Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa
File: 9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa (raw, json)
Hash identifier: QsFG4yRc70I2TwM9mgWSpEaemW+Sm8JiOOrShECgxsk=
Subject key identifier: 19:EF:EC:1B:48:36:F0:00:1A:05:6F:CE:33:37:81:B3:16:F0:17:FA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 63DFEBE599020682311FF76B1E650CE7397C49D9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.104.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:df:eb:e5:99:02:06:82:31:1f:f7:6b:1e:65:0c:e7:39:7c:49:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=4afefeb14534bf4fe81e91dd731ece414bf4d51572a1446832453818609f1123, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ae:90:0f:5b:9a:7f:be:4c:0b:70:dd:ff:a2:
3f:d4:4e:cb:a7:2f:ed:5c:60:8e:d0:44:82:4e:ff:
99:89:5f:08:d3:2b:87:6b:57:e0:a8:6e:aa:0f:5d:
56:c2:2f:88:3c:79:5d:de:79:aa:b5:96:85:6e:18:
26:23:95:a9:c3:dd:f0:7a:36:eb:f7:3d:10:93:cf:
4d:a1:48:03:08:5d:67:70:88:4d:6a:b8:eb:40:e2:
60:b8:78:0e:30:d6:57:96:8f:fa:84:f3:ab:3c:c2:
48:a1:00:88:71:1f:dd:16:78:45:b2:c8:a8:79:ef:
53:ae:3a:f2:a5:4e:b6:38:55:3f:12:16:07:08:37:
05:92:e6:04:f8:7f:4e:fc:36:c5:c8:93:57:d8:e0:
4e:ad:03:63:43:c6:d6:ad:50:e8:8b:71:72:52:28:
76:0a:27:7b:e8:38:ee:21:fb:4a:f8:51:b9:67:da:
01:40:53:3c:8c:84:fc:12:3c:10:b0:3b:5c:18:78:
10:59:83:61:5d:37:c8:84:49:53:ca:45:e6:8b:30:
45:a8:c8:da:20:9b:13:a8:e5:68:3e:03:1c:5b:7a:
58:1e:e3:aa:a5:5d:41:2a:ce:c1:fc:d1:e4:79:4f:
c0:77:40:66:10:9e:f6:23:95:0c:3e:0f:29:53:91:
d1:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:EF:EC:1B:48:36:F0:00:1A:05:6F:CE:33:37:81:B3:16:F0:17:FA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.104.0/21
Signature Algorithm: sha256WithRSAEncryption
3c:f7:52:90:ac:33:86:7c:99:73:84:ce:da:21:af:57:c3:78:
c6:39:c7:6d:a8:f2:20:5b:fa:54:03:ed:2c:48:5b:69:e0:d7:
bb:6c:d4:03:6f:2a:c3:1d:b6:23:89:8d:37:56:43:55:7a:6d:
ea:0d:03:a6:03:0a:95:5a:20:31:6b:ce:e2:63:f1:86:f4:78:
e8:d3:2e:51:c3:eb:b2:b5:c0:9b:47:72:40:d1:6d:2f:88:c7:
26:cc:d5:5f:f0:bf:bc:9a:46:bb:7b:bf:19:47:1e:b5:c5:db:
e6:fa:c0:39:dc:41:b2:5e:3e:cf:ee:a1:e3:92:01:ae:c1:53:
7e:7b:71:82:88:57:a6:33:9d:f3:09:69:72:4a:5f:a0:9d:c8:
51:72:79:22:5b:69:6d:aa:b8:2d:d3:bd:e9:7e:41:9e:7f:6c:
27:ba:86:fe:48:96:08:4b:48:d2:e1:fb:4a:f2:21:13:a6:40:
57:0d:fc:b0:3c:19:98:8f:ae:1d:ae:fa:25:65:b8:2a:80:1c:
98:5a:01:36:59:86:56:7c:6f:d4:ef:11:9f:5e:b2:29:6a:fb:
ae:69:03:9a:9a:13:65:93:49:dc:a2:6e:18:fc:69:0e:76:09:
cf:a9:59:c4:99:5e:6d:39:4d:b1:11:d0:26:86:b5:aa:45:e6:
be:2a:4f:dd
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUY9/r5ZkCBoIxH/drHmUM5zl8SdkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhZmVmZWIxNDUzNGJmNGZlODFlOTFkZDczMWVjZTQxNGJmNGQ1MTU3MmEx
NDQ2ODMyNDUzODE4NjA5ZjExMjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKKukA9bmn++TAtw3f+iP9ROy6cv7VxgjtBEgk7/mYlfCNMrh2tX4Khuqg9d
VsIviDx5Xd55qrWWhW4YJiOVqcPd8Ho26/c9EJPPTaFIAwhdZ3CITWq460DiYLh4
DjDWV5aP+oTzqzzCSKEAiHEf3RZ4RbLIqHnvU6468qVOtjhVPxIWBwg3BZLmBPh/
Tvw2xciTV9jgTq0DY0PG1q1Q6ItxclIodgone+g47iH7SvhRuWfaAUBTPIyE/BI8
ELA7XBh4EFmDYV03yIRJU8pF5oswRajI2iCbE6jlaD4DHFt6WB7jqqVdQSrOwfzR
5HlPwHdAZhCe9iOVDD4PKVOR0akCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQZ7+wb
SDbwABoFb84zN4GzFvAX+jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWVlY2ZhNmQtZWIxYi00ZjExLTllZDMtNDUwYTIxYWJkYzFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgaDAN
BgkqhkiG9w0BAQsFAAOCAQEAPPdSkKwzhnyZc4TO2iGvV8N4xjnHbajyIFv6VAPt
LEhbaeDXu2zUA28qwx22I4mNN1ZDVXpt6g0DpgMKlVogMWvO4mPxhvR46NMuUcPr
srXAm0dyQNFtL4jHJszVX/C/vJpGu3u/GUcetcXb5vrAOdxBsl4+z+6h45IBrsFT
fntxgohXpjOd8wlpckpfoJ3IUXJ5Iltpbaq4LdO96X5Bnn9sJ7qG/kiWCEtI0uH7
SvIhE6ZAVw38sDwZmI+uHa76JWW4KoAcmFoBNlmGVnxv1O8Rn16yKWr7rmkDmpoT
ZZNJ3KJuGPxpDnYJz6lZxJlebTlNsRHQJoa1qkXmvipP3Q==
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:50:17 2023 by rpki-client on console-ams.rpki-client.org