Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7f410204-155a-436a-a343-5a74a7999df6.roa
File: 7f410204-155a-436a-a343-5a74a7999df6.roa (raw, json)
Hash identifier: uWijU3aOedczRco9IhMBiCE0rPKtpLWuyQVd0SMwEnA=
Subject key identifier: F5:02:93:02:BF:AA:E1:46:60:1A:16:1F:18:00:83:43:1C:BD:D0:76
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7BF7D49F51CC4D690C5DCF863E5C11E6EBB802B9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7f410204-155a-436a-a343-5a74a7999df6.roa
Signing time: Tue 03 Sep 2024 00:00:00 +0000
ROA not before: Tue 03 Sep 2024 00:00:00 +0000
ROA not after: Tue 08 Oct 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d070:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Sep 2024 20:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:f7:d4:9f:51:cc:4d:69:0c:5d:cf:86:3e:5c:11:e6:eb:b8:02:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 3 00:00:00 2024 GMT
Not After : Oct 8 23:59:59 2024 GMT
Subject: serialNumber=9ad0e84b257b33ad195d9f8f2fc3fee2e11982d22b87a8e6154b8cd692e05db7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ad:df:13:4f:cf:44:62:ef:b2:91:ef:9e:ac:
21:a8:47:b7:ed:ad:89:58:90:c6:51:c6:66:34:a0:
cc:81:f5:a7:be:c4:87:04:01:66:e9:cf:36:84:35:
52:5d:3d:05:ce:ef:64:5c:ba:73:67:a1:e4:2b:19:
6d:c2:d7:97:da:9b:b6:2f:29:17:30:b6:50:74:b2:
a8:9c:64:0b:e7:28:01:17:3c:2d:91:73:20:4e:d0:
eb:75:d5:99:6b:d2:6b:6b:f4:c9:d0:eb:d4:88:92:
f3:a2:cb:7d:13:f6:58:de:ca:1d:6b:89:08:fd:09:
ac:30:ca:f1:c3:b7:86:f5:ab:54:97:46:a5:03:f2:
55:a2:c0:a8:5a:30:ca:9b:1b:ed:13:1f:a1:39:36:
68:d0:81:dc:0f:42:48:ee:a9:2d:ca:c7:30:39:51:
ee:40:00:45:93:f5:3c:72:39:6e:bc:92:56:5d:44:
48:cf:02:d8:70:82:14:ef:63:86:33:95:cf:76:26:
05:bf:1f:d9:7e:12:aa:b5:70:4d:4b:14:15:49:82:
0e:e4:04:8c:74:08:8a:3f:e2:86:2e:f0:bd:a5:33:
21:d1:a0:b7:b5:12:93:4a:77:83:17:85:47:88:5a:
32:f6:2e:86:77:99:25:1c:d9:10:c5:b9:04:fc:77:
79:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:02:93:02:BF:AA:E1:46:60:1A:16:1F:18:00:83:43:1C:BD:D0:76
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7f410204-155a-436a-a343-5a74a7999df6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d070:6000::/40
Signature Algorithm: sha256WithRSAEncryption
a5:22:f5:b1:1b:5f:e0:cb:84:f9:50:b6:e7:24:92:dd:c0:85:
53:12:17:e0:68:91:94:48:81:fa:56:a9:ab:ac:01:64:cc:af:
93:87:51:4b:1b:93:08:c9:fe:ed:7b:55:ec:60:ab:10:55:16:
10:3c:bc:e1:fb:68:81:df:63:69:5e:ed:e2:dc:e8:22:fe:4b:
0c:9c:ab:85:1f:f4:fe:36:fb:4f:dc:dd:ca:18:77:32:4b:86:
0d:f4:b0:51:03:25:a7:02:32:9d:91:a7:74:d3:66:78:a4:6d:
6a:e1:e3:b3:b7:e2:ab:0b:5f:c0:6b:69:ce:e9:c4:9b:39:42:
0e:6a:a0:4e:b7:3f:59:76:06:59:f2:7b:71:77:06:7c:78:21:
d3:25:a3:a5:37:f9:18:94:47:30:b8:12:03:16:3c:82:99:cf:
82:2c:17:7c:48:51:fd:5b:09:03:4b:74:44:64:57:90:83:cc:
40:85:9f:c5:97:50:9c:8b:11:45:5f:4b:5f:25:96:ab:3d:7b:
43:dd:8d:26:51:10:c1:6b:85:a5:5f:32:56:73:ec:89:ac:94:
0c:f2:43:bb:fb:dc:c6:0d:e5:54:3e:da:a3:ea:f7:9d:93:75:
08:f6:67:e5:1d:a4:14:67:81:c3:83:e9:57:2b:68:71:0b:ba:
fe:83:16:a8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUe/fUn1HMTWkMXc+GPlwR5uu4ArkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA5MDMwMDAwMDBaFw0yNDEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhZDBlODRiMjU3YjMzYWQxOTVkOWY4ZjJmYzNmZWUyZTExOTgyZDIyYjg3
YThlNjE1NGI4Y2Q2OTJlMDVkYjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANmt3xNPz0Ri77KR756sIahHt+2tiViQxlHGZjSgzIH1p77EhwQBZunPNoQ1
Ul09Bc7vZFy6c2eh5CsZbcLXl9qbti8pFzC2UHSyqJxkC+coARc8LZFzIE7Q63XV
mWvSa2v0ydDr1IiS86LLfRP2WN7KHWuJCP0JrDDK8cO3hvWrVJdGpQPyVaLAqFow
ypsb7RMfoTk2aNCB3A9CSO6pLcrHMDlR7kAARZP1PHI5brySVl1ESM8C2HCCFO9j
hjOVz3YmBb8f2X4SqrVwTUsUFUmCDuQEjHQIij/ihi7wvaUzIdGgt7USk0p3gxeF
R4haMvYuhneZJRzZEMW5BPx3eVcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT1ApMC
v6rhRmAaFh8YAINDHL3QdjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2Y0MTAyMDQtMTU1YS00MzZhLWEzNDMtNWE3NGE3OTk5ZGY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HBg
MA0GCSqGSIb3DQEBCwUAA4IBAQClIvWxG1/gy4T5ULbnJJLdwIVTEhfgaJGUSIH6
VqmrrAFkzK+Th1FLG5MIyf7te1XsYKsQVRYQPLzh+2iB32NpXu3i3Ogi/ksMnKuF
H/T+NvtP3N3KGHcyS4YN9LBRAyWnAjKdkad002Z4pG1q4eOzt+KrC1/Aa2nO6cSb
OUIOaqBOtz9ZdgZZ8ntxdwZ8eCHTJaOlN/kYlEcwuBIDFjyCmc+CLBd8SFH9WwkD
S3REZFeQg8xAhZ/Fl1CcixFFX0tfJZarPXtD3Y0mURDBa4WlXzJWc+yJrJQM8kO7
+9zGDeVUPtqj6vedk3UI9mflHaQUZ4HDg+lXK2hxC7r+gxao
-----END CERTIFICATE-----
Generated at Sat Sep 7 01:39:49 2024 by rpki-client on console-ams.rpki-client.org