Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65937dce-286a-4015-b35e-dd342f7a3ff7.roa
File: 65937dce-286a-4015-b35e-dd342f7a3ff7.roa (raw, json)
Hash identifier: +fdwHiEoXN8eStAyw8j9NQP1PiJLbsdi+G8J7UDE+tA=
Subject key identifier: 30:CF:E0:47:2B:CE:C2:C6:E6:B4:30:18:A6:8A:09:E8:89:EA:6F:B6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1382E7811C3218BD18CAB24C4D431999EF995055
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65937dce-286a-4015-b35e-dd342f7a3ff7.roa
Signing time: Tue 23 Apr 2024 00:00:00 +0000
ROA not before: Tue 23 Apr 2024 00:00:00 +0000
ROA not after: Tue 28 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:82:e7:81:1c:32:18:bd:18:ca:b2:4c:4d:43:19:99:ef:99:50:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 23 00:00:00 2024 GMT
Not After : May 28 23:59:59 2024 GMT
Subject: serialNumber=befd28c38d4c3d074c329af091cf1e0c17de9fba00bfe5aff7353a11c4a19e86, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:81:86:45:0f:e1:ac:10:0e:31:4c:40:ae:46:
a6:1a:3d:d2:94:1c:f1:f3:2c:10:e5:b8:1b:67:6e:
1e:e5:44:28:fc:ea:79:11:01:ac:af:df:27:0b:e0:
da:d0:72:54:54:e6:98:23:bd:6d:2a:ee:44:d0:61:
08:ac:b4:b1:63:35:b1:5a:86:fc:03:82:6a:ff:3f:
5e:9f:41:65:d1:f2:fa:2c:1e:ce:fc:a7:30:a0:b2:
05:7c:64:de:b7:d3:00:a1:aa:64:d8:d3:94:3c:d9:
c1:54:d1:29:a4:77:c5:e0:8a:6c:04:03:9e:44:2c:
68:6d:fb:95:eb:55:d7:53:ec:ea:95:10:16:10:76:
ea:75:90:f9:f8:c0:6d:5b:16:df:1c:5e:86:46:5f:
56:b8:2d:a5:37:53:28:b4:63:08:f6:68:9a:04:de:
fa:33:d1:3c:6b:d4:c1:bb:02:79:1b:c8:2f:b6:55:
f5:cb:34:c7:39:b7:eb:b5:ff:9c:85:56:d9:00:0b:
11:95:17:d2:e1:ed:03:1d:64:10:b4:64:a0:03:73:
ac:80:99:62:a8:ae:ec:1b:1f:93:d4:8e:5c:e5:83:
4e:ea:69:c8:7d:04:8b:f2:3d:6e:43:65:19:df:28:
2b:e4:98:57:9f:36:3a:5a:e1:2b:7b:8b:d8:fb:ee:
c8:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:CF:E0:47:2B:CE:C2:C6:E6:B4:30:18:A6:8A:09:E8:89:EA:6F:B6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65937dce-286a-4015-b35e-dd342f7a3ff7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:1000::/40
Signature Algorithm: sha256WithRSAEncryption
72:e5:47:73:50:d0:f7:7e:fd:15:20:04:95:75:04:37:73:32:
a5:92:01:da:c7:33:f4:75:cb:87:29:68:88:ca:ca:4b:ce:27:
f2:da:6b:ca:51:d1:5b:c7:9e:49:91:d1:ef:58:5c:1d:1b:da:
b4:82:e5:c1:38:e7:20:05:92:1e:1c:f0:4e:e4:08:57:b5:f2:
88:20:84:0b:84:59:07:94:c8:9e:da:07:f6:7a:ab:e1:4b:e5:
c1:f5:ef:2a:59:f1:17:9d:80:5e:31:b9:85:e3:47:6a:5f:41:
d3:a8:de:91:55:80:97:ae:79:44:b4:e9:74:07:8b:e3:9a:7e:
44:44:6b:35:e4:e7:f7:18:55:42:1b:c4:d0:8b:bc:5f:34:6e:
87:5d:67:dc:54:fd:3e:44:5e:90:df:82:ea:65:9d:ec:fd:4d:
91:a7:0b:61:9c:91:4d:27:49:0f:83:2b:8a:82:7d:f0:a8:d4:
89:09:aa:5e:f2:5f:9e:5c:75:cb:e9:f8:1f:70:bb:de:d3:b7:
46:06:b7:58:81:bf:1a:df:71:da:d5:22:94:8c:8a:ce:e0:a2:
51:b1:5f:d4:50:6a:8c:48:4a:7f:d3:ee:c2:70:ed:2b:38:58:
5c:cd:6a:4e:45:fd:c8:d2:37:85:5d:6f:b5:e0:2d:53:72:3b:
23:2f:89:9d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUE4LngRwyGL0YyrJMTUMZme+ZUFUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MjMwMDAwMDBaFw0yNDA1MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQGJlZmQyOGMzOGQ0YzNkMDc0YzMyOWFmMDkxY2YxZTBjMTdkZTlmYmEwMGJm
ZTVhZmY3MzUzYTExYzRhMTllODYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALGBhkUP4awQDjFMQK5Gpho90pQc8fMsEOW4G2duHuVEKPzqeREBrK/fJwvg
2tByVFTmmCO9bSruRNBhCKy0sWM1sVqG/AOCav8/Xp9BZdHy+iwezvynMKCyBXxk
3rfTAKGqZNjTlDzZwVTRKaR3xeCKbAQDnkQsaG37letV11Ps6pUQFhB26nWQ+fjA
bVsW3xxehkZfVrgtpTdTKLRjCPZomgTe+jPRPGvUwbsCeRvIL7ZV9cs0xzm367X/
nIVW2QALEZUX0uHtAx1kELRkoANzrICZYqiu7Bsfk9SOXOWDTuppyH0Ei/I9bkNl
Gd8oK+SYV582OlrhK3uL2PvuyFsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQwz+BH
K87Cxua0MBimignoiepvtjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjU5MzdkY2UtMjg2YS00MDE1LWIzNWUtZGQzNDJmN2EzZmY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DEQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBy5UdzUND3fv0VIASVdQQ3czKlkgHaxzP0dcuH
KWiIyspLzify2mvKUdFbx55JkdHvWFwdG9q0guXBOOcgBZIeHPBO5AhXtfKIIIQL
hFkHlMie2gf2eqvhS+XB9e8qWfEXnYBeMbmF40dqX0HTqN6RVYCXrnlEtOl0B4vj
mn5ERGs15Of3GFVCG8TQi7xfNG6HXWfcVP0+RF6Q34LqZZ3s/U2RpwthnJFNJ0kP
gyuKgn3wqNSJCape8l+eXHXL6fgfcLve07dGBrdYgb8a33Ha1SKUjIrO4KJRsV/U
UGqMSEp/0+7CcO0rOFhczWpORf3I0jeFXW+14C1TcjsjL4md
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:40:29 2024 by rpki-client on console-ams.rpki-client.org