Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa
File: 5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa (raw, json)
Hash identifier: LfbBjGWOJRkt2vvR1A+/f80FCedoMz5mt5Yfw6eGXSM=
Subject key identifier: 10:1A:7E:25:0E:C9:7C:5B:88:55:79:38:5F:70:13:B5:DD:16:86:9F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 198C46BA7A0078FDA6B5D5D3D929E033C8657922
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d025:1000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:8c:46:ba:7a:00:78:fd:a6:b5:d5:d3:d9:29:e0:33:c8:65:79:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=620a4b28d1154ddbbdd40b12edadca8e5f060d48b7e852ad62036785084bf8e5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:55:bb:93:9e:02:61:ae:5e:fe:fe:af:73:d1:
0a:82:46:3f:98:65:ec:55:b9:19:1a:53:89:0a:73:
2c:f6:8d:49:17:21:86:1c:33:77:94:05:6f:65:ee:
ef:c7:45:29:7d:a1:19:f4:1b:72:2b:96:ac:3b:35:
54:15:b5:6e:1b:f2:f9:28:8f:2e:ce:b1:d4:14:32:
01:7c:21:89:da:b3:00:20:ae:7f:65:a4:58:97:8d:
fa:4a:1c:2e:94:91:3b:7d:1a:95:df:9e:fa:80:d1:
a2:55:0a:ec:3a:6b:77:59:02:ec:8b:3a:5f:22:18:
eb:ef:7b:9b:4e:4f:e4:f5:ba:eb:c8:d3:d7:e3:93:
8d:5b:47:2f:49:0a:58:8b:0a:31:db:ab:59:69:80:
4f:a7:87:58:94:e8:81:b5:99:84:58:be:0e:a1:86:
69:f2:e8:f8:5c:5e:43:91:01:ac:d0:32:d1:c9:5a:
d4:65:19:2b:72:36:c5:95:16:ff:84:a5:5a:a3:c0:
0a:92:65:53:d2:8e:7c:52:14:d7:79:d3:49:96:6f:
6f:50:fe:1e:6b:45:6c:5e:7e:3f:6b:8b:03:f2:20:
76:30:95:99:72:4d:81:96:5d:01:28:86:a4:90:cd:
61:c1:a9:7c:3b:ac:2e:c2:76:2c:a1:d7:43:e2:2d:
19:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:1A:7E:25:0E:C9:7C:5B:88:55:79:38:5F:70:13:B5:DD:16:86:9F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d025:1000::/36
Signature Algorithm: sha256WithRSAEncryption
3b:97:e7:77:f2:ac:f0:0a:4d:e3:64:f1:40:17:e5:99:5b:b5:
79:bb:61:df:ae:53:d7:72:5a:00:d2:7b:1a:58:0f:9d:d6:22:
96:a7:9e:3d:8d:7f:6f:8f:80:57:41:63:4e:43:82:cf:8e:06:
ed:46:ed:26:a0:5a:08:2d:c2:45:8f:48:8a:c5:2c:1c:d4:ea:
38:9d:c7:b2:ca:79:c5:4a:d9:26:fc:0b:e2:60:55:a5:d7:98:
2c:de:de:af:97:ce:50:11:1c:e4:42:68:6e:cb:5e:bf:1d:dc:
1a:84:c7:08:a8:18:78:a1:ce:18:af:36:9f:be:f2:7d:13:9e:
4d:9c:4d:bc:4f:45:e8:9b:72:23:6f:9b:7a:c6:dd:d2:72:73:
c2:51:8e:1d:e8:8e:92:c3:a0:b2:a3:7a:50:e0:f1:4e:39:c8:
63:18:10:0e:ee:1e:51:6c:e9:45:34:86:73:0a:92:35:91:e2:
3d:3a:0d:9d:98:2f:96:93:c2:5f:8e:45:6c:93:2c:60:d2:f4:
93:d2:df:61:b8:1b:57:07:23:a5:b2:f5:55:59:d9:60:2e:e1:
1d:49:2f:35:95:7f:53:11:aa:37:b3:cc:01:51:7d:02:b0:2e:
8d:08:d6:51:35:3c:94:0a:3e:8a:aa:44:54:86:f5:a4:b5:07:
2e:03:0e:d4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGYxGunoAeP2mtdXT2SngM8hleSIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyMGE0YjI4ZDExNTRkZGJiZGQ0MGIxMmVkYWRjYThlNWYwNjBkNDhiN2U4
NTJhZDYyMDM2Nzg1MDg0YmY4ZTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANhVu5OeAmGuXv7+r3PRCoJGP5hl7FW5GRpTiQpzLPaNSRchhhwzd5QFb2Xu
78dFKX2hGfQbciuWrDs1VBW1bhvy+SiPLs6x1BQyAXwhidqzACCuf2WkWJeN+koc
LpSRO30ald+e+oDRolUK7Dprd1kC7Is6XyIY6+97m05P5PW668jT1+OTjVtHL0kK
WIsKMdurWWmAT6eHWJTogbWZhFi+DqGGafLo+FxeQ5EBrNAy0cla1GUZK3I2xZUW
/4SlWqPACpJlU9KOfFIU13nTSZZvb1D+HmtFbF5+P2uLA/IgdjCVmXJNgZZdASiG
pJDNYcGpfDusLsJ2LKHXQ+ItGZECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQQGn4l
Dsl8W4hVeThfcBO13RaGnzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWE1ODVlOWQtOGJmMC00YmMxLWFkN2ItYjZjM2UwYmY5YjkzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CUQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA7l+d38qzwCk3jZPFAF+WZW7V5u2HfrlPXcloA
0nsaWA+d1iKWp549jX9vj4BXQWNOQ4LPjgbtRu0moFoILcJFj0iKxSwc1Oo4ncey
ynnFStkm/AviYFWl15gs3t6vl85QERzkQmhuy16/HdwahMcIqBh4oc4YrzafvvJ9
E55NnE28T0Xom3Ijb5t6xt3ScnPCUY4d6I6Sw6Cyo3pQ4PFOOchjGBAO7h5RbOlF
NIZzCpI1keI9Og2dmC+Wk8JfjkVskyxg0vST0t9huBtXByOlsvVVWdlgLuEdSS81
lX9TEao3s8wBUX0CsC6NCNZRNTyUCj6KqkRUhvWktQcuAw7U
-----END CERTIFICATE-----
Generated at Sat Apr 27 17:54:24 2024 by rpki-client on console-ams.rpki-client.org