Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a732efb-e23f-49a4-ad51-1a43431e07c9.roa
File: 9a732efb-e23f-49a4-ad51-1a43431e07c9.roa (raw, json)
Hash identifier: QGX5uYyy3KxWEifUVAi9F10S0dd7BIqzrsWyNTgQ7As=
Subject key identifier: 25:5F:A3:23:49:68:CE:88:4C:56:18:F9:7E:19:54:6E:9D:89:EF:E3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6D9CDFC25E6D321AC5A249E202FE75E5F0D680ED
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a732efb-e23f-49a4-ad51-1a43431e07c9.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:9c:df:c2:5e:6d:32:1a:c5:a2:49:e2:02:fe:75:e5:f0:d6:80:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=a17b154cf167a7c2e1bc3120911cfedc04c34074e374d9b2fb557bbb59403307, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:35:bb:8d:c6:98:b6:9a:a5:a8:ad:c5:6b:9b:
36:46:2e:73:15:a5:07:5d:a6:26:25:94:3a:f7:39:
68:96:9e:6e:16:ba:72:fa:32:bd:a9:20:e5:f7:cc:
48:65:0f:47:72:3a:1a:d0:9b:7f:42:f5:55:45:f9:
dd:81:a8:55:9a:49:6d:17:38:58:ea:f0:dd:9e:e3:
60:f5:5e:ea:5c:03:d9:f4:f6:40:a9:85:b0:78:93:
35:1d:e5:0d:fa:46:a5:50:24:8d:96:4d:d0:c0:2e:
d9:15:bf:04:13:47:1f:cc:4a:6d:48:f8:e8:69:7c:
bb:1e:71:6b:b8:29:28:66:c2:48:61:ec:51:92:db:
b6:57:d1:1b:a4:74:57:21:19:48:cb:06:c8:77:17:
7e:39:2a:d4:d9:10:4a:69:a6:82:26:c0:03:4a:58:
78:ac:aa:de:0b:74:5e:5f:91:f7:03:89:b7:17:c9:
35:7f:fc:f5:b0:0f:ca:e5:7d:0b:f9:92:40:6e:a5:
b3:65:6f:c2:19:f6:0f:8d:2c:98:fa:70:b5:80:67:
2c:ba:e1:2a:52:67:21:06:52:a1:61:5c:8f:e7:01:
3f:51:c0:76:28:ae:da:96:9f:1f:bf:f2:78:93:f4:
51:ab:82:e9:41:d1:a2:ee:1f:57:c9:70:4d:2a:7f:
04:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:5F:A3:23:49:68:CE:88:4C:56:18:F9:7E:19:54:6E:9D:89:EF:E3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a732efb-e23f-49a4-ad51-1a43431e07c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:9000::/40
Signature Algorithm: sha256WithRSAEncryption
90:51:a0:be:ec:df:2e:dd:3a:a8:cc:d3:f8:72:37:79:13:72:
1b:80:5e:79:9a:27:89:fb:81:a9:5b:42:47:0e:f7:e4:25:6e:
9e:47:9f:bc:a3:5c:60:bc:23:04:9f:53:7b:e1:1c:52:91:88:
16:27:47:ba:21:d5:cf:99:a4:9f:83:05:8c:c5:57:26:3b:04:
10:7a:a4:90:8f:69:a2:b3:a5:dc:49:88:5a:fe:65:97:b0:13:
20:b2:0c:5d:25:59:38:36:e0:f6:91:6e:48:17:dd:46:01:a0:
10:b7:59:80:5b:cf:63:8c:34:77:1c:57:43:38:ba:40:c5:63:
a2:b6:45:4f:85:6f:a6:fe:76:6d:0c:52:48:93:c2:a6:e1:50:
91:43:ec:27:cc:c0:2d:05:24:a0:b4:27:6c:9e:09:5e:4d:ec:
f8:4c:63:c7:a9:92:bb:31:3a:bd:a6:ce:dd:26:88:46:d7:52:
01:35:94:d8:93:f8:71:03:98:bd:e0:1f:3c:42:98:dd:62:b6:
e1:2c:96:47:d7:52:da:e3:2e:6c:c2:06:23:40:e1:bc:e2:7d:
81:2d:9d:a4:fe:eb:66:02:85:ca:89:4f:92:30:3e:7e:f8:03:
d8:92:ae:07:ee:5b:86:d6:95:63:b7:c7:35:8b:fb:fb:e5:9c:
ce:02:97:d0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbZzfwl5tMhrFokniAv515fDWgO0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGExN2IxNTRjZjE2N2E3YzJlMWJjMzEyMDkxMWNmZWRjMDRjMzQwNzRlMzc0
ZDliMmZiNTU3YmJiNTk0MDMzMDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALk1u43GmLaapaitxWubNkYucxWlB12mJiWUOvc5aJaebha6cvoyvakg5ffM
SGUPR3I6GtCbf0L1VUX53YGoVZpJbRc4WOrw3Z7jYPVe6lwD2fT2QKmFsHiTNR3l
DfpGpVAkjZZN0MAu2RW/BBNHH8xKbUj46Gl8ux5xa7gpKGbCSGHsUZLbtlfRG6R0
VyEZSMsGyHcXfjkq1NkQSmmmgibAA0pYeKyq3gt0Xl+R9wOJtxfJNX/89bAPyuV9
C/mSQG6ls2Vvwhn2D40smPpwtYBnLLrhKlJnIQZSoWFcj+cBP1HAdiiu2pafH7/y
eJP0UauC6UHRou4fV8lwTSp/BDMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQlX6Mj
SWjOiExWGPl+GVRunYnv4zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWE3MzJlZmItZTIzZi00OWE0LWFkNTEtMWE0MzQzMWUwN2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DSQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCQUaC+7N8u3TqozNP4cjd5E3IbgF55mieJ+4Gp
W0JHDvfkJW6eR5+8o1xgvCMEn1N74RxSkYgWJ0e6IdXPmaSfgwWMxVcmOwQQeqSQ
j2mis6XcSYha/mWXsBMgsgxdJVk4NuD2kW5IF91GAaAQt1mAW89jjDR3HFdDOLpA
xWOitkVPhW+m/nZtDFJIk8Km4VCRQ+wnzMAtBSSgtCdsngleTez4TGPHqZK7MTq9
ps7dJohG11IBNZTYk/hxA5i94B88QpjdYrbhLJZH11La4y5swgYjQOG84n2BLZ2k
/utmAoXKiU+SMD5++APYkq4H7luG1pVjt8c1i/v75ZzOApfQ
-----END CERTIFICATE-----
Generated at Fri Apr 19 01:44:15 2024 by rpki-client on console-ams.rpki-client.org