Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7802179a-c80f-42f1-a50b-a0af1df078c2.roa
File: 7802179a-c80f-42f1-a50b-a0af1df078c2.roa (raw, json)
Hash identifier: 4KCxKlMefZrXyo8syo/eiPW6Ne1QRcrXoTwUEedzquE=
Subject key identifier: 6E:24:E6:F0:E9:E7:D5:61:E8:F7:70:AD:AF:60:13:67:E2:84:65:F2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 465A52C61271CB6C7DF1FAB05833B5B71C0E96E6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7802179a-c80f-42f1-a50b-a0af1df078c2.roa
Signing time: Fri 06 Sep 2024 00:00:00 +0000
ROA not before: Fri 06 Sep 2024 00:00:00 +0000
ROA not after: Fri 11 Oct 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Sep 2024 20:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:5a:52:c6:12:71:cb:6c:7d:f1:fa:b0:58:33:b5:b7:1c:0e:96:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 6 00:00:00 2024 GMT
Not After : Oct 11 23:59:59 2024 GMT
Subject: serialNumber=dd15f01ccddc42b2f27af15644e4887af06cd9d646c2886902a7915abdc217d4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a8:51:c9:1e:ac:5b:cd:8e:13:fb:92:79:a0:
73:1e:d1:cd:c2:d3:cb:39:e3:dc:fa:c9:96:57:32:
a8:1c:72:f3:bd:82:d9:3e:6d:cc:7f:a1:d1:5c:15:
68:c4:7b:66:55:df:1a:21:b7:bf:3e:68:a0:94:7a:
58:ef:bd:27:8b:1e:06:c6:f2:22:32:f0:17:02:16:
3c:16:0f:92:bc:ae:88:c5:59:51:e9:9c:ad:de:3e:
26:d2:aa:f8:e6:19:07:a1:d1:ab:6e:7b:3e:a1:27:
c9:55:fa:f6:c0:6b:8b:47:34:e0:8f:c6:7d:3a:55:
50:0b:9b:a1:94:77:1f:e3:a0:a6:3c:42:f2:b9:17:
7c:ed:99:81:7f:6c:74:2a:07:30:91:37:82:bc:20:
90:76:0f:4d:64:80:a3:83:be:eb:ba:7f:49:89:d5:
9a:53:40:da:96:24:6d:e3:da:60:00:ea:b3:cc:4d:
46:fb:ba:70:dd:41:e1:06:71:a3:c9:b2:d5:52:b2:
6b:aa:b0:c0:03:bb:66:9c:8d:53:12:ed:b3:7d:10:
e9:90:39:4c:36:9f:3e:6e:ca:a0:79:2d:43:97:3b:
6f:45:65:ce:03:08:d2:cf:11:dd:c0:c5:a0:bf:eb:
c3:ad:42:d8:12:45:d0:89:76:6f:de:7f:ee:59:03:
5f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:24:E6:F0:E9:E7:D5:61:E8:F7:70:AD:AF:60:13:67:E2:84:65:F2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7802179a-c80f-42f1-a50b-a0af1df078c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:4000::/40
Signature Algorithm: sha256WithRSAEncryption
77:09:1b:8e:0b:b7:11:29:3b:1a:fb:49:e9:42:d2:6f:f0:0e:
89:79:6e:2b:22:35:4a:14:1b:65:71:6c:6e:9e:51:e7:de:f8:
68:eb:ce:62:de:f9:bf:37:e1:f9:87:2d:eb:bc:73:ab:de:34:
83:4e:f6:b4:85:46:01:bf:43:cc:82:44:53:e9:82:4c:da:4d:
e9:8c:97:4c:a3:bf:d1:9f:09:9a:3e:85:a9:82:e4:b3:7f:27:
73:5b:a7:26:84:22:6c:33:8b:5a:79:0a:7c:38:a4:3a:33:32:
12:ab:57:41:a7:98:6d:75:d7:19:9a:74:76:19:b6:87:d7:8b:
52:98:0e:a0:42:06:71:24:9e:9e:52:55:37:4e:1d:73:92:85:
38:c3:be:59:9f:50:21:04:09:5d:e8:e0:4d:b1:8d:f7:53:6e:
30:82:3f:c4:95:5d:b9:3b:70:b2:9a:b7:93:28:12:ef:28:f8:
42:f0:d7:c5:75:77:aa:43:cb:b8:87:42:a9:30:11:c8:75:0c:
3f:74:1c:fd:34:32:0d:45:85:7e:63:30:b0:13:da:30:53:57:
66:15:50:67:a8:41:ef:2e:23:a2:72:25:50:6b:a6:01:67:b4:
32:dc:bd:a0:b7:62:19:d2:52:bf:e9:3c:77:a5:ad:02:5b:48:
f1:7f:3b:ff
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURlpSxhJxy2x98fqwWDO1txwOluYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA5MDYwMDAwMDBaFw0yNDEwMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkMTVmMDFjY2RkYzQyYjJmMjdhZjE1NjQ0ZTQ4ODdhZjA2Y2Q5ZDY0NmMy
ODg2OTAyYTc5MTVhYmRjMjE3ZDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ+oUckerFvNjhP7knmgcx7RzcLTyznj3PrJllcyqBxy872C2T5tzH+h0VwV
aMR7ZlXfGiG3vz5ooJR6WO+9J4seBsbyIjLwFwIWPBYPkryuiMVZUemcrd4+JtKq
+OYZB6HRq257PqEnyVX69sBri0c04I/GfTpVUAuboZR3H+OgpjxC8rkXfO2ZgX9s
dCoHMJE3grwgkHYPTWSAo4O+67p/SYnVmlNA2pYkbePaYADqs8xNRvu6cN1B4QZx
o8my1VKya6qwwAO7ZpyNUxLts30Q6ZA5TDafPm7KoHktQ5c7b0VlzgMI0s8R3cDF
oL/rw61C2BJF0Il2b95/7lkDX9kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRuJObw
6efVYej3cK2vYBNn4oRl8jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzgwMjE3OWEtYzgwZi00MmYxLWE1MGItYTBhZjFkZjA3OGMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FlA
MA0GCSqGSIb3DQEBCwUAA4IBAQB3CRuOC7cRKTsa+0npQtJv8A6JeW4rIjVKFBtl
cWxunlHn3vho685i3vm/N+H5hy3rvHOr3jSDTva0hUYBv0PMgkRT6YJM2k3pjJdM
o7/RnwmaPoWpguSzfydzW6cmhCJsM4taeQp8OKQ6MzISq1dBp5htddcZmnR2GbaH
14tSmA6gQgZxJJ6eUlU3Th1zkoU4w75Zn1AhBAld6OBNsY33U24wgj/ElV25O3Cy
mreTKBLvKPhC8NfFdXeqQ8u4h0KpMBHIdQw/dBz9NDINRYV+YzCwE9owU1dmFVBn
qEHvLiOiciVQa6YBZ7Qy3L2gt2IZ0lK/6Tx3pa0CW0jxfzv/
-----END CERTIFICATE-----
Generated at Sat Sep 7 01:39:49 2024 by rpki-client on console-ams.rpki-client.org