Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
File: 99ffa238-9133-4fa5-ad84-49e67d34854a.roa (raw, json)
Hash identifier: 1jvVKS9PItqFStXNFFcrkr2ydUiwIuGu8LM4CO39Sck=
Subject key identifier: C0:3D:D6:AC:4F:02:2F:2C:C5:7F:F2:36:B0:32:4E:5C:58:ED:E7:5F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2DB05C6D84A67D63EE066F1209AC1099414A795C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
Signing time: Sun 19 Mar 2023 00:00:00 +0000
ROA not before: Sun 19 Mar 2023 00:00:00 +0000
ROA not after: Sun 23 Apr 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02a::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Mar 2023 08:58:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:b0:5c:6d:84:a6:7d:63:ee:06:6f:12:09:ac:10:99:41:4a:79:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 19 00:00:00 2023 GMT
Not After : Apr 23 23:59:59 2023 GMT
Subject: serialNumber=7368233bfb542450d51ae7c78995186b927aad4bd14911aec9c60ddaa7c0d0e7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:2c:fb:91:76:39:20:a6:df:c0:b2:90:46:19:
9c:a9:b0:ca:4b:64:e1:c3:b3:c4:40:db:1e:6c:1c:
54:90:d4:15:6b:94:01:c0:2c:5d:c8:22:96:70:2b:
06:33:1e:42:3a:f9:69:b2:59:97:0c:75:a1:01:6e:
85:cf:39:8b:a8:88:2e:e2:5c:0f:41:62:d9:16:66:
69:11:ea:58:c3:2a:c5:2b:8c:c8:bc:c5:eb:84:e6:
67:7a:75:e7:13:d2:db:cb:e8:7e:46:5e:88:d0:a5:
6c:7b:09:13:b0:19:b1:bb:b8:a1:07:02:11:0d:e5:
48:0e:0b:b7:29:fa:a5:14:bf:06:c1:ec:8d:79:aa:
50:52:f3:b2:d8:99:16:8b:cc:b4:b4:fe:b0:3d:a8:
f1:3f:c9:46:9a:43:cd:b8:06:a4:3b:bb:67:20:a2:
df:4d:df:16:5a:f2:54:5c:b2:ba:67:a9:d1:25:86:
6a:b3:d3:90:7d:26:e5:8d:b5:f4:96:76:49:3f:02:
90:05:df:db:e4:ef:c2:27:15:eb:eb:1d:0c:64:1d:
6b:2c:bc:83:be:1a:27:5a:3a:23:4d:0a:e1:2d:da:
fe:4d:8a:a1:19:b5:db:b9:5f:b0:4e:bf:b3:1f:bf:
65:da:be:15:2b:de:96:15:62:e3:30:4f:8c:e1:3f:
e5:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:3D:D6:AC:4F:02:2F:2C:C5:7F:F2:36:B0:32:4E:5C:58:ED:E7:5F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02a::/36
Signature Algorithm: sha256WithRSAEncryption
a6:72:5e:7e:b3:15:e6:55:70:c0:b5:a9:65:dc:57:c2:33:c3:
3a:8d:fd:46:41:28:51:a5:17:4a:f2:3e:4f:b2:f8:13:47:07:
ac:0a:84:1b:73:b8:5b:5a:84:da:20:d7:37:c6:63:a1:df:e9:
18:cb:65:72:c2:85:d4:45:58:e8:47:8e:21:5d:a2:bf:05:f2:
67:0b:bb:13:ba:25:cd:d4:02:87:d9:87:7e:67:ab:3d:b1:fb:
67:24:20:f0:09:3a:01:90:a1:79:74:7d:17:3a:7c:21:f8:2a:
40:c3:c2:9e:6c:7c:4a:29:6c:17:33:a8:14:32:42:90:0e:5c:
92:86:08:0d:67:5d:70:0e:e2:f1:ee:9f:95:4b:98:10:11:0a:
4b:c7:c4:d2:54:f5:c2:be:da:28:63:27:32:5e:1c:2c:5b:24:
3e:7f:f2:15:55:83:f5:6e:ae:c8:32:65:21:1b:e4:09:1a:20:
bb:27:44:60:48:b2:6e:18:80:4c:af:8e:da:61:b2:c3:4f:29:
28:b1:87:23:3d:ef:ce:f9:11:a2:55:3e:79:33:b3:fc:7d:f9:
3f:86:02:02:3e:db:3f:c9:58:64:4f:ef:1c:70:f5:16:41:c2:
3a:a9:05:58:aa:d1:40:41:a8:42:c6:e3:6b:9f:ee:06:cb:76:
bf:a0:d5:9f
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIULbBcbYSmfWPuBm8SCawQmUFKeVwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzAzMTkwMDAwMDBaFw0yMzA0MjMyMzU5NTlaMIGlMUkwRwYD
VQQFE0A3MzY4MjMzYmZiNTQyNDUwZDUxYWU3Yzc4OTk1MTg2YjkyN2FhZDRiZDE0
OTExYWVjOWM2MGRkYWE3YzBkMGU3MS0wKwYDVQQDEyQ2NjE1YTM4Yi0zYWQ3LTQ3
YjctOGZiMi02ODVjMzhkMDA5MTQxFDASBgNVBAsTC0FtYXpvbiBSUEtJMRMwEQYD
VQQKEwpBbWF6b24uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
nSz7kXY5IKbfwLKQRhmcqbDKS2Thw7PEQNsebBxUkNQVa5QBwCxdyCKWcCsGMx5C
OvlpslmXDHWhAW6FzzmLqIgu4lwPQWLZFmZpEepYwyrFK4zIvMXrhOZnenXnE9Lb
y+h+Rl6I0KVsewkTsBmxu7ihBwIRDeVIDgu3KfqlFL8GweyNeapQUvOy2JkWi8y0
tP6wPajxP8lGmkPNuAakO7tnIKLfTd8WWvJUXLK6Z6nRJYZqs9OQfSbljbX0lnZJ
PwKQBd/b5O/CJxXr6x0MZB1rLLyDvhonWjojTQrhLdr+TYqhGbXbuV+wTr+zH79l
2r4VK96WFWLjME+M4T/lewIDAQABo4ICIzCCAh8wHQYDVR0OBBYEFMA91qxPAi8s
xX/yNrAyTlxY7edfMB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8MA4G
A1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVuZFo1
UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsGAQUF
BzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5jb20v
dm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC85OWZm
YTIzOC05MTMzLTRmYTUtYWQ4NC00OWU2N2QzNDg1NGEucm9hMIGIBgNVHR8EgYAw
fjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
dU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgXQKgAwDQYJ
KoZIhvcNAQELBQADggEBAKZyXn6zFeZVcMC1qWXcV8IzwzqN/UZBKFGlF0ryPk+y
+BNHB6wKhBtzuFtahNog1zfGY6Hf6RjLZXLChdRFWOhHjiFdor8F8mcLuxO6Jc3U
AofZh35nqz2x+2ckIPAJOgGQoXl0fRc6fCH4KkDDwp5sfEopbBczqBQyQpAOXJKG
CA1nXXAO4vHun5VLmBARCkvHxNJU9cK+2ihjJzJeHCxbJD5/8hVVg/VursgyZSEb
5AkaILsnRGBIsm4YgEyvjtphssNPKSixhyM97875EaJVPnkzs/x9+T+GAgI+2z/J
WGRP7xxw9RZBwjqpBViq0UBBqELG42uf7gbLdr+g1Z8=
-----END CERTIFICATE-----
Generated at Sun Mar 19 16:19:40 2023 by rpki-client on console-fra.rpki-client.org