Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/636fd47b-89eb-4828-873d-2c6e06a89e85.roa
File: 636fd47b-89eb-4828-873d-2c6e06a89e85.roa (raw, json)
Hash identifier: oKomm5Ogh7YdUvvzK9AFJLn704ay1RgSt9xXvqou5Io=
Subject key identifier: 2D:70:43:3B:FD:C1:91:51:C7:1A:C2:94:66:00:D8:7E:5E:0E:9F:08
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3FF351A8897BA1ECEF8012C4DE8B8DAAA2DC5A76
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/636fd47b-89eb-4828-873d-2c6e06a89e85.roa
Signing time: Sat 18 Mar 2023 00:00:00 +0000
ROA not before: Sat 18 Mar 2023 00:00:00 +0000
ROA not after: Sat 22 Apr 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Mar 2023 16:08:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:f3:51:a8:89:7b:a1:ec:ef:80:12:c4:de:8b:8d:aa:a2:dc:5a:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 18 00:00:00 2023 GMT
Not After : Apr 22 23:59:59 2023 GMT
Subject: serialNumber=0a21088802fc18a094b31e240c4eee287fc7b66ef1a1d00a1c19e4d7d809f395, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:60:3b:29:09:30:a2:54:3b:2b:44:ae:1a:0e:
a6:e7:63:fb:d9:e7:9f:77:f4:d9:13:da:5e:48:8e:
2a:39:dd:07:60:c1:c6:c5:7c:21:f7:75:05:d8:0e:
97:19:69:17:8a:2e:84:60:9c:c2:d1:be:79:6a:9e:
2b:22:91:e2:ac:58:ec:46:08:fb:9e:a8:16:f0:f4:
34:ab:3c:4a:58:d7:11:84:63:af:be:3a:ae:3b:af:
72:d6:76:8a:37:e0:aa:5a:40:3c:9f:16:e5:63:5e:
a6:b9:b2:e9:8d:9f:ae:a8:dc:42:39:b0:ab:21:3a:
12:26:d2:0e:06:c9:1a:67:c0:41:65:04:e2:36:9f:
c5:45:9e:80:b0:ed:14:a5:4d:e5:d1:af:a1:a8:e5:
8d:b6:f3:5c:0b:3e:d1:6a:be:ba:3a:ec:d5:a0:69:
97:c9:f6:0b:74:47:87:e3:28:06:09:9b:7b:34:d9:
96:be:59:ac:c8:8f:52:41:93:29:dc:7d:ce:89:ca:
22:57:1d:f7:a6:be:42:1b:49:c7:0a:f4:6b:f0:36:
ad:79:bf:80:42:bf:5d:33:68:f9:f6:30:1d:f7:94:
fa:36:f8:de:d5:bb:89:91:c6:69:b2:9e:c0:a8:4c:
8f:a7:9f:44:78:19:d8:ed:cd:ad:6e:9e:69:54:86:
b5:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:70:43:3B:FD:C1:91:51:C7:1A:C2:94:66:00:D8:7E:5E:0E:9F:08
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/636fd47b-89eb-4828-873d-2c6e06a89e85.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011::/36
Signature Algorithm: sha256WithRSAEncryption
24:7f:3a:bf:c4:5c:f8:82:fd:e4:ee:40:be:5f:03:06:20:b6:
6f:62:d7:25:59:cd:2c:1a:ee:c1:87:10:94:50:72:dd:f3:6b:
1f:90:fa:70:4d:0e:d2:6e:79:c3:9f:cc:21:d3:19:a7:fc:e6:
13:2c:07:ec:79:48:44:c4:19:b7:29:ff:7e:36:18:9c:cd:27:
6a:da:c2:4b:69:d3:58:53:40:49:d0:e5:96:e7:eb:f7:85:84:
14:bc:aa:11:94:a8:1f:f8:69:6a:89:88:a8:36:0e:64:68:69:
6c:06:f4:d4:79:52:5a:13:0b:ff:1f:66:ad:ad:ae:19:08:d0:
23:99:36:c0:8e:f5:8f:fc:ab:51:36:3d:8a:55:ae:73:73:77:
e1:8d:5c:4d:ec:bd:07:9d:54:d8:f7:5d:96:d5:73:a0:10:4f:
7b:a0:95:d3:08:f9:3b:b7:db:dc:6b:fe:d5:ed:38:ab:53:1a:
76:41:8b:a1:31:ea:e4:c5:17:99:8c:16:f1:30:65:be:31:c3:
37:a9:e5:e7:f6:77:68:99:37:bc:1c:f8:f8:07:fb:97:e7:b2:
fd:3e:28:fb:62:f0:5a:a5:59:cc:06:ad:58:4f:b0:06:a4:91:
81:a1:e7:f5:78:5f:43:56:de:c9:da:1a:e4:a2:67:48:99:d2:
4b:b4:b2:fa
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIUP/NRqIl7oezvgBLE3ouNqqLcWnYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzAzMTgwMDAwMDBaFw0yMzA0MjIyMzU5NTlaMIGlMUkwRwYD
VQQFE0AwYTIxMDg4ODAyZmMxOGEwOTRiMzFlMjQwYzRlZWUyODdmYzdiNjZlZjFh
MWQwMGExYzE5ZTRkN2Q4MDlmMzk1MS0wKwYDVQQDEyQ2NjE1YTM4Yi0zYWQ3LTQ3
YjctOGZiMi02ODVjMzhkMDA5MTQxFDASBgNVBAsTC0FtYXpvbiBSUEtJMRMwEQYD
VQQKEwpBbWF6b24uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
0WA7KQkwolQ7K0SuGg6m52P72eefd/TZE9peSI4qOd0HYMHGxXwh93UF2A6XGWkX
ii6EYJzC0b55ap4rIpHirFjsRgj7nqgW8PQ0qzxKWNcRhGOvvjquO69y1naKN+Cq
WkA8nxblY16mubLpjZ+uqNxCObCrIToSJtIOBskaZ8BBZQTiNp/FRZ6AsO0UpU3l
0a+hqOWNtvNcCz7Rar66OuzVoGmXyfYLdEeH4ygGCZt7NNmWvlmsyI9SQZMp3H3O
icoiVx33pr5CG0nHCvRr8Dateb+AQr9dM2j59jAd95T6Nvje1buJkcZpsp7AqEyP
p59EeBnY7c2tbp5pVIa1aQIDAQABo4ICIzCCAh8wHQYDVR0OBBYEFC1wQzv9wZFR
xxrClGYA2H5eDp8IMB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8MA4G
A1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVuZFo1
UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsGAQUF
BzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5jb20v
dm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC82MzZm
ZDQ3Yi04OWViLTQ4MjgtODczZC0yYzZlMDZhODllODUucm9hMIGIBgNVHR8EgYAw
fjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
dU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgXQEQAwDQYJ
KoZIhvcNAQELBQADggEBACR/Or/EXPiC/eTuQL5fAwYgtm9i1yVZzSwa7sGHEJRQ
ct3zax+Q+nBNDtJuecOfzCHTGaf85hMsB+x5SETEGbcp/342GJzNJ2rawktp01hT
QEnQ5Zbn6/eFhBS8qhGUqB/4aWqJiKg2DmRoaWwG9NR5UloTC/8fZq2trhkI0COZ
NsCO9Y/8q1E2PYpVrnNzd+GNXE3svQedVNj3XZbVc6AQT3ugldMI+Tu329xr/tXt
OKtTGnZBi6Ex6uTFF5mMFvEwZb4xwzep5ef2d2iZN7wc+PgH+5fnsv0+KPti8Fql
WcwGrVhPsAakkYGh5/V4X0NW3snaGuSiZ0iZ0ku0svo=
-----END CERTIFICATE-----
Generated at Sat Mar 18 00:30:39 2023 by rpki-client on console-ams.rpki-client.org