Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fe931ae-e353-437d-9738-79004c5e9188.roa
File: 5fe931ae-e353-437d-9738-79004c5e9188.roa (raw, json)
Hash identifier: sPVxJYkaG1zGPgPcpmBvmGNxfczQZaIx53XpyVfPM8Q=
Subject key identifier: 89:9A:6A:49:F3:96:07:CA:B8:AD:55:B2:4F:04:54:AD:03:4E:FA:4A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0D1815C60C87AF6125B8072A296F6BF0BEAA2B5C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fe931ae-e353-437d-9738-79004c5e9188.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:18:15:c6:0c:87:af:61:25:b8:07:2a:29:6f:6b:f0:be:aa:2b:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=3d80cbf8f45619ec4655c451f3a205c5bcd2d5658e934f5e6aa2691f0458e36d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e6:84:4e:b1:f1:e3:f7:2c:40:5a:ad:fb:07:
3f:5f:7e:de:21:d9:0d:3c:f7:67:35:52:6d:89:16:
a9:bf:d9:ab:a9:7c:09:50:c9:06:9f:07:73:65:fc:
66:5f:fe:7c:e6:4a:77:9e:c1:e7:0d:ef:28:e3:bb:
77:ee:6b:9c:da:b7:dc:c4:a3:f1:2c:0b:dc:56:b5:
c3:78:18:6b:ef:28:94:3a:62:fd:a1:b9:a3:09:48:
c8:b3:b2:c0:a2:6d:47:18:63:22:0c:ad:dc:e2:6c:
bb:74:72:9b:88:54:19:77:c3:42:d7:06:b6:e3:86:
3e:b4:53:2c:1c:4d:45:86:d6:74:c4:92:a3:b3:ee:
60:a2:57:eb:03:0a:70:b2:38:4b:59:81:f8:a7:bb:
27:3a:7e:e7:a2:7c:1b:c7:ff:fb:b3:0d:8e:40:82:
5e:77:bc:3b:0c:99:b2:a4:49:f9:5d:43:db:d7:26:
f0:23:d1:a6:e8:30:01:c0:79:9b:52:cd:1c:16:50:
ad:60:2f:60:86:c4:6a:3f:f5:d0:ff:a4:b9:b4:b5:
1b:31:40:69:8a:a7:fe:94:db:f1:de:b3:98:bc:ad:
89:ea:aa:e8:ee:61:5b:ad:50:56:7a:5f:01:ef:52:
bf:35:0f:b6:4b:56:96:65:c8:3b:02:36:c8:13:a1:
6b:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:9A:6A:49:F3:96:07:CA:B8:AD:55:B2:4F:04:54:AD:03:4E:FA:4A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fe931ae-e353-437d-9738-79004c5e9188.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:c000::/40
Signature Algorithm: sha256WithRSAEncryption
2f:f3:35:65:de:6d:fe:74:74:8c:ca:5f:1e:30:ed:02:44:8a:
56:1a:f6:cf:fa:fd:6f:19:32:5a:e0:53:cb:46:68:a2:4f:50:
c3:99:dc:41:27:a7:44:86:73:b5:24:4a:f6:74:dd:44:e7:8a:
a5:b3:af:18:07:10:0f:31:77:06:90:3a:ab:92:1e:92:21:8f:
84:ba:aa:11:b6:29:b7:a8:a7:09:87:8e:c0:e4:32:f4:aa:68:
b1:a7:0c:1a:35:a1:39:a0:3a:27:c4:a2:f1:d7:e6:c3:92:93:
26:2a:07:32:6b:4f:ed:93:6b:41:40:52:20:ad:31:e7:95:7c:
bb:39:99:6a:65:05:28:73:7e:b4:0f:ea:5e:43:f9:37:7b:6b:
df:f8:80:a0:dc:a6:53:71:ea:48:6e:52:01:96:16:92:ca:31:
5a:6f:df:fa:a1:d0:b9:4a:4a:34:61:e3:67:f5:f0:8f:d3:55:
71:e6:66:c8:f3:ef:df:4b:0c:6f:40:f1:91:07:70:2a:b0:2b:
5f:55:57:fa:7a:fb:2e:93:41:06:b8:1c:80:6b:39:13:27:7c:
88:fb:af:cc:2c:1c:96:75:1e:9a:92:18:c5:95:63:0f:2d:83:
78:ca:b5:4b:ab:b2:d6:71:df:11:4f:3d:99:b7:9f:ee:51:67:
3e:74:a2:91
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDRgVxgyHr2EluAcqKW9r8L6qK1wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDNkODBjYmY4ZjQ1NjE5ZWM0NjU1YzQ1MWYzYTIwNWM1YmNkMmQ1NjU4ZTkz
NGY1ZTZhYTI2OTFmMDQ1OGUzNmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALnmhE6x8eP3LEBarfsHP19+3iHZDTz3ZzVSbYkWqb/Zq6l8CVDJBp8Hc2X8
Zl/+fOZKd57B5w3vKOO7d+5rnNq33MSj8SwL3Fa1w3gYa+8olDpi/aG5owlIyLOy
wKJtRxhjIgyt3OJsu3Rym4hUGXfDQtcGtuOGPrRTLBxNRYbWdMSSo7PuYKJX6wMK
cLI4S1mB+Ke7Jzp+56J8G8f/+7MNjkCCXne8OwyZsqRJ+V1D29cm8CPRpugwAcB5
m1LNHBZQrWAvYIbEaj/10P+kubS1GzFAaYqn/pTb8d6zmLytieqq6O5hW61QVnpf
Ae9SvzUPtktWlmXIOwI2yBOha+UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSJmmpJ
85YHyritVbJPBFStA076SjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWZlOTMxYWUtZTM1My00MzdkLTk3MzgtNzkwMDRjNWU5MTg4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DTA
MA0GCSqGSIb3DQEBCwUAA4IBAQAv8zVl3m3+dHSMyl8eMO0CRIpWGvbP+v1vGTJa
4FPLRmiiT1DDmdxBJ6dEhnO1JEr2dN1E54qls68YBxAPMXcGkDqrkh6SIY+EuqoR
tim3qKcJh47A5DL0qmixpwwaNaE5oDonxKLx1+bDkpMmKgcya0/tk2tBQFIgrTHn
lXy7OZlqZQUoc360D+peQ/k3e2vf+ICg3KZTcepIblIBlhaSyjFab9/6odC5Sko0
YeNn9fCP01Vx5mbI8+/fSwxvQPGRB3AqsCtfVVf6evsuk0EGuByAazkTJ3yI+6/M
LByWdR6akhjFlWMPLYN4yrVLq7LWcd8RTz2Zt5/uUWc+dKKR
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:26 2023 by rpki-client on console-ams.rpki-client.org