Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a62f4423-d8c8-4470-b8ba-d394307f27b1.roa
File: a62f4423-d8c8-4470-b8ba-d394307f27b1.roa (raw, json)
Hash identifier: 9+DBzd2vwUlN3z62O/CC9xDA80Uk/Cn5LtY3BUbZrSk=
Subject key identifier: FD:20:E7:FF:CC:D4:19:34:31:EA:E1:73:82:1A:1F:C7:F6:4C:98:3B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 27B28AD9C950CE802D0E25D035E7446FDCE50303
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a62f4423-d8c8-4470-b8ba-d394307f27b1.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Apr 2024 08:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:b2:8a:d9:c9:50:ce:80:2d:0e:25:d0:35:e7:44:6f:dc:e5:03:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=0632542b9d9e317c246ff4e334e0ab1438062f2c397261add4e4cbe0583c2081, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:c6:02:fa:96:ec:56:02:56:0b:65:91:4c:46:
e8:c8:59:ef:4e:59:be:75:37:2a:0f:b5:28:15:be:
c9:ea:16:79:bb:c3:f3:12:d5:8c:33:86:8f:3f:0e:
55:55:2f:d4:20:68:20:2c:bd:f5:06:50:ae:af:e3:
02:c9:f5:89:4b:0e:bd:c6:60:ef:b1:54:d6:5e:b7:
ff:d8:77:c5:12:27:54:b8:c8:40:b0:0a:c6:c8:90:
72:84:38:fd:b5:52:53:83:06:50:e8:22:c6:27:be:
3f:2e:45:f9:8a:00:36:bf:70:f8:9b:65:04:bb:46:
4b:87:cc:f0:fa:72:41:4f:56:70:5f:40:b2:ee:8d:
fd:8c:3b:0a:76:83:20:ff:56:18:b5:cd:33:29:b6:
c3:39:b4:36:f1:1b:df:4f:41:0b:a1:aa:38:f7:82:
ed:b6:c5:b7:18:10:30:20:c9:f8:84:e4:af:20:d2:
7e:80:4f:e2:74:cb:e3:fe:99:72:85:04:e3:0c:86:
fb:23:35:df:1f:b8:15:03:2f:9f:4e:b7:16:e0:9e:
c8:4d:b0:e9:4f:e0:bd:fa:f2:8f:75:b5:1c:8b:d2:
d9:37:62:3b:17:08:b1:e3:26:2a:ac:ba:74:0d:89:
42:e8:db:c7:ac:ae:b0:3a:a4:35:5f:d9:af:c1:08:
45:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:20:E7:FF:CC:D4:19:34:31:EA:E1:73:82:1A:1F:C7:F6:4C:98:3B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a62f4423-d8c8-4470-b8ba-d394307f27b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:2000::/40
Signature Algorithm: sha256WithRSAEncryption
b7:b8:28:d7:16:ef:c2:2c:60:6f:54:c2:47:48:b4:48:3c:fd:
54:de:d8:5b:4c:4b:a0:3f:35:4f:9f:87:5d:dc:e3:c7:c2:b7:
27:05:25:62:4b:3a:38:2e:9f:a6:c2:fa:3d:1d:bc:30:fc:26:
bd:56:72:c3:75:81:1c:c9:25:7a:89:a8:e6:0e:39:d5:78:9f:
ed:9d:75:fe:f3:53:91:0b:09:e3:79:d3:8a:9e:06:d8:7a:af:
67:cf:f0:19:40:37:8d:66:c1:70:a6:bb:e1:39:e8:c0:29:67:
87:1b:6d:1b:ef:48:84:1c:bd:f8:93:ac:0f:ec:3a:6c:35:e3:
87:0c:74:7e:c4:4e:b9:ca:94:73:95:a0:f2:6e:af:f4:93:c1:
c1:d5:7b:95:5e:78:dc:16:92:c7:50:6a:33:6b:6c:8a:b7:b7:
ad:8f:6d:7e:66:67:9d:41:98:cf:df:d6:8c:65:f1:4a:32:e9:
af:43:fc:db:23:06:53:18:e5:ba:65:39:6a:d6:cc:dc:ea:e3:
45:24:86:1b:36:75:d0:af:d4:ed:8b:4c:84:49:b0:f7:93:51:
8a:86:9c:cd:a8:5e:e4:68:aa:53:21:69:3b:5c:bf:c0:3d:32:
4b:81:a6:d2:ba:6f:cd:fd:31:47:7b:0c:7f:e1:fa:f0:44:97:
a9:d3:fc:af
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJ7KK2clQzoAtDiXQNedEb9zlAwMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2MzI1NDJiOWQ5ZTMxN2MyNDZmZjRlMzM0ZTBhYjE0MzgwNjJmMmMzOTcy
NjFhZGQ0ZTRjYmUwNTgzYzIwODExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANrGAvqW7FYCVgtlkUxG6MhZ705ZvnU3Kg+1KBW+yeoWebvD8xLVjDOGjz8O
VVUv1CBoICy99QZQrq/jAsn1iUsOvcZg77FU1l63/9h3xRInVLjIQLAKxsiQcoQ4
/bVSU4MGUOgixie+Py5F+YoANr9w+JtlBLtGS4fM8PpyQU9WcF9Asu6N/Yw7CnaD
IP9WGLXNMym2wzm0NvEb309BC6GqOPeC7bbFtxgQMCDJ+ITkryDSfoBP4nTL4/6Z
coUE4wyG+yM13x+4FQMvn063FuCeyE2w6U/gvfryj3W1HIvS2TdiOxcIseMmKqy6
dA2JQujbx6yusDqkNV/Zr8EIRTkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT9IOf/
zNQZNDHq4XOCGh/H9kyYOzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTYyZjQ0MjMtZDhjOC00NDcwLWI4YmEtZDM5NDMwN2YyN2IxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H8g
MA0GCSqGSIb3DQEBCwUAA4IBAQC3uCjXFu/CLGBvVMJHSLRIPP1U3thbTEugPzVP
n4dd3OPHwrcnBSViSzo4Lp+mwvo9Hbww/Ca9VnLDdYEcySV6iajmDjnVeJ/tnXX+
81ORCwnjedOKngbYeq9nz/AZQDeNZsFwprvhOejAKWeHG20b70iEHL34k6wP7Dps
NeOHDHR+xE65ypRzlaDybq/0k8HB1XuVXnjcFpLHUGoza2yKt7etj21+ZmedQZjP
39aMZfFKMumvQ/zbIwZTGOW6ZTlq1szc6uNFJIYbNnXQr9Tti0yESbD3k1GKhpzN
qF7kaKpTIWk7XL/APTJLgabSum/N/TFHewx/4frwRJep0/yv
-----END CERTIFICATE-----
Generated at Fri Apr 26 11:00:58 2024 by rpki-client on console-ams.rpki-client.org