Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6c5c713e-8a57-4e2a-8fc2-b9d88b0df53f.roa
File: 6c5c713e-8a57-4e2a-8fc2-b9d88b0df53f.roa (raw, json)
Hash identifier: MT2821JFAaxtn7Hwm7AEv4NavDKA7i+pYNpu2M9Xo24=
Subject key identifier: 77:9B:C1:DF:DC:6D:3F:AA:0D:4F:DF:93:CE:6E:2C:42:E9:BB:C5:93
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 73A1CB3AA1B19617FCE3C8E31E73561C9C4AC5B9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6c5c713e-8a57-4e2a-8fc2-b9d88b0df53f.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:a1:cb:3a:a1:b1:96:17:fc:e3:c8:e3:1e:73:56:1c:9c:4a:c5:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=e27057c9dc39809c2e8d6ea4e89a316957cc2033f94a89583b629b03c3da2333, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d0:54:8b:76:c2:51:49:be:b9:c2:29:d9:92:
e5:37:45:5a:d4:29:a4:e4:6b:c2:54:79:3e:d7:b3:
bf:2d:13:2f:a4:2b:4e:75:b6:1c:37:13:74:95:bb:
19:50:bd:e2:20:7c:30:bf:31:b5:d8:6b:07:3b:1e:
80:54:bc:33:e8:e5:1e:58:0a:33:78:74:93:d7:2c:
d0:5c:94:ba:ec:97:e2:a0:44:02:9d:e8:bb:3f:a2:
c3:a8:03:99:25:93:ba:70:87:8a:90:a2:00:4d:d4:
cf:18:17:4b:f5:de:90:6f:67:1f:be:be:86:4e:1b:
b9:e2:07:87:70:7c:3b:f5:fd:68:7a:28:96:8f:f8:
82:89:2e:dc:8e:bb:b0:ae:77:5d:f0:a2:46:14:f0:
61:8f:db:a4:aa:74:4c:f2:dd:2e:03:f8:d0:f8:58:
62:a5:b0:dd:63:c7:11:ec:88:5f:da:f6:7a:31:00:
2a:17:1d:0a:19:1f:0d:8d:c6:7a:22:fc:d1:63:7d:
fb:be:41:c5:e3:ba:49:05:9a:37:06:7b:6d:45:9c:
74:3c:db:12:ea:9c:c7:f9:a6:7f:57:a0:ec:b1:14:
8c:8f:bd:4e:4a:5d:e6:12:24:9c:24:8e:87:ee:5e:
fe:9c:52:f6:b6:63:30:80:2a:d3:6a:cb:0a:71:65:
88:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:9B:C1:DF:DC:6D:3F:AA:0D:4F:DF:93:CE:6E:2C:42:E9:BB:C5:93
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6c5c713e-8a57-4e2a-8fc2-b9d88b0df53f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8000::/40
Signature Algorithm: sha256WithRSAEncryption
0c:91:0f:4a:fc:14:2a:e8:64:93:04:99:a9:e2:44:df:2b:92:
ae:72:ef:00:19:12:d5:43:14:59:2e:84:92:8d:04:5b:85:27:
52:4b:00:1e:b8:32:94:b9:a4:e1:3d:b3:78:21:88:3c:67:ee:
3c:2a:0b:53:f4:e4:d6:62:f0:0e:18:0c:f6:43:ad:b5:c0:6d:
70:17:b0:f3:f7:6f:ca:9a:5e:7b:36:cd:6f:f2:1e:b0:14:16:
fc:51:b9:20:5d:21:43:d1:4e:84:cc:2f:aa:fa:af:70:bd:d2:
b3:c8:d5:05:80:18:36:96:b1:d3:59:21:0f:ad:68:9e:02:30:
4e:a1:fa:44:9b:a9:a5:e4:b9:17:32:d3:b1:cc:8f:c4:d8:58:
a6:06:41:35:af:12:1d:ab:c6:d1:f0:ef:b1:4f:17:2e:40:cb:
6d:07:7b:65:fa:03:a9:4f:b7:4c:7c:4a:3c:f7:fb:3c:28:59:
1c:35:ab:33:f7:c1:d3:3d:fe:19:89:29:ca:17:3a:d5:ed:35:
55:0e:a0:fa:56:94:68:9a:9c:51:82:db:2c:fd:80:60:ad:f2:
38:2d:c5:02:ed:51:3c:e5:b6:30:54:e6:27:f9:54:b1:45:48:
18:11:d2:28:ee:98:c1:1e:c2:82:fa:05:d0:dd:d2:43:b1:a5:
5e:e9:90:82
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUc6HLOqGxlhf848jjHnNWHJxKxbkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyNzA1N2M5ZGMzOTgwOWMyZThkNmVhNGU4OWEzMTY5NTdjYzIwMzNmOTRh
ODk1ODNiNjI5YjAzYzNkYTIzMzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALjQVIt2wlFJvrnCKdmS5TdFWtQppORrwlR5Ptezvy0TL6QrTnW2HDcTdJW7
GVC94iB8ML8xtdhrBzsegFS8M+jlHlgKM3h0k9cs0FyUuuyX4qBEAp3ouz+iw6gD
mSWTunCHipCiAE3UzxgXS/XekG9nH76+hk4bueIHh3B8O/X9aHoolo/4goku3I67
sK53XfCiRhTwYY/bpKp0TPLdLgP40PhYYqWw3WPHEeyIX9r2ejEAKhcdChkfDY3G
eiL80WN9+75BxeO6SQWaNwZ7bUWcdDzbEuqcx/mmf1eg7LEUjI+9Tkpd5hIknCSO
h+5e/pxS9rZjMIAq02rLCnFliK0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR3m8Hf
3G0/qg1P35PObixC6bvFkzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmM1YzcxM2UtOGE1Ny00ZTJhLThmYzItYjlkODhiMGRmNTNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H+A
MA0GCSqGSIb3DQEBCwUAA4IBAQAMkQ9K/BQq6GSTBJmp4kTfK5Kucu8AGRLVQxRZ
LoSSjQRbhSdSSwAeuDKUuaThPbN4IYg8Z+48KgtT9OTWYvAOGAz2Q621wG1wF7Dz
92/Kml57Ns1v8h6wFBb8UbkgXSFD0U6EzC+q+q9wvdKzyNUFgBg2lrHTWSEPrWie
AjBOofpEm6ml5LkXMtOxzI/E2FimBkE1rxIdq8bR8O+xTxcuQMttB3tl+gOpT7dM
fEo89/s8KFkcNasz98HTPf4ZiSnKFzrV7TVVDqD6VpRompxRgtss/YBgrfI4LcUC
7VE85bYwVOYn+VSxRUgYEdIo7pjBHsKC+gXQ3dJDsaVe6ZCC
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:26 2023 by rpki-client on console-ams.rpki-client.org