Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/904a13d7-baa1-4bc7-b805-601d0b998680.roa
File: 904a13d7-baa1-4bc7-b805-601d0b998680.roa (raw, json)
Hash identifier: ypPJSBAcRxHw8PcteN3aOEq0u2OWeLZIvfJUPnAYXro=
Subject key identifier: DD:03:7D:1C:90:59:99:08:FA:A3:B6:9A:72:D1:39:FB:B8:77:B7:51
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 19226E1203BEF33D0C13DA6925141C588DBC6FA8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/904a13d7-baa1-4bc7-b805-601d0b998680.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:22:6e:12:03:be:f3:3d:0c:13:da:69:25:14:1c:58:8d:bc:6f:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=9b4d37eaf51b6d59ac9ac274279c0acb4b0fe92c3e302564afcdfe4bd75134af, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4a:9d:64:b8:ab:11:1f:78:41:e6:bc:17:9a:
a6:80:92:4c:f5:1b:3b:a5:da:30:e3:11:d2:08:69:
d2:15:44:53:6d:f5:7b:22:e0:e4:c7:e8:c3:52:56:
c2:23:bf:7e:6a:27:b3:f6:aa:de:12:95:2b:47:0a:
84:a1:d7:6d:e4:b4:73:3c:a9:fa:0b:fb:06:ce:3a:
7f:ea:95:3d:3b:d5:0c:65:40:a1:91:cb:72:7c:c2:
e4:b9:31:66:af:27:1b:0b:13:a4:07:58:98:b1:d5:
c3:39:c8:9a:29:4a:bc:29:26:bc:a4:39:8c:90:6c:
01:07:77:07:a5:7a:a5:e0:12:37:13:80:d0:a2:8a:
f9:56:3a:45:b2:25:ca:dd:29:4b:4d:87:37:c3:e9:
c1:00:38:91:3b:cc:d7:91:bf:28:1d:46:0b:3a:52:
8e:38:16:e7:30:49:35:c8:60:d6:b9:b8:3a:f1:61:
9c:b9:06:8e:b7:0c:22:57:56:15:63:f4:c5:ff:0b:
34:49:a7:e9:22:d1:d5:56:9b:8a:90:9b:cf:e8:56:
85:9c:0d:14:81:1b:67:b9:4d:04:df:ce:1a:66:0f:
2c:c2:d7:b5:7a:3f:7f:4b:9f:30:f0:44:41:ce:7f:
44:b2:bc:66:d2:e4:dc:9b:dd:85:54:fe:74:d1:ba:
08:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:03:7D:1C:90:59:99:08:FA:A3:B6:9A:72:D1:39:FB:B8:77:B7:51
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/904a13d7-baa1-4bc7-b805-601d0b998680.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:8000::/40
Signature Algorithm: sha256WithRSAEncryption
8c:3e:50:57:62:bc:0e:63:64:85:94:ab:65:66:18:aa:62:00:
0d:eb:39:5c:76:dd:21:61:da:5d:0f:14:3a:5c:45:54:a3:11:
43:df:96:89:0d:1d:f2:cd:dd:f8:01:ab:52:b6:8d:1e:0d:be:
da:6b:5a:6d:92:af:aa:60:68:a6:83:62:0e:37:8d:11:bd:2c:
17:ac:60:5c:f7:59:01:9f:2f:8f:3e:3a:34:92:0a:87:10:53:
4e:49:06:f1:03:0c:0e:c0:a5:5a:23:76:28:2c:35:a8:66:0d:
31:bf:22:47:fb:5d:42:61:02:bb:e0:0a:3a:ac:14:c6:7e:1e:
1f:1c:60:3d:67:32:fc:03:c5:80:38:e2:b0:e3:e8:1e:2a:bf:
a9:66:ed:fc:b8:da:b6:53:f6:e6:be:a9:6e:bd:6e:7e:2a:a6:
a3:1b:02:fc:43:47:00:6a:6d:1b:5d:48:d9:86:69:d1:32:1e:
56:82:e7:1f:41:3c:e2:68:fa:77:43:33:dc:7c:8d:f4:2f:0e:
c2:24:9f:8b:c3:9c:5b:72:69:18:e0:8a:b5:f6:85:6b:ca:4a:
92:d9:99:59:51:74:ee:1b:e2:e7:a9:08:d1:d5:7c:92:23:0f:
8c:8f:cb:65:e1:56:8f:fa:14:4d:67:8c:cb:3e:9b:d4:94:ea:
22:24:49:30
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGSJuEgO+8z0ME9ppJRQcWI28b6gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDliNGQzN2VhZjUxYjZkNTlhYzlhYzI3NDI3OWMwYWNiNGIwZmU5MmMzZTMw
MjU2NGFmY2RmZTRiZDc1MTM0YWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJKnWS4qxEfeEHmvBeapoCSTPUbO6XaMOMR0ghp0hVEU231eyLg5Mfow1JW
wiO/fmons/aq3hKVK0cKhKHXbeS0czyp+gv7Bs46f+qVPTvVDGVAoZHLcnzC5Lkx
Zq8nGwsTpAdYmLHVwznImilKvCkmvKQ5jJBsAQd3B6V6peASNxOA0KKK+VY6RbIl
yt0pS02HN8PpwQA4kTvM15G/KB1GCzpSjjgW5zBJNchg1rm4OvFhnLkGjrcMIldW
FWP0xf8LNEmn6SLR1VabipCbz+hWhZwNFIEbZ7lNBN/OGmYPLMLXtXo/f0ufMPBE
Qc5/RLK8ZtLk3JvdhVT+dNG6CF8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTdA30c
kFmZCPqjtppy0Tn7uHe3UTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTA0YTEzZDctYmFhMS00YmM3LWI4MDUtNjAxZDBiOTk4NjgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FCA
MA0GCSqGSIb3DQEBCwUAA4IBAQCMPlBXYrwOY2SFlKtlZhiqYgAN6zlcdt0hYdpd
DxQ6XEVUoxFD35aJDR3yzd34AatSto0eDb7aa1ptkq+qYGimg2ION40RvSwXrGBc
91kBny+PPjo0kgqHEFNOSQbxAwwOwKVaI3YoLDWoZg0xvyJH+11CYQK74Ao6rBTG
fh4fHGA9ZzL8A8WAOOKw4+geKr+pZu38uNq2U/bmvqluvW5+KqajGwL8Q0cAam0b
XUjZhmnRMh5WgucfQTziaPp3QzPcfI30Lw7CJJ+Lw5xbcmkY4Iq19oVrykqS2ZlZ
UXTuG+LnqQjR1XySIw+Mj8tl4VaP+hRNZ4zLPpvUlOoiJEkw
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:50:17 2023 by rpki-client on console-ams.rpki-client.org