Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7caaf316-225a-49cc-a12f-2d0e1fec97d9.roa
File: 7caaf316-225a-49cc-a12f-2d0e1fec97d9.roa (raw, json)
Hash identifier: M78KesD9NmT0LePHhXc5dcXk+jui5NwlJKh8th6WMTQ=
Subject key identifier: 04:01:8D:AE:82:36:67:09:3B:72:AE:61:3D:5C:17:62:35:85:2B:DD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 220D7F42FB2B16C703FA4E2897D339ED99DBFBBB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7caaf316-225a-49cc-a12f-2d0e1fec97d9.roa
Signing time: Mon 29 Apr 2024 00:00:00 +0000
ROA not before: Mon 29 Apr 2024 00:00:00 +0000
ROA not after: Mon 03 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d070:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:0d:7f:42:fb:2b:16:c7:03:fa:4e:28:97:d3:39:ed:99:db:fb:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 29 00:00:00 2024 GMT
Not After : Jun 3 23:59:59 2024 GMT
Subject: serialNumber=d6afe3c3412659d0b3a97dde3980f3188742d8045cbdcdde08886bf79f4684ee, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:cb:47:c7:31:6a:50:e6:63:87:7b:55:5d:6f:
94:9e:1d:e5:5c:a4:91:f7:ce:91:0f:00:84:03:f8:
c3:c9:56:7d:bf:9f:fe:e4:e9:96:92:ea:98:bd:1c:
f6:6d:1f:7e:34:99:75:c3:34:25:9d:92:fb:4a:8b:
ce:48:8a:4e:a9:59:b2:39:c8:62:2e:1a:70:67:2b:
ce:3c:6e:63:4e:d5:16:0f:74:9d:66:65:cd:bc:df:
37:2f:59:15:d4:77:54:4d:15:73:b4:c8:f3:e2:8d:
8d:9c:fb:ad:a9:64:46:28:b0:81:55:a0:9e:c2:5e:
84:5b:99:a0:f7:04:9b:83:d2:f0:0b:0e:35:ff:5a:
4c:49:c0:1c:73:85:2d:a5:d3:95:eb:3f:18:ef:7a:
a6:09:93:65:23:9b:d7:06:03:d6:ce:ea:92:ab:c0:
24:62:1b:68:9d:03:62:00:52:8c:ba:93:d9:f6:67:
2b:98:68:27:7a:11:e6:b4:70:67:7d:d7:47:f8:58:
84:c6:97:d6:1f:44:51:85:c6:84:51:ed:a1:51:fb:
d1:a3:71:0c:d0:65:62:18:79:9a:80:56:08:f7:6e:
83:a5:f6:64:cb:b6:ba:41:ca:8c:42:55:8f:36:ec:
13:df:56:b3:77:4d:b5:1f:7b:93:92:b7:37:c9:21:
22:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:01:8D:AE:82:36:67:09:3B:72:AE:61:3D:5C:17:62:35:85:2B:DD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7caaf316-225a-49cc-a12f-2d0e1fec97d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d070:a000::/40
Signature Algorithm: sha256WithRSAEncryption
88:95:97:d8:51:67:7f:de:29:30:df:99:84:35:88:60:4b:1b:
bc:b4:1b:d9:1a:1b:d5:53:66:7d:c3:e4:e7:f0:f8:dd:14:4e:
35:c5:f6:24:54:c5:48:fd:24:7c:a4:8a:16:4f:c0:aa:eb:f3:
75:05:9d:90:ac:57:1e:6a:65:ec:02:5d:6c:18:05:d2:7d:71:
d4:af:7d:32:a9:a4:d8:12:97:b1:ef:60:bf:42:e8:d5:5c:bb:
b5:12:f6:81:5d:09:19:59:0e:7e:f8:38:f1:d2:90:21:c0:6a:
21:ed:2e:24:73:39:1d:59:05:80:76:5f:0d:47:e8:56:98:5e:
f1:0f:4b:78:f0:70:36:e8:7e:9c:9d:01:d9:4b:e9:1a:a3:73:
0e:bd:65:9a:71:f2:7a:a0:d8:e9:13:4d:8a:91:82:f1:04:d9:
4c:02:f6:bf:41:f5:56:d6:0c:b1:43:e7:91:dd:41:c4:02:62:
f5:fa:24:2f:f1:ec:1d:6b:25:a9:66:ec:8e:c4:a4:c4:00:6b:
a4:a6:92:6a:8f:62:ae:e9:91:42:56:6f:2f:bf:88:52:8c:9c:
06:71:87:fa:47:a7:88:0f:b0:6c:54:75:cd:c2:fb:7b:ba:14:
e0:83:36:40:35:eb:b5:1a:22:d0:06:c7:e3:4d:1e:c6:0b:e6:
9b:1b:75:76
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIg1/QvsrFscD+k4ol9M57Znb+7swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MjkwMDAwMDBaFw0yNDA2MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2YWZlM2MzNDEyNjU5ZDBiM2E5N2RkZTM5ODBmMzE4ODc0MmQ4MDQ1Y2Jk
Y2RkZTA4ODg2YmY3OWY0Njg0ZWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK7LR8cxalDmY4d7VV1vlJ4d5VykkffOkQ8AhAP4w8lWfb+f/uTplpLqmL0c
9m0ffjSZdcM0JZ2S+0qLzkiKTqlZsjnIYi4acGcrzjxuY07VFg90nWZlzbzfNy9Z
FdR3VE0Vc7TI8+KNjZz7ralkRiiwgVWgnsJehFuZoPcEm4PS8AsONf9aTEnAHHOF
LaXTles/GO96pgmTZSOb1wYD1s7qkqvAJGIbaJ0DYgBSjLqT2fZnK5hoJ3oR5rRw
Z33XR/hYhMaX1h9EUYXGhFHtoVH70aNxDNBlYhh5moBWCPdug6X2ZMu2ukHKjEJV
jzbsE99Ws3dNtR97k5K3N8khItkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQEAY2u
gjZnCTtyrmE9XBdiNYUr3TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2NhYWYzMTYtMjI1YS00OWNjLWExMmYtMmQwZTFmZWM5N2Q5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HCg
MA0GCSqGSIb3DQEBCwUAA4IBAQCIlZfYUWd/3ikw35mENYhgSxu8tBvZGhvVU2Z9
w+Tn8PjdFE41xfYkVMVI/SR8pIoWT8Cq6/N1BZ2QrFceamXsAl1sGAXSfXHUr30y
qaTYEpex72C/QujVXLu1EvaBXQkZWQ5++Djx0pAhwGoh7S4kczkdWQWAdl8NR+hW
mF7xD0t48HA26H6cnQHZS+kao3MOvWWacfJ6oNjpE02KkYLxBNlMAva/QfVW1gyx
Q+eR3UHEAmL1+iQv8ewdayWpZuyOxKTEAGukppJqj2Ku6ZFCVm8vv4hSjJwGcYf6
R6eID7BsVHXNwvt7uhTggzZANeu1GiLQBsfjTR7GC+abG3V2
-----END CERTIFICATE-----
Generated at Wed May 8 02:08:55 2024 by rpki-client on console-ams.rpki-client.org