Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7caaf316-225a-49cc-a12f-2d0e1fec97d9.roa
File: 7caaf316-225a-49cc-a12f-2d0e1fec97d9.roa (raw, json)
Hash identifier: u3bRB6QhUtIGx2+nAVVpdXxHTiacrfB79xTKUXE4S48=
Subject key identifier: E0:53:71:E9:D4:DF:6D:6F:DF:CA:47:53:9D:1F:DA:0B:E8:B4:51:58
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0853B5FB8B5FB52B6329A9D5991D591ABC6E1926
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7caaf316-225a-49cc-a12f-2d0e1fec97d9.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d070:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:53:b5:fb:8b:5f:b5:2b:63:29:a9:d5:99:1d:59:1a:bc:6e:19:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=d136b93978f481d1acf92b4ee2f24d3306ea525d74bb99bfced5cf7fc0f3f2b3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:cf:ce:54:68:bb:f4:d1:84:d4:51:c3:dc:0e:
a0:47:e2:c1:39:99:0f:cc:cd:19:02:c6:58:7e:a5:
ae:f6:bd:5e:48:18:25:ec:ce:dd:07:0e:a9:da:71:
2b:eb:93:19:ee:cc:fb:19:19:42:d9:7f:e2:cc:d9:
66:ec:d4:71:ee:b7:57:a3:50:f9:d2:fd:e5:a4:24:
54:e3:0d:3c:93:c8:9d:80:43:c9:69:36:c0:de:f4:
ef:29:86:72:03:3a:76:6d:24:fa:a6:73:37:0f:32:
a9:78:81:57:c7:4a:c1:43:82:11:1d:20:53:ab:fb:
b9:c7:bd:a5:02:b8:e4:c4:2e:10:f3:17:e4:79:78:
56:5a:b0:87:a3:d4:d4:d6:c1:ab:08:1e:96:bc:a1:
db:c4:b0:3e:9b:06:d1:6a:30:1f:ff:75:c3:6a:e5:
cc:6b:bd:02:97:17:b5:41:9d:75:7b:d5:90:c0:b1:
77:fb:13:45:df:1a:d0:61:f2:33:f6:41:91:de:18:
0b:a6:f3:96:80:ca:47:12:af:a8:69:09:54:f1:32:
d8:1a:b4:0d:01:e4:92:97:f3:ee:67:75:f1:57:d8:
d1:72:50:de:a5:90:9d:07:cf:a9:a2:38:85:4c:aa:
36:3c:be:c2:a6:ca:28:8a:75:34:c5:b9:6d:63:7b:
3e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:53:71:E9:D4:DF:6D:6F:DF:CA:47:53:9D:1F:DA:0B:E8:B4:51:58
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7caaf316-225a-49cc-a12f-2d0e1fec97d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d070:a000::/40
Signature Algorithm: sha256WithRSAEncryption
51:b4:73:d8:c5:8d:37:a8:c7:ce:85:8b:52:dd:d4:fe:c6:d1:
bf:c2:ab:51:03:51:5d:da:96:03:c5:79:61:16:8b:ac:e2:41:
91:a3:85:bd:24:23:71:e6:5c:57:d6:72:af:31:d1:eb:32:4a:
ba:a5:72:6e:10:84:9c:e5:a2:7f:08:3e:f5:df:c5:59:b6:02:
7c:ab:3a:82:e2:5f:d3:a4:ad:69:75:18:7d:94:52:d4:03:b5:
38:1b:a3:58:52:a6:34:0b:3e:ce:7b:a0:f9:44:d0:42:df:76:
fa:2f:75:29:cc:2c:f4:cc:2b:6b:1e:e5:26:28:28:b9:ef:49:
1d:a6:2e:cb:6e:51:33:64:14:ad:c0:7d:36:90:7f:49:7f:35:
25:b2:0b:0a:b9:c6:be:3f:34:f2:9f:76:ec:47:7b:8f:9c:8d:
46:7b:a5:ff:03:37:02:d4:82:13:c4:e4:89:9f:6d:3a:1c:3f:
53:df:12:18:95:7e:99:69:4a:04:4d:6f:99:26:b7:31:4a:75:
ec:de:c9:30:3a:e8:0a:e3:65:0a:c7:d5:94:66:15:8f:45:92:
d4:0a:cd:5e:49:37:b7:67:5c:e4:7a:e4:b8:e9:4f:a0:90:ac:
d2:27:85:41:6e:2e:cb:25:15:23:1b:ba:27:b3:7f:05:b3:1e:
75:76:db:dd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCFO1+4tftStjKanVmR1ZGrxuGSYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxMzZiOTM5NzhmNDgxZDFhY2Y5MmI0ZWUyZjI0ZDMzMDZlYTUyNWQ3NGJi
OTliZmNlZDVjZjdmYzBmM2YyYjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALHPzlRou/TRhNRRw9wOoEfiwTmZD8zNGQLGWH6lrva9XkgYJezO3QcOqdpx
K+uTGe7M+xkZQtl/4szZZuzUce63V6NQ+dL95aQkVOMNPJPInYBDyWk2wN707ymG
cgM6dm0k+qZzNw8yqXiBV8dKwUOCER0gU6v7uce9pQK45MQuEPMX5Hl4Vlqwh6PU
1NbBqwgelryh28SwPpsG0WowH/91w2rlzGu9ApcXtUGddXvVkMCxd/sTRd8a0GHy
M/ZBkd4YC6bzloDKRxKvqGkJVPEy2Bq0DQHkkpfz7md18VfY0XJQ3qWQnQfPqaI4
hUyqNjy+wqbKKIp1NMW5bWN7PkECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTgU3Hp
1N9tb9/KR1OdH9oL6LRRWDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2NhYWYzMTYtMjI1YS00OWNjLWExMmYtMmQwZTFmZWM5N2Q5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HCg
MA0GCSqGSIb3DQEBCwUAA4IBAQBRtHPYxY03qMfOhYtS3dT+xtG/wqtRA1Fd2pYD
xXlhFous4kGRo4W9JCNx5lxX1nKvMdHrMkq6pXJuEISc5aJ/CD7138VZtgJ8qzqC
4l/TpK1pdRh9lFLUA7U4G6NYUqY0Cz7Oe6D5RNBC33b6L3UpzCz0zCtrHuUmKCi5
70kdpi7LblEzZBStwH02kH9JfzUlsgsKuca+PzTyn3bsR3uPnI1Ge6X/AzcC1IIT
xOSJn206HD9T3xIYlX6ZaUoETW+ZJrcxSnXs3skwOugK42UKx9WUZhWPRZLUCs1e
STe3Z1zkeuS46U+gkKzSJ4VBbi7LJRUjG7ons38Fsx51dtvd
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:26 2023 by rpki-client on console-ams.rpki-client.org