Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa
File: 9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa (raw, json)
Hash identifier: w7Pcb0f+SsbyBaEKbKUca/YItyqsgd1HhJLq+tWoxX4=
Subject key identifier: 87:6C:14:AF:E8:16:1C:9A:CA:D0:02:60:26:49:56:DC:FC:52:87:A6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6DC586A642977F027294311F0649D990104E8DD0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:c5:86:a6:42:97:7f:02:72:94:31:1f:06:49:d9:90:10:4e:8d:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=a4d1124f543c2f3be76b54f2d22db51a201faadab6e169d1e6805fbce879d2b6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:7f:0b:6f:59:39:8e:8e:f5:1c:a2:a3:d5:11:
8d:56:1f:e8:91:08:a6:60:cb:88:37:0e:85:df:0a:
7a:3c:25:ad:75:1d:c1:11:ae:55:c3:a0:a0:c3:23:
dd:64:36:b8:59:89:49:a5:3f:2b:b0:1d:1e:12:a6:
a2:99:80:af:69:6d:f6:82:89:d6:15:c9:96:28:22:
e6:2c:01:9a:32:05:71:01:79:b3:9e:6b:05:5e:1e:
78:c2:5f:6e:3d:98:77:66:73:84:02:69:33:3a:6a:
61:1f:79:0b:2c:1d:7d:53:5d:a9:dc:80:b3:37:9d:
ec:11:30:f7:91:01:82:0e:47:c6:ad:af:2f:45:19:
8e:53:cc:5c:91:cc:47:e2:d1:d7:04:dd:b0:1e:c7:
99:d8:a7:df:5d:7c:28:48:69:e4:f5:58:72:99:f3:
1b:ce:39:18:8f:21:2a:29:76:66:96:dd:63:43:8f:
45:88:44:f9:9a:9a:2f:8f:aa:ed:db:96:8b:45:37:
b6:ef:e9:b0:5c:d2:46:6b:45:71:2a:84:f7:15:59:
77:8e:6e:80:b2:9a:b6:0a:0e:9a:d1:31:2d:d4:fe:
a2:9e:b3:12:b6:98:fb:26:6b:59:43:5f:31:71:54:
dc:7c:08:b8:1a:13:18:c8:db:bb:75:d3:50:d8:e5:
37:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:6C:14:AF:E8:16:1C:9A:CA:D0:02:60:26:49:56:DC:FC:52:87:A6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:a000::/40
Signature Algorithm: sha256WithRSAEncryption
04:73:37:b8:66:00:a1:0c:92:d5:d0:cb:87:cd:d4:c9:fa:33:
f3:c3:fc:d0:5b:45:66:e4:32:7f:a7:f8:35:af:e3:10:68:a3:
54:f2:52:38:17:f2:32:85:b4:18:9b:55:60:e2:8a:14:35:f7:
54:0d:43:89:86:f5:6c:b0:5a:60:e7:4c:a6:f2:d6:0f:ac:da:
2a:f6:07:33:75:39:d4:71:1f:67:28:a1:44:c4:10:72:9a:7d:
a3:84:0b:a6:31:c6:de:fa:e5:16:0f:a0:da:81:ff:6f:11:d6:
f1:d8:ea:7f:6e:f2:8b:d9:6c:0e:93:7d:ce:a7:62:82:ed:aa:
c6:6c:b1:80:52:e4:d3:b5:75:03:62:b9:a1:e4:f9:05:2d:f2:
67:90:99:b6:ca:82:09:c8:fe:d6:3b:b8:97:5a:3c:58:ad:8f:
66:53:22:85:cb:29:b9:17:40:2d:45:6d:3e:8d:0e:5e:7a:41:
11:04:f0:ce:2b:ad:47:1e:02:f9:9b:e2:97:fe:da:b7:93:8e:
b5:9d:4c:29:ed:76:c0:2e:ce:e1:23:9c:f5:4b:2a:24:03:2d:
60:a5:1e:24:7e:b5:64:ba:9f:e4:7d:f8:ae:6c:82:e7:81:4f:
5c:7e:fa:a5:0a:3a:82:4b:32:88:08:7c:d8:48:d2:b8:30:18:
24:29:c2:d7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbcWGpkKXfwJylDEfBknZkBBOjdAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGE0ZDExMjRmNTQzYzJmM2JlNzZiNTRmMmQyMmRiNTFhMjAxZmFhZGFiNmUx
NjlkMWU2ODA1ZmJjZTg3OWQyYjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM1/C29ZOY6O9Ryio9URjVYf6JEIpmDLiDcOhd8KejwlrXUdwRGuVcOgoMMj
3WQ2uFmJSaU/K7AdHhKmopmAr2lt9oKJ1hXJligi5iwBmjIFcQF5s55rBV4eeMJf
bj2Yd2ZzhAJpMzpqYR95CywdfVNdqdyAszed7BEw95EBgg5Hxq2vL0UZjlPMXJHM
R+LR1wTdsB7Hmdin3118KEhp5PVYcpnzG845GI8hKil2ZpbdY0OPRYhE+ZqaL4+q
7duWi0U3tu/psFzSRmtFcSqE9xVZd45ugLKatgoOmtExLdT+op6zEraY+yZrWUNf
MXFU3HwIuBoTGMjbu3XTUNjlN/0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSHbBSv
6BYcmsrQAmAmSVbc/FKHpjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWQyZWEyYWEtZDQwYS00OWE3LWFiMDAtNDRmZjVkYmY3MjliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGg
MA0GCSqGSIb3DQEBCwUAA4IBAQAEcze4ZgChDJLV0MuHzdTJ+jPzw/zQW0Vm5DJ/
p/g1r+MQaKNU8lI4F/IyhbQYm1Vg4ooUNfdUDUOJhvVssFpg50ym8tYPrNoq9gcz
dTnUcR9nKKFExBBymn2jhAumMcbe+uUWD6Dagf9vEdbx2Op/bvKL2WwOk33Op2KC
7arGbLGAUuTTtXUDYrmh5PkFLfJnkJm2yoIJyP7WO7iXWjxYrY9mUyKFyym5F0At
RW0+jQ5eekERBPDOK61HHgL5m+KX/tq3k461nUwp7XbALs7hI5z1SyokAy1gpR4k
frVkup/kffiubILngU9cfvqlCjqCSzKICHzYSNK4MBgkKcLX
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:32:02 2023 by rpki-client on console-fra.rpki-client.org