Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/706b4d5a-dbff-436a-9e9a-0c243ef12d01.roa
File: 706b4d5a-dbff-436a-9e9a-0c243ef12d01.roa (raw, json)
Hash identifier: 4MPTykpU3CD762Q9cotS26fdBbzI/Hxnrt06DTxjWvQ=
Subject key identifier: 94:A8:98:6F:02:E0:F1:E1:2B:A4:DD:64:31:E9:AF:28:52:B8:BE:36
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 319EE818078D93733007F3EB5C1FBD4510A76E11
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/706b4d5a-dbff-436a-9e9a-0c243ef12d01.roa
Signing time: Tue 23 Apr 2024 00:00:00 +0000
ROA not before: Tue 23 Apr 2024 00:00:00 +0000
ROA not after: Tue 28 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d079:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Apr 2024 08:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:9e:e8:18:07:8d:93:73:30:07:f3:eb:5c:1f:bd:45:10:a7:6e:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 23 00:00:00 2024 GMT
Not After : May 28 23:59:59 2024 GMT
Subject: serialNumber=3c867e448c9d97e6b8c9de9e19a6366bc6651d47569d9e9da4314d340ef1aafd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:22:ed:89:8e:99:92:73:3e:f6:40:73:6b:24:
ea:7c:06:e9:f3:14:46:ac:5d:29:c4:16:76:dc:ac:
06:f2:85:c3:3d:91:b6:2f:14:84:b2:c0:42:3c:37:
59:62:71:d8:5a:6b:e0:0e:19:db:1b:97:78:3e:98:
dd:99:89:1a:c6:d7:42:6b:2e:67:25:90:ef:53:64:
4e:47:6b:4a:c1:08:04:13:a1:2a:04:65:d2:b5:7d:
cf:77:dd:b2:02:8d:28:90:e6:aa:f8:1c:b2:df:f9:
68:28:d4:f0:df:3a:b4:4e:86:ee:ac:dc:66:79:c5:
bd:cb:80:75:c8:df:6e:c3:bc:cf:21:1b:65:d8:75:
cc:da:66:74:58:c7:24:ad:3d:7e:38:20:48:58:d3:
24:12:02:0a:c6:31:15:4d:98:90:01:7d:9e:0e:da:
bc:77:1a:ec:f4:3c:59:36:be:cd:0c:eb:5c:27:a5:
0c:32:63:7f:2d:1d:31:3b:47:96:d2:9a:7f:b0:be:
8e:aa:ee:51:5d:dd:91:67:df:bd:34:61:bb:c2:48:
0e:74:ec:2e:8a:54:15:13:3f:15:56:59:85:a1:64:
ff:9e:33:a3:00:4b:4e:74:b2:27:0a:50:5a:18:12:
8b:a5:eb:44:1a:33:4d:3b:76:c1:7a:45:d3:fe:39:
e8:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:A8:98:6F:02:E0:F1:E1:2B:A4:DD:64:31:E9:AF:28:52:B8:BE:36
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/706b4d5a-dbff-436a-9e9a-0c243ef12d01.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d079:9000::/40
Signature Algorithm: sha256WithRSAEncryption
30:47:7c:2a:f7:73:5d:df:53:18:db:64:95:97:93:b9:65:f7:
e5:b5:7c:74:07:f9:53:75:ad:e0:51:c0:31:f4:54:6c:37:00:
10:81:43:80:de:1c:ef:03:f1:af:67:4c:da:bd:fd:89:7f:48:
89:38:f4:4a:81:a6:90:de:ec:7e:12:66:5c:0e:f0:f8:5c:46:
3c:62:40:ce:64:97:4c:36:f3:27:67:59:fa:2b:aa:fd:5e:45:
66:2f:3c:4e:df:40:a4:5d:e8:2c:dc:95:86:53:9a:50:19:2f:
92:8d:5e:e7:2c:42:f3:8a:7b:13:ce:08:04:2c:e0:a9:e4:cc:
41:66:f4:ec:6c:cd:c4:cf:c3:49:33:e0:03:84:a6:30:78:a1:
08:75:36:12:aa:40:cc:7d:75:b8:a5:11:8d:62:cf:1e:5d:24:
96:f2:46:7c:52:71:cc:23:c9:67:07:ec:ea:99:b9:5e:85:f5:
1a:12:fe:d8:07:ba:be:1f:a5:c2:9b:a5:a7:3c:6b:d4:09:21:
58:e5:b8:44:c4:8b:4a:43:4b:43:27:6f:16:87:f4:a6:6c:11:
16:a0:2d:57:11:ac:0a:91:97:5f:02:84:db:15:39:b2:ff:9d:
db:e1:11:82:33:9b:2a:b5:c5:3d:9d:3a:4e:64:af:72:db:fa:
a7:bc:4b:65
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMZ7oGAeNk3MwB/PrXB+9RRCnbhEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MjMwMDAwMDBaFw0yNDA1MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDNjODY3ZTQ0OGM5ZDk3ZTZiOGM5ZGU5ZTE5YTYzNjZiYzY2NTFkNDc1Njlk
OWU5ZGE0MzE0ZDM0MGVmMWFhZmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN4i7YmOmZJzPvZAc2sk6nwG6fMURqxdKcQWdtysBvKFwz2Rti8UhLLAQjw3
WWJx2Fpr4A4Z2xuXeD6Y3ZmJGsbXQmsuZyWQ71NkTkdrSsEIBBOhKgRl0rV9z3fd
sgKNKJDmqvgcst/5aCjU8N86tE6G7qzcZnnFvcuAdcjfbsO8zyEbZdh1zNpmdFjH
JK09fjggSFjTJBICCsYxFU2YkAF9ng7avHca7PQ8WTa+zQzrXCelDDJjfy0dMTtH
ltKaf7C+jqruUV3dkWffvTRhu8JIDnTsLopUFRM/FVZZhaFk/54zowBLTnSyJwpQ
WhgSi6XrRBozTTt2wXpF0/456N0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSUqJhv
AuDx4Suk3WQx6a8oUri+NjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzA2YjRkNWEtZGJmZi00MzZhLTllOWEtMGMyNDNlZjEyZDAxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HmQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAwR3wq93Nd31MY22SVl5O5ZffltXx0B/lTda3g
UcAx9FRsNwAQgUOA3hzvA/GvZ0zavf2Jf0iJOPRKgaaQ3ux+EmZcDvD4XEY8YkDO
ZJdMNvMnZ1n6K6r9XkVmLzxO30CkXegs3JWGU5pQGS+SjV7nLELzinsTzggELOCp
5MxBZvTsbM3Ez8NJM+ADhKYweKEIdTYSqkDMfXW4pRGNYs8eXSSW8kZ8UnHMI8ln
B+zqmblehfUaEv7YB7q+H6XCm6WnPGvUCSFY5bhExItKQ0tDJ28Wh/SmbBEWoC1X
EawKkZdfAoTbFTmy/53b4RGCM5sqtcU9nTpOZK9y2/qnvEtl
-----END CERTIFICATE-----
Generated at Fri Apr 26 13:36:04 2024 by rpki-client on console-ams.rpki-client.org