Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a72cbea9-100c-4974-8211-87debb0f6fbd.roa
File: a72cbea9-100c-4974-8211-87debb0f6fbd.roa (raw, json)
Hash identifier: urZ61GvWBTGQnfVMb8RpbIoqOUZAqY6bSdINc5aj4P4=
Subject key identifier: 30:9F:8C:D5:73:1F:FB:64:AD:EB:3C:42:66:58:64:CB:5D:20:45:ED
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6D4C9AAB4383C767CF53CE1C027767E42FDD740C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a72cbea9-100c-4974-8211-87debb0f6fbd.roa
Signing time: Fri 06 Sep 2024 00:00:00 +0000
ROA not before: Fri 06 Sep 2024 00:00:00 +0000
ROA not after: Fri 11 Oct 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Sep 2024 20:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:4c:9a:ab:43:83:c7:67:cf:53:ce:1c:02:77:67:e4:2f:dd:74:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 6 00:00:00 2024 GMT
Not After : Oct 11 23:59:59 2024 GMT
Subject: serialNumber=7b6674996aaae193ea6c55c8b474e51ba249f4c62594318bcc4c9a4fd4330ecb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:67:f2:95:67:d5:55:fb:b1:89:52:30:23:f6:
55:bb:75:f0:8b:ba:07:6b:d9:46:53:ed:8f:e0:54:
33:05:18:94:02:7d:c1:c2:a6:d3:a7:0d:2e:a4:48:
00:79:4d:11:60:11:a1:e8:56:89:17:16:ee:fa:d1:
cd:03:84:96:b2:db:24:89:e5:a8:0c:95:c4:b7:45:
0e:f2:ff:70:84:ac:c1:f0:77:46:95:69:09:aa:d3:
0c:8c:bd:d6:4d:47:b5:9b:4e:8f:7a:10:33:7b:5f:
53:1a:05:fe:7e:34:97:f6:41:75:d0:b1:f3:97:01:
81:cd:b2:29:84:ad:0b:14:46:53:fa:38:2c:15:3f:
98:33:04:98:8f:81:ed:95:bd:71:64:b2:5e:61:9a:
cd:32:ab:03:37:f3:f1:6a:30:2e:e8:2b:36:f8:1a:
13:01:6f:81:9e:f9:62:96:e6:94:dc:86:26:f9:6a:
3b:11:94:ff:03:56:10:c4:1d:e0:d0:db:34:aa:00:
a8:bd:50:16:a3:4e:b1:aa:a3:7b:64:47:47:f3:6d:
0a:40:d3:b8:f9:b8:27:9a:51:9b:a1:83:4b:f5:34:
a6:75:10:75:f8:3f:fa:5e:69:a2:f4:35:90:c3:b5:
7d:b3:7a:2e:58:0b:e1:80:1a:43:4d:8c:80:4a:31:
c6:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:9F:8C:D5:73:1F:FB:64:AD:EB:3C:42:66:58:64:CB:5D:20:45:ED
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a72cbea9-100c-4974-8211-87debb0f6fbd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:8000::/40
Signature Algorithm: sha256WithRSAEncryption
a7:a4:2b:7b:5d:ac:8a:6c:43:76:46:9d:d0:f4:55:62:26:78:
5d:1d:d5:89:3f:e9:3b:d5:e6:dc:4b:bd:7e:69:ff:62:c0:d5:
69:3d:9a:37:8f:97:00:f4:d2:53:28:e0:e7:a6:42:a8:d2:78:
dc:0d:45:5a:8a:3a:d8:76:62:f2:83:4e:43:05:eb:09:f2:09:
81:50:77:e4:b4:ef:1c:5f:37:36:b9:82:a1:2e:ca:c8:3e:45:
41:db:0e:13:4e:46:08:e8:2a:80:14:70:66:a3:b7:29:b8:0c:
f7:55:61:23:da:15:30:34:b2:49:47:d5:9c:01:28:20:39:34:
3f:b4:1f:22:dd:12:4b:ef:79:83:12:ab:4e:77:da:e2:38:dc:
f3:db:f4:6f:8f:a1:d2:40:3c:42:f4:09:6e:a6:33:23:73:ef:
14:e5:d6:19:0e:2c:98:8b:7f:6b:c4:64:51:69:d7:bb:f8:cd:
8d:13:8a:93:8d:35:e1:b9:8b:d9:12:65:d2:7d:f4:a9:5f:39:
42:b7:8c:ab:1f:66:54:4d:4d:b6:7c:4e:02:c1:17:24:ae:b0:
cb:2c:4c:72:2c:4b:f8:2a:be:4c:b1:83:fe:42:e6:85:44:05:
98:6d:05:8f:82:cf:1e:9b:3c:cf:2a:7a:0b:01:31:00:04:75:
07:b9:cf:02
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbUyaq0ODx2fPU84cAndn5C/ddAwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA5MDYwMDAwMDBaFw0yNDEwMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDdiNjY3NDk5NmFhYWUxOTNlYTZjNTVjOGI0NzRlNTFiYTI0OWY0YzYyNTk0
MzE4YmNjNGM5YTRmZDQzMzBlY2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMZn8pVn1VX7sYlSMCP2Vbt18Iu6B2vZRlPtj+BUMwUYlAJ9wcKm06cNLqRI
AHlNEWARoehWiRcW7vrRzQOElrLbJInlqAyVxLdFDvL/cISswfB3RpVpCarTDIy9
1k1HtZtOj3oQM3tfUxoF/n40l/ZBddCx85cBgc2yKYStCxRGU/o4LBU/mDMEmI+B
7ZW9cWSyXmGazTKrAzfz8WowLugrNvgaEwFvgZ75YpbmlNyGJvlqOxGU/wNWEMQd
4NDbNKoAqL1QFqNOsaqje2RHR/NtCkDTuPm4J5pRm6GDS/U0pnUQdfg/+l5povQ1
kMO1fbN6LlgL4YAaQ02MgEoxxhcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQwn4zV
cx/7ZK3rPEJmWGTLXSBF7TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTcyY2JlYTktMTAwYy00OTc0LTgyMTEtODdkZWJiMGY2ZmJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FmA
MA0GCSqGSIb3DQEBCwUAA4IBAQCnpCt7XayKbEN2Rp3Q9FViJnhdHdWJP+k71ebc
S71+af9iwNVpPZo3j5cA9NJTKODnpkKo0njcDUVaijrYdmLyg05DBesJ8gmBUHfk
tO8cXzc2uYKhLsrIPkVB2w4TTkYI6CqAFHBmo7cpuAz3VWEj2hUwNLJJR9WcASgg
OTQ/tB8i3RJL73mDEqtOd9riONzz2/Rvj6HSQDxC9AlupjMjc+8U5dYZDiyYi39r
xGRRade7+M2NE4qTjTXhuYvZEmXSffSpXzlCt4yrH2ZUTU22fE4CwRckrrDLLExy
LEv4Kr5MsYP+QuaFRAWYbQWPgs8emzzPKnoLATEABHUHuc8C
-----END CERTIFICATE-----
Generated at Sat Sep 7 01:39:49 2024 by rpki-client on console-ams.rpki-client.org