Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8553b3da-6a47-43ee-87d3-5259a23c371b.roa
File: 8553b3da-6a47-43ee-87d3-5259a23c371b.roa (raw, json)
Hash identifier: RtAh3El7va6/F4aDQlPLCWXu7ELJ8/jCi2YMkSvTFwQ=
Subject key identifier: 32:2F:D5:0C:51:3B:86:E6:7A:19:1D:E4:63:5B:EF:61:E5:E2:97:12
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 52A93C871B80958C801FEFF154DD86B8CEC28590
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8553b3da-6a47-43ee-87d3-5259a23c371b.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:a9:3c:87:1b:80:95:8c:80:1f:ef:f1:54:dd:86:b8:ce:c2:85:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=daae439cb312ded98d06b31c7813abf0dbfb496a7624961b8fa021a56ff92fcd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e9:af:ec:fe:07:30:e5:d7:a0:04:00:d4:91:
87:4a:74:79:4e:e7:55:e7:42:71:2d:5f:f0:71:75:
14:79:86:3a:e4:72:8c:16:eb:0d:ae:e5:99:a4:69:
63:44:40:1b:c3:cf:9d:51:b4:83:43:f6:7a:f9:1c:
3f:9c:ee:2c:94:a7:a0:13:4e:77:e4:81:48:12:0b:
45:25:30:69:fc:b4:1c:98:7b:fd:f5:8a:14:73:74:
a7:44:3f:b1:99:d2:49:63:c8:6c:2d:1c:f5:d7:26:
31:dc:0e:29:c7:a9:e7:b3:21:e6:c6:c2:ee:39:ef:
9b:81:dc:b7:2c:36:48:fa:d2:68:3a:8c:2a:85:70:
5e:78:ca:f4:c2:76:30:1c:e3:3a:23:bc:c2:d3:23:
e4:2b:28:06:dc:19:3a:81:61:1f:8f:03:c6:03:ad:
d1:c5:27:3f:3d:d7:03:26:7c:4e:01:ad:2a:50:94:
d2:2d:eb:5b:9a:62:d8:28:68:cb:62:3e:99:44:40:
81:fc:eb:26:10:17:53:f7:3c:84:f3:2e:a3:76:f4:
c7:6e:e3:a5:e8:1c:de:df:ee:82:0a:49:3e:97:09:
79:26:b2:ee:e3:56:13:24:b3:76:1c:0f:49:36:e1:
3a:f7:40:53:9c:8b:e6:2a:c9:eb:73:90:53:93:5e:
a3:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:2F:D5:0C:51:3B:86:E6:7A:19:1D:E4:63:5B:EF:61:E5:E2:97:12
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8553b3da-6a47-43ee-87d3-5259a23c371b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:2000::/40
Signature Algorithm: sha256WithRSAEncryption
0c:fa:8e:60:00:70:ae:f2:d3:8b:28:61:93:bb:c1:fa:7a:9e:
5a:c4:76:dc:9e:ad:ee:0e:06:dc:72:d7:3a:5d:fc:48:b0:c5:
da:bb:78:b6:a5:5e:42:a4:23:81:64:10:2d:52:b3:13:77:46:
d2:b2:51:7c:7d:3c:65:4a:93:d2:1f:63:7a:cb:f1:2f:13:1f:
63:d7:b1:40:dc:7c:5f:1b:f9:43:8e:fb:80:9a:b2:b7:f2:bf:
d9:26:4a:e6:36:cd:be:7a:a8:3e:de:ea:bf:08:71:e5:f9:70:
3e:09:a8:5a:72:04:1d:fe:81:85:33:03:9d:a7:c6:9d:1a:81:
65:a3:f3:e6:5f:34:b3:aa:fd:1c:5c:dd:b1:2e:04:4f:8e:be:
85:8a:05:34:6d:ee:2c:47:e8:53:d0:9c:f9:ce:55:3c:a9:4d:
9c:3d:df:53:aa:1e:2b:b2:58:c9:79:cc:4b:4c:53:07:30:a1:
17:93:e7:09:d8:00:91:8b:c8:25:b7:98:f7:c5:a9:fe:20:8b:
8a:a9:01:d5:e8:6a:2a:7b:81:8a:20:58:d5:af:37:fe:2d:3b:
74:87:1a:11:60:e8:9f:4d:27:4c:a1:1e:45:97:5d:69:48:a4:
da:fd:08:8b:23:14:61:84:b5:45:8c:63:82:1d:a3:f3:3f:e9:
0f:37:ad:fc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUqk8hxuAlYyAH+/xVN2GuM7ChZAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGRhYWU0MzljYjMxMmRlZDk4ZDA2YjMxYzc4MTNhYmYwZGJmYjQ5NmE3NjI0
OTYxYjhmYTAyMWE1NmZmOTJmY2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJPpr+z+BzDl16AEANSRh0p0eU7nVedCcS1f8HF1FHmGOuRyjBbrDa7lmaRp
Y0RAG8PPnVG0g0P2evkcP5zuLJSnoBNOd+SBSBILRSUwafy0HJh7/fWKFHN0p0Q/
sZnSSWPIbC0c9dcmMdwOKcep57Mh5sbC7jnvm4Hctyw2SPrSaDqMKoVwXnjK9MJ2
MBzjOiO8wtMj5CsoBtwZOoFhH48DxgOt0cUnPz3XAyZ8TgGtKlCU0i3rW5pi2Cho
y2I+mURAgfzrJhAXU/c8hPMuo3b0x27jpegc3t/uggpJPpcJeSay7uNWEySzdhwP
STbhOvdAU5yL5irJ63OQU5NeoxMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQyL9UM
UTuG5noZHeRjW+9h5eKXEjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODU1M2IzZGEtNmE0Ny00M2VlLTg3ZDMtNTI1OWEyM2MzNzFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HEg
MA0GCSqGSIb3DQEBCwUAA4IBAQAM+o5gAHCu8tOLKGGTu8H6ep5axHbcnq3uDgbc
ctc6XfxIsMXau3i2pV5CpCOBZBAtUrMTd0bSslF8fTxlSpPSH2N6y/EvEx9j17FA
3HxfG/lDjvuAmrK38r/ZJkrmNs2+eqg+3uq/CHHl+XA+CahacgQd/oGFMwOdp8ad
GoFlo/PmXzSzqv0cXN2xLgRPjr6FigU0be4sR+hT0Jz5zlU8qU2cPd9Tqh4rsljJ
ecxLTFMHMKEXk+cJ2ACRi8glt5j3xan+IIuKqQHV6Goqe4GKIFjVrzf+LTt0hxoR
YOifTSdMoR5Fl11pSKTa/QiLIxRhhLVFjGOCHaPzP+kPN638
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:27 2023 by rpki-client on console-ams.rpki-client.org