Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a06e909-5227-47d9-a58c-be623a2a4cad.roa
File: 8a06e909-5227-47d9-a58c-be623a2a4cad.roa (raw, json)
Hash identifier: /lnqQhSXlFJsdR9KTaNoeY6T+a4YLu8Uu+dM10SfLuw=
Subject key identifier: F1:5D:EF:D1:B3:DD:4E:1B:07:5F:14:40:57:45:5E:84:9A:EB:A2:80
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3895A39F7480DCB457B2D9E6E898C53B32E81E59
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a06e909-5227-47d9-a58c-be623a2a4cad.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:95:a3:9f:74:80:dc:b4:57:b2:d9:e6:e8:98:c5:3b:32:e8:1e:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=cbb4250096ccdfa6fd9b349dd74d78ba79e39be9114852fed6d2652780a34788, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1f:59:07:24:17:69:79:59:29:6d:63:80:3c:
e4:d8:99:c2:61:49:bf:22:a4:3c:48:06:ec:47:d9:
1d:9f:22:34:7e:08:93:7a:73:8e:9f:7b:ca:4c:77:
f4:ae:b7:0b:45:3f:11:87:6d:d4:8d:1e:da:e2:19:
5e:93:66:d7:c6:38:06:91:38:fe:64:64:8e:d0:7c:
e5:63:c4:c0:86:4a:81:b4:32:34:3a:06:ab:f1:80:
ab:81:5f:08:16:81:11:4e:4f:99:32:4d:e3:09:ad:
1a:9b:88:5a:96:e0:e2:3f:37:f0:62:a3:a2:5e:cd:
08:87:00:bf:56:73:9d:63:ef:fa:f3:12:70:ab:3f:
83:59:e7:68:ca:cc:73:93:09:65:60:2e:e7:8a:f7:
cb:0f:7a:b8:bc:bf:09:88:2e:29:8b:22:6c:54:4d:
8b:2b:48:df:f7:47:a0:21:4f:b0:15:8e:bd:d0:21:
da:b6:33:ae:f9:0a:26:0e:13:42:a3:b1:07:ba:ba:
5b:72:bc:fd:c3:de:7f:64:a6:bd:33:10:ac:48:80:
b1:f7:af:47:89:7e:d7:1c:ec:a3:8e:b1:f2:97:76:
9a:a5:f7:b6:d0:b1:a3:ad:40:3b:48:1e:28:7f:72:
67:07:83:2e:55:83:9f:bf:bf:89:a3:d9:6f:23:d3:
e6:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:5D:EF:D1:B3:DD:4E:1B:07:5F:14:40:57:45:5E:84:9A:EB:A2:80
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a06e909-5227-47d9-a58c-be623a2a4cad.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:4000::/40
Signature Algorithm: sha256WithRSAEncryption
72:14:95:6f:17:79:2e:27:7a:87:3a:71:d5:be:cb:65:fb:72:
bf:c1:e3:a6:f0:05:fe:0c:84:8c:b9:33:29:69:cb:ea:a0:5b:
49:b3:5b:b9:57:c2:3d:ac:94:a1:95:3e:5b:52:e6:57:b9:c3:
c3:aa:6f:cd:dc:00:7f:92:20:26:11:3e:08:19:bc:3c:60:f2:
bd:d6:75:d3:31:e3:ac:97:a4:b5:bb:d1:af:df:51:7f:8b:3c:
16:62:e7:dc:d4:1b:72:73:d2:ae:ec:4c:fe:e4:43:3c:a8:0a:
f5:3a:d1:23:d6:97:6f:14:26:48:89:4d:9e:da:d3:9f:98:f8:
72:5c:a5:0e:f5:86:aa:b4:84:9d:18:89:8c:98:d3:2b:f6:9d:
a3:44:1f:a6:30:3b:cf:f1:2f:df:60:a2:b1:2c:5f:bc:be:87:
ef:41:33:80:80:04:88:f0:90:23:c8:b5:77:88:3f:bc:58:a4:
b1:ce:b7:3d:a3:df:33:93:cf:2d:84:66:3d:e7:1b:63:ec:bf:
ad:95:77:ce:fc:ba:74:c9:88:97:65:73:d0:17:a8:f6:2e:b2:
c0:e7:ac:58:52:f0:6e:f3:e1:e5:3d:74:21:2a:0e:81:9b:55:
fa:64:3d:98:06:73:c5:58:75:54:a5:4e:e7:ff:7c:60:91:c0:
cf:c6:fc:50
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOJWjn3SA3LRXstnm6JjFOzLoHlkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiYjQyNTAwOTZjY2RmYTZmZDliMzQ5ZGQ3NGQ3OGJhNzllMzliZTkxMTQ4
NTJmZWQ2ZDI2NTI3ODBhMzQ3ODgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKcfWQckF2l5WSltY4A85NiZwmFJvyKkPEgG7EfZHZ8iNH4Ik3pzjp97ykx3
9K63C0U/EYdt1I0e2uIZXpNm18Y4BpE4/mRkjtB85WPEwIZKgbQyNDoGq/GAq4Ff
CBaBEU5PmTJN4wmtGpuIWpbg4j838GKjol7NCIcAv1ZznWPv+vMScKs/g1nnaMrM
c5MJZWAu54r3yw96uLy/CYguKYsibFRNiytI3/dHoCFPsBWOvdAh2rYzrvkKJg4T
QqOxB7q6W3K8/cPef2SmvTMQrEiAsfevR4l+1xzso46x8pd2mqX3ttCxo61AO0ge
KH9yZweDLlWDn7+/iaPZbyPT5icCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTxXe/R
s91OGwdfFEBXRV6EmuuigDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGEwNmU5MDktNTIyNy00N2Q5LWE1OGMtYmU2MjNhMmE0Y2FkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FhA
MA0GCSqGSIb3DQEBCwUAA4IBAQByFJVvF3kuJ3qHOnHVvstl+3K/weOm8AX+DISM
uTMpacvqoFtJs1u5V8I9rJShlT5bUuZXucPDqm/N3AB/kiAmET4IGbw8YPK91nXT
MeOsl6S1u9Gv31F/izwWYufc1Btyc9Ku7Ez+5EM8qAr1OtEj1pdvFCZIiU2e2tOf
mPhyXKUO9YaqtISdGImMmNMr9p2jRB+mMDvP8S/fYKKxLF+8vofvQTOAgASI8JAj
yLV3iD+8WKSxzrc9o98zk88thGY95xtj7L+tlXfO/Lp0yYiXZXPQF6j2LrLA56xY
UvBu8+HlPXQhKg6Bm1X6ZD2YBnPFWHVUpU7n/3xgkcDPxvxQ
-----END CERTIFICATE-----
Generated at Sat Apr 27 17:54:24 2024 by rpki-client on console-ams.rpki-client.org