Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a76c4bf7-5d73-44e2-9678-e0f57175e417.roa
File: a76c4bf7-5d73-44e2-9678-e0f57175e417.roa (raw, json)
Hash identifier: 4zHNeIuTxMxYhDzB6oqtYZf1cfKLBg7AK6/hFWk3VIQ=
Subject key identifier: 6A:FE:1C:B3:55:C4:7C:30:98:9D:7E:62:8F:F2:54:D6:95:99:C9:36
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 10D0853EFD779806727B4A98F94682E0502C5005
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a76c4bf7-5d73-44e2-9678-e0f57175e417.roa
Signing time: Wed 04 Oct 2023 00:00:00 +0000
ROA not before: Wed 04 Oct 2023 00:00:00 +0000
ROA not after: Wed 08 Nov 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014::/35 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Oct 2023 16:56:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:d0:85:3e:fd:77:98:06:72:7b:4a:98:f9:46:82:e0:50:2c:50:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 4 00:00:00 2023 GMT
Not After : Nov 8 23:59:59 2023 GMT
Subject: serialNumber=2489806f0dd9764818a2aec585531ece0bb12fa3a890ba8e01600a69a268bb85, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a8:d7:df:c8:61:8d:d4:c4:d7:9d:08:94:86:
e5:67:13:11:56:20:0f:6f:0f:f3:26:ca:0d:e5:47:
1d:10:95:d4:e3:d1:ab:62:70:99:59:f1:ff:0e:cc:
f0:10:14:50:d1:e5:e5:9d:b4:a8:e5:c3:92:4c:28:
76:5b:a3:b6:d1:1f:8d:81:e4:95:36:4b:8e:66:87:
3b:d3:51:ff:74:25:bb:83:2c:ff:08:aa:fd:e3:79:
d8:2b:61:8e:14:0d:b1:94:99:03:d1:89:a5:51:2d:
ba:60:a3:2f:3b:08:86:2e:70:e3:d2:c6:96:8b:1f:
af:79:48:d5:ad:8d:76:7d:82:2c:c9:2b:85:0b:37:
8f:f6:07:0e:da:8c:0f:3b:db:d8:41:e6:c5:f9:34:
f0:84:f9:9f:bd:15:4f:81:ee:87:67:79:d2:3c:d4:
a4:99:95:29:a1:ab:84:7e:b3:33:99:a9:2b:b4:97:
2f:24:b9:36:69:55:d5:5d:94:ca:c0:8b:48:fc:ce:
58:52:d7:33:20:e2:8e:87:2a:9d:5d:76:20:57:54:
51:44:83:b3:d4:9b:d3:1e:2d:7a:f8:65:27:8d:bd:
03:10:62:51:48:d6:07:13:01:6f:49:af:73:0a:2e:
ad:55:6e:8b:55:ad:1d:eb:ac:85:67:f9:c7:de:56:
9c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:FE:1C:B3:55:C4:7C:30:98:9D:7E:62:8F:F2:54:D6:95:99:C9:36
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a76c4bf7-5d73-44e2-9678-e0f57175e417.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014::/35
Signature Algorithm: sha256WithRSAEncryption
b9:87:5f:99:df:95:b7:7d:7e:2a:7e:67:11:a7:bc:db:4d:07:
aa:af:81:63:b9:11:27:3e:65:5c:7d:0e:4c:54:4b:58:5d:d0:
d0:63:6a:c3:80:b7:94:a7:fb:df:fb:ba:31:de:eb:41:7d:54:
3c:49:9a:71:06:3d:13:e3:80:9b:f0:ac:e8:d6:9c:b6:a7:a6:
40:04:7c:a7:0c:fa:c5:5c:6c:f8:b5:14:81:71:4e:d7:17:e3:
9c:12:e0:9a:85:ce:74:24:ee:c2:cc:60:05:0c:33:1c:5e:30:
31:18:8f:58:ca:e7:bf:fd:3d:70:a8:d3:d7:16:34:a5:1f:6a:
21:77:b1:bf:a3:25:70:9e:aa:06:fc:78:bc:68:4d:f9:de:61:
b0:da:b8:f3:c2:51:bd:31:eb:a0:c5:56:15:a8:2a:12:8d:43:
67:54:b4:f1:6f:83:91:2c:f3:b7:08:86:b6:74:9c:2e:cb:fe:
5e:c1:00:59:0e:b9:cc:f3:6a:d7:75:07:56:39:71:07:41:e2:
71:18:5a:52:12:70:3c:64:d6:c3:ed:b9:ec:dc:45:4e:a1:b8:
ef:73:a2:a0:3d:a7:6b:1e:f3:5f:4d:54:19:a0:e5:fe:27:26:
60:a8:c6:08:f2:71:74:9b:5f:f1:c3:41:1c:6b:b2:b9:c3:e1:
d1:4f:aa:d0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUENCFPv13mAZye0qY+UaC4FAsUAUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzEwMDQwMDAwMDBaFw0yMzExMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDI0ODk4MDZmMGRkOTc2NDgxOGEyYWVjNTg1NTMxZWNlMGJiMTJmYTNhODkw
YmE4ZTAxNjAwYTY5YTI2OGJiODUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMmo19/IYY3UxNedCJSG5WcTEVYgD28P8ybKDeVHHRCV1OPRq2JwmVnx/w7M
8BAUUNHl5Z20qOXDkkwodlujttEfjYHklTZLjmaHO9NR/3Qlu4Ms/wiq/eN52Cth
jhQNsZSZA9GJpVEtumCjLzsIhi5w49LGlosfr3lI1a2Ndn2CLMkrhQs3j/YHDtqM
Dzvb2EHmxfk08IT5n70VT4Huh2d50jzUpJmVKaGrhH6zM5mpK7SXLyS5NmlV1V2U
ysCLSPzOWFLXMyDijocqnV12IFdUUUSDs9Sb0x4tevhlJ429AxBiUUjWBxMBb0mv
cwourVVui1WtHeushWf5x95WnF0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRq/hyz
VcR8MJidfmKP8lTWlZnJNjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTc2YzRiZjctNWQ3My00NGUyLTk2NzgtZTBmNTcxNzVlNDE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBSoF0BQA
MA0GCSqGSIb3DQEBCwUAA4IBAQC5h1+Z35W3fX4qfmcRp7zbTQeqr4FjuREnPmVc
fQ5MVEtYXdDQY2rDgLeUp/vf+7ox3utBfVQ8SZpxBj0T44Cb8Kzo1py2p6ZABHyn
DPrFXGz4tRSBcU7XF+OcEuCahc50JO7CzGAFDDMcXjAxGI9Yyue//T1wqNPXFjSl
H2ohd7G/oyVwnqoG/Hi8aE353mGw2rjzwlG9MeugxVYVqCoSjUNnVLTxb4ORLPO3
CIa2dJwuy/5ewQBZDrnM82rXdQdWOXEHQeJxGFpSEnA8ZNbD7bns3EVOobjvc6Kg
PadrHvNfTVQZoOX+JyZgqMYI8nF0m1/xw0Eca7K5w+HRT6rQ
-----END CERTIFICATE-----
Generated at Wed Oct 4 00:45:28 2023 by rpki-client on console-ams.rpki-client.org