Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a039a10b-545b-441d-bef2-b67325de50a1.roa
File: a039a10b-545b-441d-bef2-b67325de50a1.roa (raw, json)
Hash identifier: NBHZ4S0aMG9Cp/oIRDUxfCyrgw7Qhyzx1WfA47mpZEQ=
Subject key identifier: B3:46:20:DE:E5:FE:1C:8F:D3:FE:33:80:CB:0D:D0:E3:5E:04:68:21
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 62FF459662F80C914400DD883A30D94831F31FC0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a039a10b-545b-441d-bef2-b67325de50a1.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:ff:45:96:62:f8:0c:91:44:00:dd:88:3a:30:d9:48:31:f3:1f:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=09dad93edcd0e70440222f80849e8568ba155c50eb12a2aad85efdfffc371513, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a9:9b:e7:c8:23:3f:01:c2:64:15:23:02:ef:
8b:7e:a5:1d:7e:84:85:67:c9:c6:0b:10:5d:81:16:
88:c2:11:68:01:92:6d:a7:b2:e1:c5:6b:a1:8e:42:
13:b1:75:a0:01:ec:7e:af:74:d7:b8:ec:46:ce:bc:
9a:d2:8c:63:bc:ef:5c:3c:73:84:08:7e:ef:47:56:
9b:52:c0:01:e0:63:f7:a7:00:5c:52:1a:0c:a6:3e:
91:22:00:1f:1f:44:d0:56:99:be:55:f6:5b:b8:9c:
47:fa:f5:5c:4f:b7:35:c2:1e:2d:03:ed:7f:b8:d5:
a8:3d:7f:b4:04:96:1a:39:4d:05:81:d4:08:f0:ce:
97:84:a9:4a:da:71:4f:59:6c:52:be:c9:34:76:b8:
b4:84:b8:76:cb:ff:f3:4a:a8:2a:4c:34:64:db:d5:
05:4f:a3:6d:44:ed:a7:9f:7d:74:91:ad:b8:31:b7:
aa:18:24:5c:ae:2a:c5:cd:9b:e7:ad:d8:b0:47:a8:
fb:0f:13:d4:9a:d6:09:47:66:e7:95:91:13:06:9a:
91:6a:3b:32:22:48:83:bc:18:28:b3:b5:7f:9f:76:
72:a9:ee:9d:e2:26:62:b8:22:bb:40:46:34:87:5b:
d6:e4:9d:1a:3a:3c:7f:08:4e:10:6a:4e:9d:ba:cf:
d7:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:46:20:DE:E5:FE:1C:8F:D3:FE:33:80:CB:0D:D0:E3:5E:04:68:21
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a039a10b-545b-441d-bef2-b67325de50a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:6000::/40
Signature Algorithm: sha256WithRSAEncryption
0e:d0:23:bf:31:70:bf:0d:6f:ff:88:fa:9f:20:ff:81:8c:66:
5c:4d:87:d3:43:f6:ef:5d:0c:e5:04:1e:91:13:97:1c:2a:48:
ee:b7:96:01:86:b8:e5:a3:b3:04:1f:41:a0:0a:f3:3c:29:6a:
d7:11:6e:bb:44:d4:de:c1:ce:a3:65:e2:bf:73:a8:be:7a:1f:
f5:3a:15:e4:ca:1a:17:96:ba:cf:b3:90:a8:0e:b7:95:37:8d:
cd:5c:dd:fd:8a:d8:10:8b:b0:e2:5f:96:4c:e2:de:95:be:22:
2f:2d:9a:b7:f1:59:35:98:6d:2c:3d:76:d2:30:13:03:d0:0a:
69:f3:94:80:74:06:bc:be:71:fb:c7:83:b2:cc:b2:de:9b:4e:
8e:f4:ac:b2:1f:5a:fb:15:23:b1:b4:8f:3f:47:c5:f3:f4:aa:
95:c4:ef:b1:3b:bc:08:e5:5c:2f:69:54:7a:2c:3b:ba:5d:17:
a6:f1:93:96:4d:fa:9e:5e:f2:80:22:c8:06:2b:0c:8c:fb:c6:
96:75:73:a3:c2:bf:dc:b4:7e:ca:25:f9:88:e2:77:85:f4:ba:
5c:79:71:6f:7c:5e:b9:2e:32:b8:8c:c2:35:03:47:f7:d9:3c:
95:ea:eb:cd:09:17:06:64:09:a7:f4:d3:30:c6:56:a6:4e:4f:
14:92:d6:f4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYv9FlmL4DJFEAN2IOjDZSDHzH8AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5ZGFkOTNlZGNkMGU3MDQ0MDIyMmY4MDg0OWU4NTY4YmExNTVjNTBlYjEy
YTJhYWQ4NWVmZGZmZmMzNzE1MTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJSpm+fIIz8BwmQVIwLvi36lHX6EhWfJxgsQXYEWiMIRaAGSbaey4cVroY5C
E7F1oAHsfq9017jsRs68mtKMY7zvXDxzhAh+70dWm1LAAeBj96cAXFIaDKY+kSIA
Hx9E0FaZvlX2W7icR/r1XE+3NcIeLQPtf7jVqD1/tASWGjlNBYHUCPDOl4SpStpx
T1lsUr7JNHa4tIS4dsv/80qoKkw0ZNvVBU+jbUTtp599dJGtuDG3qhgkXK4qxc2b
563YsEeo+w8T1JrWCUdm55WREwaakWo7MiJIg7wYKLO1f592cqnuneImYrgiu0BG
NIdb1uSdGjo8fwhOEGpOnbrP10cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSzRiDe
5f4cj9P+M4DLDdDjXgRoITAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTAzOWExMGItNTQ1Yi00NDFkLWJlZjItYjY3MzI1ZGU1MGExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FBg
MA0GCSqGSIb3DQEBCwUAA4IBAQAO0CO/MXC/DW//iPqfIP+BjGZcTYfTQ/bvXQzl
BB6RE5ccKkjut5YBhrjlo7MEH0GgCvM8KWrXEW67RNTewc6jZeK/c6i+eh/1OhXk
yhoXlrrPs5CoDreVN43NXN39itgQi7DiX5ZM4t6VviIvLZq38Vk1mG0sPXbSMBMD
0App85SAdAa8vnH7x4OyzLLem06O9KyyH1r7FSOxtI8/R8Xz9KqVxO+xO7wI5Vwv
aVR6LDu6XRem8ZOWTfqeXvKAIsgGKwyM+8aWdXOjwr/ctH7KJfmI4neF9LpceXFv
fF65LjK4jMI1A0f32TyV6uvNCRcGZAmn9NMwxlamTk8Uktb0
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:50:17 2023 by rpki-client on console-ams.rpki-client.org