Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/788d9d23-ba3f-42c4-b1a3-80f2414efb46.roa
File: 788d9d23-ba3f-42c4-b1a3-80f2414efb46.roa (raw, json)
Hash identifier: g6pCJG/v7rkuo34ej8dtcuLU4meSrglOz71y7jLyO2M=
Subject key identifier: 9E:1E:7B:96:CD:63:C9:BC:7A:3A:8E:FE:48:F2:E0:BE:A1:31:29:D3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 79B1FD2065E89E8CE5A93D240A20DA3342CDB2FB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/788d9d23-ba3f-42c4-b1a3-80f2414efb46.roa
Signing time: Fri 06 Sep 2024 00:00:00 +0000
ROA not before: Fri 06 Sep 2024 00:00:00 +0000
ROA not after: Fri 11 Oct 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Sep 2024 20:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:b1:fd:20:65:e8:9e:8c:e5:a9:3d:24:0a:20:da:33:42:cd:b2:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 6 00:00:00 2024 GMT
Not After : Oct 11 23:59:59 2024 GMT
Subject: serialNumber=c15cdfffef62bf625fde4d651926ee4d17fffd0e62a6d16c47822cfd3ecaf79e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:22:d8:ea:fa:b0:a9:fe:38:ba:32:3f:59:76:
06:46:68:76:31:8d:fb:c6:3e:76:61:43:6e:e3:2b:
2d:a1:97:f9:56:9c:82:dd:f2:16:0e:b9:4b:89:c5:
37:ff:9b:4a:97:8e:53:c8:5a:5e:ef:34:8e:d7:e7:
0f:21:cd:0d:a4:be:e6:e2:6e:5f:74:8b:16:7a:e9:
8c:f3:61:6a:1b:98:ec:5e:fe:23:cd:16:a9:19:42:
4c:c9:f2:51:f3:47:0c:71:57:d3:e7:4e:c6:87:3e:
05:fe:ff:1c:19:96:7b:ad:58:98:eb:70:cb:ee:98:
dd:61:82:1c:34:b6:98:57:49:9b:9d:56:98:ea:62:
9e:2c:ad:36:67:57:d0:98:5e:38:ee:1a:9c:f1:5f:
b5:8e:3d:ba:32:e0:50:ad:3e:2e:2d:18:33:87:6a:
8b:b9:4b:2a:2a:45:cc:a9:dd:03:fd:b2:50:a6:b3:
a1:42:4a:ca:8a:e9:a8:78:3d:32:19:96:88:85:10:
29:d3:d6:4f:06:01:4e:56:d0:4f:d7:48:88:16:5f:
c8:14:f7:51:bf:a9:ad:80:7f:ed:4b:5f:de:71:36:
e6:fa:53:84:d8:f8:6d:d9:1b:c7:97:30:9b:38:e7:
0d:27:0f:c0:81:90:d2:b8:3c:f0:69:59:b8:4d:63:
c8:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:1E:7B:96:CD:63:C9:BC:7A:3A:8E:FE:48:F2:E0:BE:A1:31:29:D3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/788d9d23-ba3f-42c4-b1a3-80f2414efb46.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:9000::/40
Signature Algorithm: sha256WithRSAEncryption
0d:d5:21:67:51:93:9a:5a:b7:a2:ec:f2:66:81:f8:d4:05:34:
15:48:7b:b7:a9:10:f9:f3:67:a0:76:19:9c:0c:65:c4:7e:91:
3c:34:e7:20:41:b2:32:3b:76:09:30:28:a8:eb:28:53:59:55:
49:d0:74:53:8d:f7:28:de:8e:20:a0:42:ba:de:a2:b4:4a:b8:
b9:7a:96:61:98:a4:33:37:67:37:85:8e:72:27:07:58:4d:45:
63:e2:07:c4:fb:36:a3:47:52:ad:6a:42:76:92:a4:59:20:b6:
81:97:16:7f:43:c1:f4:46:b4:38:a2:bc:3f:7f:21:b8:0a:64:
2c:f8:39:67:9f:3e:52:d8:cf:7e:4a:7b:02:0d:ca:d3:42:f6:
2a:89:cd:bd:5d:6a:6d:71:13:d1:92:1f:9a:53:ec:35:42:24:
07:3b:37:b8:15:d5:c4:3a:6b:a2:d0:cd:c2:7b:28:89:a0:28:
6d:a9:43:0e:4f:46:99:ff:71:89:ca:c4:23:83:75:a5:ac:44:
67:a6:55:e9:25:23:c0:1d:4d:3d:b5:98:4e:3c:c7:03:51:df:
c9:e4:01:f7:09:be:6a:9c:58:dc:70:bc:bb:37:ec:97:a4:9e:
f0:7a:c0:f3:1d:f0:24:5a:6d:e9:c1:5d:7c:45:57:5e:64:56:
e1:32:ec:fe
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUebH9IGXonozlqT0kCiDaM0LNsvswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA5MDYwMDAwMDBaFw0yNDEwMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGMxNWNkZmZmZWY2MmJmNjI1ZmRlNGQ2NTE5MjZlZTRkMTdmZmZkMGU2MmE2
ZDE2YzQ3ODIyY2ZkM2VjYWY3OWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALIi2Or6sKn+OLoyP1l2BkZodjGN+8Y+dmFDbuMrLaGX+Vacgt3yFg65S4nF
N/+bSpeOU8haXu80jtfnDyHNDaS+5uJuX3SLFnrpjPNhahuY7F7+I80WqRlCTMny
UfNHDHFX0+dOxoc+Bf7/HBmWe61YmOtwy+6Y3WGCHDS2mFdJm51WmOpiniytNmdX
0JheOO4anPFftY49ujLgUK0+Li0YM4dqi7lLKipFzKndA/2yUKazoUJKyorpqHg9
MhmWiIUQKdPWTwYBTlbQT9dIiBZfyBT3Ub+prYB/7Utf3nE25vpThNj4bdkbx5cw
mzjnDScPwIGQ0rg88GlZuE1jyMUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSeHnuW
zWPJvHo6jv5I8uC+oTEp0zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Nzg4ZDlkMjMtYmEzZi00MmM0LWIxYTMtODBmMjQxNGVmYjQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DiQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAN1SFnUZOaWrei7PJmgfjUBTQVSHu3qRD582eg
dhmcDGXEfpE8NOcgQbIyO3YJMCio6yhTWVVJ0HRTjfco3o4goEK63qK0Sri5epZh
mKQzN2c3hY5yJwdYTUVj4gfE+zajR1KtakJ2kqRZILaBlxZ/Q8H0RrQ4orw/fyG4
CmQs+Dlnnz5S2M9+SnsCDcrTQvYqic29XWptcRPRkh+aU+w1QiQHOze4FdXEOmui
0M3CeyiJoChtqUMOT0aZ/3GJysQjg3WlrERnplXpJSPAHU09tZhOPMcDUd/J5AH3
Cb5qnFjccLy7N+yXpJ7wesDzHfAkWm3pwV18RVdeZFbhMuz+
-----END CERTIFICATE-----
Generated at Sat Sep 7 01:39:49 2024 by rpki-client on console-ams.rpki-client.org