Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a62f4423-d8c8-4470-b8ba-d394307f27b1.roa
File: a62f4423-d8c8-4470-b8ba-d394307f27b1.roa (raw, json)
Hash identifier: WneLBjpoZv2nL3Rv+cwDDsvcOuBHtLltFowBsd3mn9A=
Subject key identifier: DA:15:82:D3:FC:05:B2:2A:DF:94:7D:DF:74:8E:D2:8E:3B:63:0C:BA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6D75231DB3AF3B58059E0853F87F258C09A1DB83
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a62f4423-d8c8-4470-b8ba-d394307f27b1.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:75:23:1d:b3:af:3b:58:05:9e:08:53:f8:7f:25:8c:09:a1:db:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=987a826cba984669f1c89f5e48b07bc6f5df568fc635ab44e8aa42af2202b95b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:8d:bd:3b:ba:70:af:2a:7d:79:f0:5c:09:44:
c2:36:ad:72:fb:7a:6b:ed:24:83:f2:ec:ac:01:b4:
10:40:ad:7b:5a:5b:88:0e:83:39:64:56:98:f7:0b:
73:10:67:a8:dd:3b:32:af:cf:a9:22:fa:e7:8d:fb:
a7:ac:5e:83:e6:a3:9e:5c:1c:7c:bf:04:16:5d:fb:
18:aa:aa:b2:ab:30:ce:b9:ff:33:34:e9:1c:90:97:
1b:7f:e7:ab:60:90:af:de:d8:7d:2b:ac:61:1a:fd:
3c:54:60:3b:e4:cc:a2:a3:3a:2f:c5:00:74:b3:a3:
ed:71:ad:f4:e5:eb:82:94:6f:50:86:1f:15:d9:62:
64:e1:1b:5e:c8:ee:7d:de:69:43:82:d4:3b:e9:87:
f2:5e:fc:6e:a6:0c:c6:b4:50:7b:2f:92:32:4b:c3:
4a:40:20:b5:24:5a:92:e4:bd:36:a2:8d:de:b1:7c:
cd:31:ff:40:c7:73:b4:b9:fa:68:ff:90:15:1b:2e:
a7:35:b0:0c:47:9d:6f:6b:be:86:6e:ef:87:0f:c9:
22:8c:53:53:2f:19:a7:b2:36:7b:46:2c:4f:79:35:
9c:83:09:42:5e:60:c3:76:23:d0:55:29:29:64:67:
81:e8:eb:d8:ce:53:42:3c:f0:e3:9b:0f:85:b7:a3:
d0:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:15:82:D3:FC:05:B2:2A:DF:94:7D:DF:74:8E:D2:8E:3B:63:0C:BA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a62f4423-d8c8-4470-b8ba-d394307f27b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:2000::/40
Signature Algorithm: sha256WithRSAEncryption
37:0d:ac:00:f6:d9:b9:9f:f0:b0:6b:83:28:e5:e5:92:33:f3:
f8:45:27:e1:67:d4:a8:27:97:35:6b:a0:73:cd:45:c4:bb:79:
03:e3:95:ea:c4:c2:11:ad:5d:b5:f1:4f:ad:6f:0f:92:69:c3:
f6:12:1a:f8:03:75:31:24:48:29:b6:76:ec:1a:d8:87:15:86:
87:c1:97:35:e3:fe:f2:eb:6e:51:9c:c0:38:91:3c:bd:79:22:
e2:4c:47:ad:84:d0:5c:e7:36:6b:97:7e:23:8b:d8:5b:5b:fd:
1c:ef:61:a0:0d:c9:dc:22:e9:ae:c0:6e:e9:87:90:49:e5:a9:
76:8d:30:0d:4d:f9:12:22:9c:82:cf:43:e5:8f:d7:ec:d8:dd:
9e:6b:5a:ea:e6:81:ea:07:8f:92:c8:54:86:16:50:78:95:1b:
40:a8:6f:24:c8:80:c5:7c:f7:a3:29:1b:d1:b9:0a:da:7f:92:
f0:ba:f9:ea:f2:f9:49:4d:2d:99:3f:b0:bc:a8:8a:20:7a:c1:
57:27:ed:da:5e:1b:3c:59:f9:6d:64:ed:11:33:a5:9e:ac:48:
2b:94:b6:86:8d:af:76:e0:ea:6d:2b:9f:07:df:de:e0:8c:c1:
6f:d4:94:b3:b1:04:94:bf:2d:42:c3:8a:1d:27:be:51:2b:d6:
ed:bf:52:61
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbXUjHbOvO1gFnghT+H8ljAmh24MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDk4N2E4MjZjYmE5ODQ2NjlmMWM4OWY1ZTQ4YjA3YmM2ZjVkZjU2OGZjNjM1
YWI0NGU4YWE0MmFmMjIwMmI5NWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKONvTu6cK8qfXnwXAlEwjatcvt6a+0kg/LsrAG0EECte1pbiA6DOWRWmPcL
cxBnqN07Mq/PqSL65437p6xeg+ajnlwcfL8EFl37GKqqsqswzrn/MzTpHJCXG3/n
q2CQr97YfSusYRr9PFRgO+TMoqM6L8UAdLOj7XGt9OXrgpRvUIYfFdliZOEbXsju
fd5pQ4LUO+mH8l78bqYMxrRQey+SMkvDSkAgtSRakuS9NqKN3rF8zTH/QMdztLn6
aP+QFRsupzWwDEedb2u+hm7vhw/JIoxTUy8Zp7I2e0YsT3k1nIMJQl5gw3Yj0FUp
KWRngejr2M5TQjzw45sPhbej0L8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTaFYLT
/AWyKt+Ufd90jtKOO2MMujAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTYyZjQ0MjMtZDhjOC00NDcwLWI4YmEtZDM5NDMwN2YyN2IxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H8g
MA0GCSqGSIb3DQEBCwUAA4IBAQA3DawA9tm5n/Cwa4Mo5eWSM/P4RSfhZ9SoJ5c1
a6BzzUXEu3kD45XqxMIRrV218U+tbw+SacP2Ehr4A3UxJEgptnbsGtiHFYaHwZc1
4/7y625RnMA4kTy9eSLiTEethNBc5zZrl34ji9hbW/0c72GgDcncIumuwG7ph5BJ
5al2jTANTfkSIpyCz0Plj9fs2N2ea1rq5oHqB4+SyFSGFlB4lRtAqG8kyIDFfPej
KRvRuQraf5Lwuvnq8vlJTS2ZP7C8qIogesFXJ+3aXhs8WfltZO0RM6WerEgrlLaG
ja924OptK58H397gjMFv1JSzsQSUvy1Cw4odJ75RK9btv1Jh
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:33 2024 by rpki-client on console-ams.rpki-client.org