Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65e74b89-5008-4b73-92b0-311e73580735.roa
File: 65e74b89-5008-4b73-92b0-311e73580735.roa (raw, json)
Hash identifier: 0CtOngguJ5E2IYycNgS/11b1XT8Avzi5sq5LefIdmbI=
Subject key identifier: 99:2C:53:8C:56:23:D1:68:85:63:84:80:A8:ED:91:6D:18:04:CE:F1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 488CC5C5AD828359AD4A760FFE97A7BD9B238E67
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65e74b89-5008-4b73-92b0-311e73580735.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:8c:c5:c5:ad:82:83:59:ad:4a:76:0f:fe:97:a7:bd:9b:23:8e:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=220a901d8e2836386029e7bdcffc4cf7f0a896a522ce4fb68ea6707b1e65154c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:40:6b:4c:02:59:04:21:06:44:a7:ed:6f:1c:
2a:b3:61:38:30:11:c2:c8:9f:0b:2b:08:b3:12:01:
6c:c8:43:b6:80:d7:0f:79:d6:e9:4a:47:bc:10:bf:
d7:17:f8:bb:5c:a0:b6:11:96:bc:02:88:95:bd:b1:
cb:3a:3d:4e:5f:be:dd:e8:b7:f7:00:d8:77:73:28:
7c:85:35:a6:ca:24:08:23:c1:66:8c:b0:9e:69:7a:
c7:b5:36:ff:77:a2:8f:56:bc:a2:0f:a7:f9:8c:78:
61:76:c7:a5:60:e7:fb:0c:1b:43:a2:fa:c6:2b:bf:
6c:14:86:fe:22:ab:69:c3:14:e5:93:2e:13:2a:67:
b0:d8:83:d2:6d:b6:5c:9a:00:ee:ff:08:a3:b5:97:
ba:88:f9:d8:c1:22:98:47:04:93:4d:1a:13:79:2c:
04:d2:b7:b3:41:55:b1:48:59:b6:9d:52:73:0c:de:
83:e9:62:49:f1:52:9c:08:42:7b:af:c5:04:44:39:
d2:f3:2a:17:f8:f9:a9:d4:20:cc:9d:2b:a3:73:e0:
95:d0:17:6b:c2:7b:a3:7c:27:c0:06:42:e0:1d:23:
b2:b0:72:d9:91:1b:e0:fe:3c:90:b9:d3:33:21:af:
b0:23:f3:5a:ce:ba:61:33:9f:ae:47:59:b2:18:c8:
06:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:2C:53:8C:56:23:D1:68:85:63:84:80:A8:ED:91:6D:18:04:CE:F1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65e74b89-5008-4b73-92b0-311e73580735.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:9000::/40
Signature Algorithm: sha256WithRSAEncryption
41:a9:06:54:f9:f0:8f:55:1e:d9:4e:83:93:74:99:62:9c:36:
8d:de:97:99:0a:b9:a8:b6:ee:76:f8:ed:df:88:80:74:f2:af:
41:df:b3:de:f4:d8:7a:be:bb:ae:99:5b:dc:38:87:30:0c:8f:
b5:d6:d1:6a:55:30:6e:24:cf:8a:e9:12:6b:ef:d3:01:5d:e4:
63:85:78:a6:26:81:67:2f:48:0f:c0:64:d1:59:6a:b6:b5:1d:
1b:82:33:61:ac:a3:ea:9b:d0:44:36:e8:12:38:08:d6:2c:2e:
f9:e7:fe:ac:48:d0:26:e8:9c:64:c2:de:4f:8a:ce:35:c1:2b:
74:98:ac:55:8b:c4:36:2b:8c:9b:e8:b2:e1:0d:f0:ee:ed:86:
fd:63:d5:f7:07:57:da:1a:1c:3b:1b:72:4b:92:51:4a:bf:d1:
0a:4f:da:ca:0d:e9:a6:b2:09:81:6a:f2:ed:0e:22:a5:3b:63:
ee:9c:18:3c:f3:82:af:41:1c:3b:9e:f7:83:05:4b:4e:4e:f6:
87:6f:73:44:ea:5c:b6:ee:1f:1c:a5:b7:35:9f:2e:0c:fa:d4:
50:ef:a7:47:57:31:1e:47:bb:ee:cb:34:4d:f3:6e:b2:ee:cf:
3f:78:87:0b:a0:29:52:73:af:94:d7:e1:f9:df:10:4a:f8:47:
49:e1:8f:f7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSIzFxa2Cg1mtSnYP/penvZsjjmcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDIyMGE5MDFkOGUyODM2Mzg2MDI5ZTdiZGNmZmM0Y2Y3ZjBhODk2YTUyMmNl
NGZiNjhlYTY3MDdiMWU2NTE1NGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO5Aa0wCWQQhBkSn7W8cKrNhODARwsifCysIsxIBbMhDtoDXD3nW6UpHvBC/
1xf4u1ygthGWvAKIlb2xyzo9Tl++3ei39wDYd3MofIU1psokCCPBZoywnml6x7U2
/3eij1a8og+n+Yx4YXbHpWDn+wwbQ6L6xiu/bBSG/iKracMU5ZMuEypnsNiD0m22
XJoA7v8Io7WXuoj52MEimEcEk00aE3ksBNK3s0FVsUhZtp1Scwzeg+liSfFSnAhC
e6/FBEQ50vMqF/j5qdQgzJ0ro3PgldAXa8J7o3wnwAZC4B0jsrBy2ZEb4P48kLnT
MyGvsCPzWs66YTOfrkdZshjIBp8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSZLFOM
ViPRaIVjhICo7ZFtGATO8TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjVlNzRiODktNTAwOC00YjczLTkyYjAtMzExZTczNTgwNzM1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HeQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBBqQZU+fCPVR7ZToOTdJlinDaN3peZCrmotu52
+O3fiIB08q9B37Pe9Nh6vruumVvcOIcwDI+11tFqVTBuJM+K6RJr79MBXeRjhXim
JoFnL0gPwGTRWWq2tR0bgjNhrKPqm9BENugSOAjWLC755/6sSNAm6Jxkwt5Pis41
wSt0mKxVi8Q2K4yb6LLhDfDu7Yb9Y9X3B1faGhw7G3JLklFKv9EKT9rKDemmsgmB
avLtDiKlO2PunBg884KvQRw7nveDBUtOTvaHb3NE6ly27h8cpbc1ny4M+tRQ76dH
VzEeR7vuyzRN826y7s8/eIcLoClSc6+U1+H53xBK+EdJ4Y/3
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:26 2023 by rpki-client on console-ams.rpki-client.org