Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
File: 8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa (raw, json)
Hash identifier: ANEsCgvSGrz5tVdga6EDzq2Oa5VDNFG1h3alLzglOHY=
Subject key identifier: DF:42:C1:D9:97:6C:41:26:46:38:20:ED:5F:07:0D:0D:8A:EE:71:62
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 720388EAECCC0173AA1FB6D60210343157A5D045
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
Signing time: Sun 19 Mar 2023 00:00:00 +0000
ROA not before: Sun 19 Mar 2023 00:00:00 +0000
ROA not after: Sun 23 Apr 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d028::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Mar 2023 08:58:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:03:88:ea:ec:cc:01:73:aa:1f:b6:d6:02:10:34:31:57:a5:d0:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 19 00:00:00 2023 GMT
Not After : Apr 23 23:59:59 2023 GMT
Subject: serialNumber=7bf5fbfb6f960e6a0c89fa606cbd11dbce2f506c430ca448cd9016c92fea2dcd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c6:84:19:10:35:f1:b9:87:3d:82:60:ae:a1:
44:a1:0b:98:d9:c4:62:2e:a2:62:76:20:4d:d9:36:
89:04:1d:50:a2:82:60:97:3f:25:23:4d:86:55:0a:
fe:c5:b0:46:64:8c:cb:71:0b:04:b7:12:fe:b3:e6:
63:61:e7:ca:85:63:0f:99:db:d9:c8:14:3c:f9:c5:
33:b2:f5:16:51:ec:05:87:6a:2c:5b:84:fe:c1:2e:
c7:54:15:1a:85:96:fc:59:25:38:33:f2:63:5b:6d:
89:a8:e4:49:8e:eb:05:c4:51:ef:c9:3c:bf:9a:34:
5a:48:7a:f7:a0:19:53:bc:bd:8b:17:37:94:52:25:
ea:5d:a5:3f:6d:dc:cb:b9:e8:48:f7:c4:b6:9a:00:
0d:84:81:36:b9:62:bd:bf:f6:bd:6f:9d:96:4c:68:
e1:cc:2a:fe:3d:0a:be:c5:87:87:38:e0:9b:a3:f7:
ed:7f:83:72:62:68:2f:1d:40:6d:32:f3:22:91:a3:
70:a8:da:9b:9c:de:77:fa:a7:95:fb:e4:f2:34:ec:
8b:de:21:77:57:bb:b6:55:48:ee:64:74:ec:0b:58:
86:aa:19:18:64:36:f2:3b:55:27:ea:a2:4a:d0:a2:
42:35:36:a8:be:10:82:03:55:79:d5:8c:1c:27:7c:
b9:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:42:C1:D9:97:6C:41:26:46:38:20:ED:5F:07:0D:0D:8A:EE:71:62
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d028::/36
Signature Algorithm: sha256WithRSAEncryption
60:d9:93:a6:8b:95:de:79:f2:7b:63:0b:39:af:7a:a8:cd:52:
51:85:bb:3c:3d:0e:6f:bf:49:fd:6d:ab:51:6c:2a:ff:67:79:
b2:08:04:19:1b:29:71:c1:67:a6:97:5e:8b:d7:29:16:67:ba:
58:d8:5e:20:9b:58:fa:59:06:94:51:fd:ed:1a:7b:b8:27:b8:
07:d7:91:22:f6:53:db:c8:11:1a:6b:f1:7c:33:4a:9d:e4:11:
b0:17:50:cc:55:f7:a7:70:c2:57:c6:68:ec:6b:6b:b7:c6:25:
87:51:ec:63:f2:0e:9e:22:2e:e0:ed:88:04:bf:ff:ae:7a:cd:
ef:45:b5:7f:32:c4:fc:c4:0e:49:3d:df:a0:f7:c1:16:8d:65:
75:d3:1b:9d:1f:7e:8f:7b:1d:e8:05:45:fd:71:aa:52:04:8c:
98:62:d2:d5:d1:b6:6a:2a:1f:2e:9c:cf:2d:00:36:1a:a7:79:
8e:fe:13:38:68:d6:21:7c:33:dd:42:c1:6e:f0:bf:f5:ab:8c:
df:81:20:a1:f8:dc:af:78:a4:5f:30:e4:75:fe:0d:a2:ad:48:
29:9e:b2:90:e6:f2:0b:92:d2:ae:32:aa:79:d6:43:e5:38:c7:
16:c1:c8:0f:79:33:23:83:36:74:9d:79:c1:d6:e4:d7:e5:59:
cb:6b:d8:d1
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIUcgOI6uzMAXOqH7bWAhA0MVel0EUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzAzMTkwMDAwMDBaFw0yMzA0MjMyMzU5NTlaMIGlMUkwRwYD
VQQFE0A3YmY1ZmJmYjZmOTYwZTZhMGM4OWZhNjA2Y2JkMTFkYmNlMmY1MDZjNDMw
Y2E0NDhjZDkwMTZjOTJmZWEyZGNkMS0wKwYDVQQDEyQ2NjE1YTM4Yi0zYWQ3LTQ3
YjctOGZiMi02ODVjMzhkMDA5MTQxFDASBgNVBAsTC0FtYXpvbiBSUEtJMRMwEQYD
VQQKEwpBbWF6b24uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
nsaEGRA18bmHPYJgrqFEoQuY2cRiLqJidiBN2TaJBB1QooJglz8lI02GVQr+xbBG
ZIzLcQsEtxL+s+ZjYefKhWMPmdvZyBQ8+cUzsvUWUewFh2osW4T+wS7HVBUahZb8
WSU4M/JjW22JqORJjusFxFHvyTy/mjRaSHr3oBlTvL2LFzeUUiXqXaU/bdzLuehI
98S2mgANhIE2uWK9v/a9b52WTGjhzCr+PQq+xYeHOOCbo/ftf4NyYmgvHUBtMvMi
kaNwqNqbnN53+qeV++TyNOyL3iF3V7u2VUjuZHTsC1iGqhkYZDbyO1Un6qJK0KJC
NTaovhCCA1V51YwcJ3y5kQIDAQABo4ICIzCCAh8wHQYDVR0OBBYEFN9CwdmXbEEm
Rjgg7V8HDQ2K7nFiMB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8MA4G
A1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVuZFo1
UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsGAQUF
BzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5jb20v
dm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC84MDE1
ZmRjNC1lNzlkLTQ0MDAtYTc4Ni1jNzBhYjNmMTBkMmQucm9hMIGIBgNVHR8EgYAw
fjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
dU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgXQKAAwDQYJ
KoZIhvcNAQELBQADggEBAGDZk6aLld558ntjCzmveqjNUlGFuzw9Dm+/Sf1tq1Fs
Kv9nebIIBBkbKXHBZ6aXXovXKRZnuljYXiCbWPpZBpRR/e0ae7gnuAfXkSL2U9vI
ERpr8XwzSp3kEbAXUMxV96dwwlfGaOxra7fGJYdR7GPyDp4iLuDtiAS//656ze9F
tX8yxPzEDkk936D3wRaNZXXTG50ffo97HegFRf1xqlIEjJhi0tXRtmoqHy6czy0A
NhqneY7+Ezho1iF8M91CwW7wv/WrjN+BIKH43K94pF8w5HX+DaKtSCmespDm8guS
0q4yqnnWQ+U4xxbByA95MyODNnSdecHW5NflWctr2NE=
-----END CERTIFICATE-----
Generated at Sun Mar 19 16:19:40 2023 by rpki-client on console-fra.rpki-client.org