Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/671bf905-ec67-45af-9635-65f38b009536.roa
File: 671bf905-ec67-45af-9635-65f38b009536.roa (raw, json)
Hash identifier: i/IMmMp8pW6XXjWq0VVmNSx/LoLEFdh69ilNA4g5ipw=
Subject key identifier: 9B:44:CB:D3:B8:9F:16:E4:02:AD:9F:00:AB:6B:FA:7A:52:DF:3F:5D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 463A3EBA3DFE8B44F10F755034B385C34BB2762A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/671bf905-ec67-45af-9635-65f38b009536.roa
Signing time: Sat 18 Mar 2023 00:00:00 +0000
ROA not before: Sat 18 Mar 2023 00:00:00 +0000
ROA not after: Sat 22 Apr 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Mar 2023 16:08:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:3a:3e:ba:3d:fe:8b:44:f1:0f:75:50:34:b3:85:c3:4b:b2:76:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 18 00:00:00 2023 GMT
Not After : Apr 22 23:59:59 2023 GMT
Subject: serialNumber=d8a9e7c0629f943894cab8df2f9b915c707c54e04e27c0f0c62c600da2341210, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:8a:d2:64:bb:12:e8:5c:32:af:89:e4:ce:7b:
6c:15:19:0b:94:a0:d6:03:b1:c6:89:0e:f4:be:46:
b5:5f:09:0d:ab:bf:2d:68:0d:73:75:f5:78:e8:98:
52:7d:a0:f3:12:e3:ed:c7:96:db:e7:52:71:09:98:
71:11:85:57:c4:e8:d7:ad:36:ba:25:85:5c:71:df:
b8:b5:48:61:14:e5:24:76:70:49:78:00:5d:fc:5c:
21:83:c2:28:18:73:13:a1:b2:6b:17:cd:8c:c1:f7:
81:c5:34:7f:66:8b:df:6e:e6:8e:24:c1:aa:4b:ca:
7e:a8:78:50:0f:96:a5:fa:ee:e2:ae:11:36:44:3c:
b2:e6:87:5c:af:bc:ba:b2:01:13:61:f1:3c:08:69:
d8:61:5c:7d:94:7b:fe:d5:c7:65:ee:4f:d1:6d:82:
66:72:4e:53:e3:69:27:fe:d8:de:e3:8d:7d:0e:8a:
87:39:32:97:ea:f3:d0:dd:0f:5a:be:41:7f:13:9f:
df:f1:0c:e7:cd:21:6f:00:1b:cc:4f:eb:e2:12:a1:
41:6b:f2:0a:b3:a0:5a:d1:bd:83:eb:30:3c:f7:24:
6b:f0:9b:6d:a7:ad:c9:1d:fa:f4:62:d3:ca:16:da:
c6:0f:ed:6a:8d:75:0d:a0:dc:b9:5b:cf:3f:f4:77:
e4:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:44:CB:D3:B8:9F:16:E4:02:AD:9F:00:AB:6B:FA:7A:52:DF:3F:5D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/671bf905-ec67-45af-9635-65f38b009536.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:1000::/40
Signature Algorithm: sha256WithRSAEncryption
5f:ba:f5:78:b8:15:06:e4:cd:e1:f2:7e:94:a8:25:5c:68:ff:
b1:aa:7d:2f:2b:6d:d9:9f:a8:79:c2:03:1f:36:ff:90:73:d8:
1e:c7:6e:c0:39:ba:57:92:4d:6b:77:92:11:fe:0a:5a:86:ed:
fc:76:5a:84:c3:49:7d:be:d5:c0:ba:4b:e4:f2:df:af:13:7f:
26:d6:11:3b:cb:e5:01:42:8b:e2:86:06:1a:f4:54:c2:ef:54:
37:00:39:e6:b6:b5:9f:08:90:49:31:d0:5b:fe:cc:52:1d:af:
62:86:7f:f4:d0:ad:d7:a1:8b:f6:39:81:83:79:d4:9e:21:08:
ea:75:03:5f:e1:df:b7:e4:fc:90:07:73:7c:99:f3:67:2a:d9:
1a:48:1c:c3:16:3f:68:0f:50:97:e2:09:39:ce:b7:de:dd:91:
67:12:fd:30:39:93:bb:86:43:72:14:58:57:63:03:6b:45:59:
85:55:87:73:02:e0:34:f6:4b:6e:9d:d0:12:0e:6f:f2:83:32:
53:c5:29:ae:23:97:0d:29:2d:b5:16:3c:e1:57:c9:79:50:f9:
87:55:45:e4:9e:29:e5:dc:9f:8f:4a:ee:4f:9a:cd:e5:ff:96:
69:88:ad:1a:79:dd:1b:e8:d1:6f:76:f4:d8:56:a5:ca:05:c7:
b7:b5:c3:b5
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIURjo+uj3+i0TxD3VQNLOFw0uydiowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzAzMTgwMDAwMDBaFw0yMzA0MjIyMzU5NTlaMIGlMUkwRwYD
VQQFE0BkOGE5ZTdjMDYyOWY5NDM4OTRjYWI4ZGYyZjliOTE1YzcwN2M1NGUwNGUy
N2MwZjBjNjJjNjAwZGEyMzQxMjEwMS0wKwYDVQQDEyQ2NjE1YTM4Yi0zYWQ3LTQ3
YjctOGZiMi02ODVjMzhkMDA5MTQxFDASBgNVBAsTC0FtYXpvbiBSUEtJMRMwEQYD
VQQKEwpBbWF6b24uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
7IrSZLsS6Fwyr4nkzntsFRkLlKDWA7HGiQ70vka1XwkNq78taA1zdfV46JhSfaDz
EuPtx5bb51JxCZhxEYVXxOjXrTa6JYVccd+4tUhhFOUkdnBJeABd/Fwhg8IoGHMT
obJrF82MwfeBxTR/ZovfbuaOJMGqS8p+qHhQD5al+u7irhE2RDyy5odcr7y6sgET
YfE8CGnYYVx9lHv+1cdl7k/RbYJmck5T42kn/tje4419DoqHOTKX6vPQ3Q9avkF/
E5/f8QznzSFvABvMT+viEqFBa/IKs6Ba0b2D6zA89yRr8Jttp63JHfr0YtPKFtrG
D+1qjXUNoNy5W88/9Hfk5wIDAQABo4ICIzCCAh8wHQYDVR0OBBYEFJtEy9O4nxbk
Aq2fAKtr+npS3z9dMB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8MA4G
A1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVuZFo1
UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsGAQUF
BzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5jb20v
dm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC82NzFi
ZjkwNS1lYzY3LTQ1YWYtOTYzNS02NWYzOGIwMDk1MzYucm9hMIGIBgNVHR8EgYAw
fjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
dU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXQdxAwDQYJ
KoZIhvcNAQELBQADggEBAF+69Xi4FQbkzeHyfpSoJVxo/7GqfS8rbdmfqHnCAx82
/5Bz2B7HbsA5uleSTWt3khH+ClqG7fx2WoTDSX2+1cC6S+Ty368TfybWETvL5QFC
i+KGBhr0VMLvVDcAOea2tZ8IkEkx0Fv+zFIdr2KGf/TQrdehi/Y5gYN51J4hCOp1
A1/h37fk/JAHc3yZ82cq2RpIHMMWP2gPUJfiCTnOt97dkWcS/TA5k7uGQ3IUWFdj
A2tFWYVVh3MC4DT2S26d0BIOb/KDMlPFKa4jlw0pLbUWPOFXyXlQ+YdVReSeKeXc
n49K7k+azeX/lmmIrRp53Rvo0W929NhWpcoFx7e1w7U=
-----END CERTIFICATE-----
Generated at Sat Mar 18 00:25:51 2023 by rpki-client on console-fra.rpki-client.org