Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a380f4dc-ddaf-44f7-adac-c908e52ec48c.roa
File: a380f4dc-ddaf-44f7-adac-c908e52ec48c.roa (raw, json)
Hash identifier: SObpBQlfPR31Evnb1Qct8KwtQ+UWA7hT5yD0TRIIrHs=
Subject key identifier: C5:1B:9A:5D:04:4A:96:1B:B4:2C:14:0F:B3:01:70:9B:7B:43:B4:F5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 19677B9C7F44D3B33DEC21B18122AD64C275B16C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a380f4dc-ddaf-44f7-adac-c908e52ec48c.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:67:7b:9c:7f:44:d3:b3:3d:ec:21:b1:81:22:ad:64:c2:75:b1:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=34c2548937cd14d8086536abc554b8b8a6c74a44d43aee23d081d1caf9c0a3a7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:a2:b9:e9:21:8d:ce:f0:43:56:66:06:8d:2c:
5c:16:59:15:98:ff:3e:d8:ad:f5:f2:c3:74:fc:30:
67:3c:fd:83:81:66:c6:d1:17:42:36:fe:ce:5d:f0:
8e:f4:6a:6e:a2:13:cf:56:be:da:87:24:2f:11:21:
40:a7:d8:6a:83:63:8a:9c:3c:0f:37:9b:26:b7:71:
41:00:6d:d5:2d:62:ce:64:a4:62:35:86:e6:75:74:
93:fa:60:9b:ae:d4:f6:db:24:a9:06:d1:2a:00:31:
0a:69:24:b9:b5:c5:91:d7:44:28:f8:75:45:49:51:
12:cc:d6:60:8c:0a:e7:93:54:50:42:4e:99:3d:b3:
aa:ba:44:29:00:61:3f:87:19:ad:d2:30:b1:83:b8:
38:e6:a8:ff:f9:fa:d4:93:75:ae:06:7d:32:24:c5:
79:d7:ff:65:57:3b:2a:68:e3:dd:79:24:c6:15:d3:
7f:7e:b6:fd:62:c6:70:a9:ea:59:37:53:c5:f9:c9:
12:cd:20:12:ca:02:31:81:24:9c:df:8c:82:98:de:
c0:f1:8a:9a:5d:d0:85:27:21:4d:7f:8e:a9:39:45:
4a:12:7f:d4:6e:5e:86:66:ec:90:c4:6c:f8:ab:5f:
2a:08:67:d9:14:7d:6f:05:24:4d:10:87:5c:0f:1a:
98:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:1B:9A:5D:04:4A:96:1B:B4:2C:14:0F:B3:01:70:9B:7B:43:B4:F5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a380f4dc-ddaf-44f7-adac-c908e52ec48c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:1000::/40
Signature Algorithm: sha256WithRSAEncryption
23:dd:01:d1:5d:d1:61:d4:cc:55:90:b4:0a:af:af:98:2b:c5:
68:fa:94:fe:14:9d:81:ec:1c:e3:3d:0d:8a:0f:53:a1:3c:7a:
21:ed:0e:d3:e5:ad:76:c3:04:76:7c:74:26:fc:8c:a5:7b:40:
8f:9b:51:de:f9:2d:3f:d2:6b:62:09:4f:8d:3d:de:38:08:ba:
30:d2:a3:de:5e:6a:91:61:9f:78:4b:53:cb:85:e1:38:13:ab:
1d:cb:25:99:6a:b8:84:4c:b3:8b:85:f3:30:c7:bc:f1:21:29:
f2:a6:17:bc:c8:c6:73:71:d0:67:57:be:d7:45:a3:ac:cb:b9:
85:44:96:cd:18:35:b9:7e:65:86:44:36:72:27:8f:5b:55:99:
f8:bb:06:7e:c0:ca:1b:9f:5c:58:fa:dc:a1:87:56:c9:8a:25:
cf:47:9c:1f:0a:3e:9b:c7:ac:65:b9:d9:4c:12:33:b0:42:6f:
37:b5:21:fd:93:13:04:a6:dc:da:d1:5e:ce:9f:43:56:03:42:
1e:3e:24:de:86:08:d4:e0:4c:68:d4:50:7b:97:17:04:13:d9:
b5:c3:14:58:33:e9:0c:64:92:ce:18:cf:24:7f:50:e9:37:54:
d2:15:69:1b:e7:b9:b2:a2:a7:8a:26:22:f5:e0:a7:02:f6:5d:
a5:9c:df:b8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGWd7nH9E07M97CGxgSKtZMJ1sWwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDM0YzI1NDg5MzdjZDE0ZDgwODY1MzZhYmM1NTRiOGI4YTZjNzRhNDRkNDNh
ZWUyM2QwODFkMWNhZjljMGEzYTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM+iuekhjc7wQ1ZmBo0sXBZZFZj/Ptit9fLDdPwwZzz9g4FmxtEXQjb+zl3w
jvRqbqITz1a+2ockLxEhQKfYaoNjipw8DzebJrdxQQBt1S1izmSkYjWG5nV0k/pg
m67U9tskqQbRKgAxCmkkubXFkddEKPh1RUlREszWYIwK55NUUEJOmT2zqrpEKQBh
P4cZrdIwsYO4OOao//n61JN1rgZ9MiTFedf/ZVc7Kmjj3XkkxhXTf362/WLGcKnq
WTdTxfnJEs0gEsoCMYEknN+MgpjewPGKml3QhSchTX+OqTlFShJ/1G5ehmbskMRs
+KtfKghn2RR9bwUkTRCHXA8amB8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTFG5pd
BEqWG7QsFA+zAXCbe0O09TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTM4MGY0ZGMtZGRhZi00NGY3LWFkYWMtYzkwOGU1MmVjNDhjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DUQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAj3QHRXdFh1MxVkLQKr6+YK8Vo+pT+FJ2B7Bzj
PQ2KD1OhPHoh7Q7T5a12wwR2fHQm/Iyle0CPm1He+S0/0mtiCU+NPd44CLow0qPe
XmqRYZ94S1PLheE4E6sdyyWZariETLOLhfMwx7zxISnyphe8yMZzcdBnV77XRaOs
y7mFRJbNGDW5fmWGRDZyJ49bVZn4uwZ+wMobn1xY+tyhh1bJiiXPR5wfCj6bx6xl
udlMEjOwQm83tSH9kxMEptza0V7On0NWA0IePiTehgjU4Exo1FB7lxcEE9m1wxRY
M+kMZJLOGM8kf1DpN1TSFWkb57myoqeKJiL14KcC9l2lnN+4
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:50:17 2023 by rpki-client on console-ams.rpki-client.org