzcyNGYyNWQ0ZTkwNDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMlyw3NfOmJI/uaq0gVPUj9d2Zih9ZAc2SXjTWwyc1SuvRtwstCw7iNK2Fh6
GOhBUlM70/4L+aTlnsyU6axotiPmJgEu53I1aQAKSDBMvIW4+O9UItlUGTy2xW0c
y7Wp1vIKzdHfNArTEFZy1r2qE5S6kERp2Kr2f8RW+X04IyRlTVjXSu7Oyi2OC1GX
xvaRr88Nyxo4XT5DGfzONYA36l89nAHn0Hmf+KMlZ1o9oQt/3qoes/ofVC/+wV6B
VhBfYZeex4qt96tXscb3vMXI8iIijsTPrtDmUmf7WZUtJZXHhmoN25cU5XROR0mV
umgCA8TLeo/VSMLnr6F77ajcE2sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTyS4nR
Hg7sYYHMlcOW+aqjIat8vzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTk1MjUwYzMtZTlmMi00ZTIzLTk3NzktODdjNDc0OTdmNTIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HhQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBi6BnQ/Wg51JXuIJHvYeYuB/XpuKSinIlca7Jz
J+7TGPT0+u4JcjEEfs1+tA7BLy0rOo8ZRztopNGgDx5JXX7UT4l44pKUuao6DVn3
OFvL0/mO3oXIflN2+LfIBhRdZX7FX/k7veZx7hn8m8QuBOq/tCH6TN5uKkKsoV7o
P9s3T+CjUd6mHG3+mFuv/bR/19tKislv4YUO3CGpyA46LSFmENEzzbWj+AoppGS+
0qzV5GXjTYnaqw9YXh44mppAf4REmM3oWBwpOlsBSz6saoLr3KDYajsfX246MmwL
H4mhUASS+/IvWJT/0SV+WD46uPGpXXu+00XkH8G3KrMHiYaO
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:50:17 2023 by rpki-client on console-ams.rpki-client.org