Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f8d79c6-b773-4073-9ff4-2210e6a111b7.roa
File: 6f8d79c6-b773-4073-9ff4-2210e6a111b7.roa (raw, json)
Hash identifier: McyXUQN+SkKXadl7sU4SSX5ETUv88Fh65XKhfw/GV8w=
Subject key identifier: C5:9C:FA:95:04:7C:95:C6:2D:FF:34:5E:F5:D6:C4:D4:DB:B9:C9:9F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5EB4DCBDAC8D5D1ADA7CD92E73EB239B57460F80
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f8d79c6-b773-4073-9ff4-2210e6a111b7.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:b4:dc:bd:ac:8d:5d:1a:da:7c:d9:2e:73:eb:23:9b:57:46:0f:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=347a4eba11d2964e923849503e757abf9cfa919a159f59f8a240af2dbbf04f8c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:94:24:2d:3d:1f:76:11:3d:09:1d:2c:de:b6:
05:91:8f:8a:ab:7e:81:1a:ed:f9:a2:f1:99:d1:74:
5d:c8:d4:4e:f0:d1:84:91:f2:c5:c4:8f:05:51:7f:
a6:2c:d2:20:1a:ef:d2:2f:d9:f6:bc:ad:83:93:c0:
43:58:05:54:d8:d1:7f:7b:06:66:8c:73:b2:e1:25:
97:c4:67:c1:a6:a1:6d:d8:8c:f7:08:76:3b:2d:f1:
f6:77:d1:b3:9e:34:2b:99:31:e3:9d:e9:6f:cb:48:
16:6a:17:8b:20:43:9e:1f:15:d4:64:79:4a:e6:1a:
1c:a2:62:df:bd:b0:43:54:4c:60:77:8c:b1:17:f0:
09:7f:27:91:51:0d:a1:73:23:70:11:12:28:99:4a:
82:d4:e6:dc:a5:dd:83:df:fe:8d:2a:f1:2f:5d:64:
80:dc:93:5a:63:21:dd:86:99:36:77:0e:8b:e8:3a:
9e:13:6b:57:21:93:2b:df:92:d8:f3:73:f1:98:43:
f6:51:f9:65:f8:91:84:3a:7b:45:17:1b:2f:0d:6d:
9f:50:87:77:23:90:68:45:97:00:6a:e8:1a:3f:3a:
ca:97:c3:15:01:b0:be:e8:aa:f0:4b:10:74:fa:6e:
fa:93:3e:92:b8:ee:4e:9a:81:9b:39:4c:08:3e:99:
8d:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:9C:FA:95:04:7C:95:C6:2D:FF:34:5E:F5:D6:C4:D4:DB:B9:C9:9F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f8d79c6-b773-4073-9ff4-2210e6a111b7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:1000::/40
Signature Algorithm: sha256WithRSAEncryption
25:cf:cf:b0:9e:5d:0c:86:55:8a:1e:85:bd:d9:d5:3a:56:9e:
82:20:86:ee:c3:1e:b2:4e:59:2b:43:5d:a5:97:29:c8:01:79:
28:5d:95:75:1d:69:fd:9d:e9:56:3c:5a:c3:51:7a:34:2e:b4:
d8:03:25:8a:45:b7:bc:ec:c2:d6:9d:99:4c:ef:ac:1d:26:f2:
f3:7d:58:da:7b:51:4b:a9:d3:7e:59:ef:da:45:58:f5:bd:0c:
32:9b:d7:cc:1f:69:94:46:d8:d1:b3:a4:cd:25:0a:53:c5:66:
5d:85:93:c6:0b:48:76:9f:a2:51:43:84:8a:f6:f6:b6:5d:b2:
c3:08:e1:9c:8e:e6:5b:ba:38:2e:07:1c:75:4a:a6:4b:ea:bc:
81:67:fa:9d:97:e7:0d:9c:21:fb:c8:64:d5:e9:62:d2:72:56:
d1:19:38:ac:c0:ff:71:e7:c5:d2:e1:46:9a:e6:ae:9e:5e:52:
05:6a:2f:a0:73:9d:84:ae:2d:d0:77:e1:2c:97:e7:54:d7:7e:
90:7d:ed:c1:b7:2e:52:63:a2:12:0a:c9:35:ff:bb:27:59:e7:
5d:88:08:3a:ca:41:54:21:e4:05:63:47:c1:72:1c:15:7b:d0:
e1:90:4f:e5:ca:f3:55:c1:d3:fd:08:fc:92:39:44:87:14:93:
bf:88:38:71
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXrTcvayNXRrafNkuc+sjm1dGD4AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDM0N2E0ZWJhMTFkMjk2NGU5MjM4NDk1MDNlNzU3YWJmOWNmYTkxOWExNTlm
NTlmOGEyNDBhZjJkYmJmMDRmOGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMWUJC09H3YRPQkdLN62BZGPiqt+gRrt+aLxmdF0XcjUTvDRhJHyxcSPBVF/
pizSIBrv0i/Z9rytg5PAQ1gFVNjRf3sGZoxzsuEll8RnwaahbdiM9wh2Oy3x9nfR
s540K5kx453pb8tIFmoXiyBDnh8V1GR5SuYaHKJi372wQ1RMYHeMsRfwCX8nkVEN
oXMjcBESKJlKgtTm3KXdg9/+jSrxL11kgNyTWmMh3YaZNncOi+g6nhNrVyGTK9+S
2PNz8ZhD9lH5ZfiRhDp7RRcbLw1tn1CHdyOQaEWXAGroGj86ypfDFQGwvuiq8EsQ
dPpu+pM+krjuTpqBmzlMCD6ZjQ0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTFnPqV
BHyVxi3/NF711sTU27nJnzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmY4ZDc5YzYtYjc3My00MDczLTlmZjQtMjIxMGU2YTExMWI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H4Q
MA0GCSqGSIb3DQEBCwUAA4IBAQAlz8+wnl0MhlWKHoW92dU6Vp6CIIbuwx6yTlkr
Q12llynIAXkoXZV1HWn9nelWPFrDUXo0LrTYAyWKRbe87MLWnZlM76wdJvLzfVja
e1FLqdN+We/aRVj1vQwym9fMH2mURtjRs6TNJQpTxWZdhZPGC0h2n6JRQ4SK9va2
XbLDCOGcjuZbujguBxx1SqZL6ryBZ/qdl+cNnCH7yGTV6WLSclbRGTiswP9x58XS
4Uaa5q6eXlIFai+gc52Eri3Qd+Esl+dU136Qfe3Bty5SY6ISCsk1/7snWeddiAg6
ykFUIeQFY0fBchwVe9DhkE/lyvNVwdP9CPySOUSHFJO/iDhx
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:26 2023 by rpki-client on console-ams.rpki-client.org