Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a88367e7-0dbc-4c05-8e09-7593b923bed7.roa
File: a88367e7-0dbc-4c05-8e09-7593b923bed7.roa (raw, json)
Hash identifier: 4b+gj0noS4NEIO+XOZiZAZCP2+QX8+wp64MaLxfc4nI=
Subject key identifier: D0:81:2E:B8:BE:46:5D:7D:6F:3B:4F:D2:09:19:E0:25:48:1A:57:78
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2643715F41EF9CED56BD789F8B783DB4085EFC7D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a88367e7-0dbc-4c05-8e09-7593b923bed7.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:43:71:5f:41:ef:9c:ed:56:bd:78:9f:8b:78:3d:b4:08:5e:fc:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=49a7c605a4a58a78ebd230e94874cfc8f7000ff0109f411d23e3f80c37a02968, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:7f:dc:89:7d:55:74:d8:bd:19:32:e9:51:34:
ce:ff:5f:c9:84:89:73:db:40:41:fc:b7:63:c5:3c:
db:be:47:3e:8b:e8:08:ba:d8:3e:43:f7:7e:6d:81:
62:dc:02:f4:f9:62:56:96:03:6d:78:e1:21:96:49:
31:fd:aa:1d:6f:e5:19:8b:50:84:47:b7:68:40:c6:
93:87:62:d7:cf:11:21:b2:f2:1a:59:40:99:8e:e5:
f4:7f:31:36:5c:ac:c8:8d:01:75:db:ed:29:d7:5a:
a5:c7:7e:c2:60:28:a7:e0:d8:e8:7d:9b:c6:0e:40:
fd:c4:c5:50:30:91:5c:f5:b4:91:6f:12:ae:55:7d:
a2:16:59:31:0b:7f:2e:b4:ce:ac:0a:68:44:c6:5a:
bf:07:18:f4:4b:d6:5a:d6:cd:3e:c8:53:8b:2f:34:
70:7d:07:48:e0:9f:27:5c:6d:89:2a:ef:11:ed:40:
24:8d:bc:34:58:ce:5e:23:f3:ab:82:06:4b:31:69:
81:43:65:44:d4:bf:d9:46:69:da:26:da:6e:4a:0a:
60:76:c4:f5:b4:55:e0:3b:fc:7e:14:06:11:fb:2e:
af:07:bf:84:7f:b3:1e:7b:3e:2e:1c:06:47:0b:65:
70:c0:e4:61:8c:98:4b:38:48:45:e8:15:ad:d7:3e:
b7:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:81:2E:B8:BE:46:5D:7D:6F:3B:4F:D2:09:19:E0:25:48:1A:57:78
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a88367e7-0dbc-4c05-8e09-7593b923bed7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:8000::/40
Signature Algorithm: sha256WithRSAEncryption
26:7f:d1:11:1c:64:23:93:1e:cb:88:df:a0:cb:c6:01:a7:b6:
a5:81:fd:1a:75:1d:86:c1:64:5f:cb:34:06:6c:4e:b6:a8:7b:
63:d9:5c:f2:67:2c:85:fe:3f:40:d9:e1:32:d2:59:a7:82:f2:
e0:0a:cd:80:cf:d5:94:e2:b0:95:f8:1f:af:47:2c:6d:1d:10:
d8:63:2d:27:f6:3c:35:e5:e2:ef:cd:92:e6:d6:8a:25:a9:5c:
2f:6c:e1:79:5d:0f:41:cc:da:12:ef:99:7b:9b:74:7c:95:62:
f4:ba:1c:15:64:ec:c4:ff:8f:56:97:ad:9d:1b:3f:91:c6:78:
87:43:4e:af:bf:f2:78:ee:bd:50:d0:e5:f0:a8:4f:22:53:3b:
a0:87:fa:f2:b0:24:94:45:4c:27:d8:75:7a:a8:d3:40:ac:b9:
f1:6a:16:ca:f0:bc:7e:36:e3:f2:6e:d4:07:53:5b:74:ea:3e:
86:43:67:c2:49:aa:b3:48:2e:e4:28:06:dc:27:72:d6:8d:59:
88:36:d5:2a:3b:29:af:07:14:bc:03:9e:3e:a9:d1:82:60:60:
68:9d:5e:d5:43:72:11:31:6b:d7:84:b4:b4:92:d1:52:e1:e3:
09:b3:b6:1b:7f:3d:f0:cc:53:3f:5a:10:0d:f5:b2:df:e7:f8:
86:55:9a:ac
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJkNxX0HvnO1WvXifi3g9tAhe/H0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ5YTdjNjA1YTRhNThhNzhlYmQyMzBlOTQ4NzRjZmM4ZjcwMDBmZjAxMDlm
NDExZDIzZTNmODBjMzdhMDI5NjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANx/3Il9VXTYvRky6VE0zv9fyYSJc9tAQfy3Y8U8275HPovoCLrYPkP3fm2B
YtwC9PliVpYDbXjhIZZJMf2qHW/lGYtQhEe3aEDGk4di188RIbLyGllAmY7l9H8x
NlysyI0BddvtKddapcd+wmAop+DY6H2bxg5A/cTFUDCRXPW0kW8SrlV9ohZZMQt/
LrTOrApoRMZavwcY9EvWWtbNPshTiy80cH0HSOCfJ1xtiSrvEe1AJI28NFjOXiPz
q4IGSzFpgUNlRNS/2UZp2ibabkoKYHbE9bRV4Dv8fhQGEfsurwe/hH+zHns+LhwG
RwtlcMDkYYyYSzhIRegVrdc+tzUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTQgS64
vkZdfW87T9IJGeAlSBpXeDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTg4MzY3ZTctMGRiYy00YzA1LThlMDktNzU5M2I5MjNiZWQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DqA
MA0GCSqGSIb3DQEBCwUAA4IBAQAmf9ERHGQjkx7LiN+gy8YBp7algf0adR2GwWRf
yzQGbE62qHtj2VzyZyyF/j9A2eEy0lmngvLgCs2Az9WU4rCV+B+vRyxtHRDYYy0n
9jw15eLvzZLm1oolqVwvbOF5XQ9BzNoS75l7m3R8lWL0uhwVZOzE/49Wl62dGz+R
xniHQ06vv/J47r1Q0OXwqE8iUzugh/rysCSURUwn2HV6qNNArLnxahbK8Lx+NuPy
btQHU1t06j6GQ2fCSaqzSC7kKAbcJ3LWjVmINtUqOymvBxS8A54+qdGCYGBonV7V
Q3IRMWvXhLS0ktFS4eMJs7Ybfz3wzFM/WhAN9bLf5/iGVZqs
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:27 2023 by rpki-client on console-ams.rpki-client.org