Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/829639b2-d3fc-422f-8540-044327dad29b.roa
File: 829639b2-d3fc-422f-8540-044327dad29b.roa (raw, json)
Hash identifier: Pbadt+KekP4yKRlCTRdHQWxFrZVY9yvaHcaiT2O6fg4=
Subject key identifier: 70:D4:8A:D3:C6:46:6F:3C:27:83:3E:E8:B1:9D:D5:C3:B8:5B:90:49
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 43A841046D16A24D418B81525803F910578E7057
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/829639b2-d3fc-422f-8540-044327dad29b.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:a8:41:04:6d:16:a2:4d:41:8b:81:52:58:03:f9:10:57:8e:70:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=7b25be23aac19356db9e1268574c8ea78d2e5c22d41c7f8f556e47bf16e5a5b9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:fc:72:80:cb:a7:b9:4f:e6:c5:e3:97:07:40:
4a:d4:3f:b9:b8:e6:17:ee:fb:0e:11:04:60:35:1d:
be:c0:af:7d:e1:62:cd:f6:78:9f:74:a7:f6:52:4d:
79:47:69:43:2e:08:c8:4a:51:7a:85:28:b9:72:9c:
d4:2d:38:4e:e2:6b:05:d0:57:ae:21:80:6e:eb:35:
73:09:68:e4:9e:6c:85:9c:e1:56:93:b6:94:38:5b:
4b:93:b5:c3:32:11:a4:55:e7:34:d9:68:76:07:9e:
62:5a:6a:5e:57:16:60:83:d3:64:7f:f0:e0:36:00:
c1:82:cf:8e:9e:8d:bc:76:7d:c2:4e:21:23:08:c3:
9c:09:72:47:30:81:05:66:9c:ea:1f:26:0f:f2:ad:
b4:19:f7:5f:8c:b0:3e:2a:b5:9e:fa:b4:d0:eb:7e:
df:a7:bc:7b:5b:f2:a1:32:50:b6:eb:bb:cb:bf:3a:
1f:d3:a8:bb:fa:25:6e:e9:8a:fc:45:4d:5a:b7:49:
41:e1:2a:51:c0:c4:6b:19:cf:df:bf:12:e0:3b:d5:
1f:b6:6b:62:9d:11:4c:27:67:86:af:21:bf:ad:97:
7e:3d:a3:bf:33:5b:72:51:aa:81:a1:f6:28:ce:9f:
c1:25:d9:b8:3f:cf:1a:03:a0:b1:0c:52:1c:ee:fd:
9e:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:D4:8A:D3:C6:46:6F:3C:27:83:3E:E8:B1:9D:D5:C3:B8:5B:90:49
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/829639b2-d3fc-422f-8540-044327dad29b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:a000::/40
Signature Algorithm: sha256WithRSAEncryption
01:cb:a0:a0:90:0c:cf:c4:80:02:e7:f8:48:93:dd:85:c6:8f:
8c:ad:bb:77:36:5d:a8:0b:6a:e1:d8:ab:11:7f:0e:d6:cf:36:
a7:fc:07:a0:4a:9f:ca:fd:42:60:f9:72:3e:76:04:81:14:f0:
c3:b4:99:9e:b8:65:b3:08:b2:57:d2:94:aa:32:24:97:69:7f:
5b:a3:ca:3e:19:2c:62:23:bf:73:1e:9c:6c:69:65:57:d3:d7:
92:84:6e:ad:d8:ec:2e:5c:ed:15:8d:4f:d0:c8:e6:9a:47:93:
60:5f:8c:af:a0:fe:e2:68:86:3d:0b:27:21:4a:f3:fb:0e:2c:
05:e5:77:d8:18:08:0f:bc:2b:10:82:5e:03:3a:6f:8b:a4:e9:
9f:2c:46:3f:a0:1c:84:c5:43:86:72:17:24:e2:43:76:7a:e4:
2b:33:6f:f6:6f:b2:10:21:72:3b:3c:1f:c3:c3:3c:cd:5b:79:
5c:67:ce:81:f5:4c:53:ee:65:09:a5:7c:d5:8e:2c:5e:82:5f:
34:ba:f0:2c:2d:75:d9:31:46:e1:2f:61:8c:62:0a:b5:23:c7:
54:17:d8:64:59:ec:8b:84:1f:ee:29:74:54:63:0d:4f:ed:b6:
a6:21:80:9a:d9:49:e3:17:f4:90:7b:2b:62:38:f8:26:aa:32:
ec:34:30:07
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQ6hBBG0Wok1Bi4FSWAP5EFeOcFcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDdiMjViZTIzYWFjMTkzNTZkYjllMTI2ODU3NGM4ZWE3OGQyZTVjMjJkNDFj
N2Y4ZjU1NmU0N2JmMTZlNWE1YjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMj8coDLp7lP5sXjlwdAStQ/ubjmF+77DhEEYDUdvsCvfeFizfZ4n3Sn9lJN
eUdpQy4IyEpReoUouXKc1C04TuJrBdBXriGAbus1cwlo5J5shZzhVpO2lDhbS5O1
wzIRpFXnNNlodgeeYlpqXlcWYIPTZH/w4DYAwYLPjp6NvHZ9wk4hIwjDnAlyRzCB
BWac6h8mD/KttBn3X4ywPiq1nvq00Ot+36e8e1vyoTJQtuu7y786H9Oou/olbumK
/EVNWrdJQeEqUcDEaxnP378S4DvVH7ZrYp0RTCdnhq8hv62Xfj2jvzNbclGqgaH2
KM6fwSXZuD/PGgOgsQxSHO79npMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRw1IrT
xkZvPCeDPuixndXDuFuQSTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODI5NjM5YjItZDNmYy00MjJmLTg1NDAtMDQ0MzI3ZGFkMjliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dqg
MA0GCSqGSIb3DQEBCwUAA4IBAQABy6CgkAzPxIAC5/hIk92Fxo+Mrbt3Nl2oC2rh
2KsRfw7Wzzan/AegSp/K/UJg+XI+dgSBFPDDtJmeuGWzCLJX0pSqMiSXaX9bo8o+
GSxiI79zHpxsaWVX09eShG6t2OwuXO0VjU/QyOaaR5NgX4yvoP7iaIY9CychSvP7
DiwF5XfYGAgPvCsQgl4DOm+LpOmfLEY/oByExUOGchck4kN2euQrM2/2b7IQIXI7
PB/DwzzNW3lcZ86B9UxT7mUJpXzVjixegl80uvAsLXXZMUbhL2GMYgq1I8dUF9hk
WeyLhB/uKXRUYw1P7bamIYCa2UnjF/SQeytiOPgmqjLsNDAH
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:50:17 2023 by rpki-client on console-ams.rpki-client.org