Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a8f701ff-5301-42b0-952d-8fdd27a23bac.roa
File: a8f701ff-5301-42b0-952d-8fdd27a23bac.roa (raw, json)
Hash identifier: tnfHwEEoHuy+0qX0zfQp+L6PBExiMFMqAKsbvcY8CGI=
Subject key identifier: 9F:41:79:A3:D9:F8:B0:73:F5:06:E4:34:67:9C:66:0B:C6:06:1C:24
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 271379304FFAB0A0DA82F21399DA8524E103CE8E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a8f701ff-5301-42b0-952d-8fdd27a23bac.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:13:79:30:4f:fa:b0:a0:da:82:f2:13:99:da:85:24:e1:03:ce:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=43227fbe4b0d6534a394cd99b37688c92b703ad39987cad43a9f98b077e965eb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:26:5d:7d:18:e9:67:98:2e:28:37:cc:2c:d2:
d4:81:2c:d0:7e:17:58:4f:b3:82:31:af:a4:bc:8d:
54:58:0e:70:60:49:51:ab:2c:b8:40:69:8b:39:76:
e1:c6:fa:51:9c:f1:c1:f2:b0:e4:bc:24:f3:62:2e:
f0:b5:82:70:0e:3b:33:87:af:d9:97:ca:18:5e:8d:
ee:89:f6:10:3d:6e:50:40:76:f1:f6:7b:d9:d0:6b:
9d:71:52:82:b4:d0:15:ab:65:12:61:8d:6a:e7:05:
ce:b0:21:1f:76:b9:3b:b9:1d:a3:1f:7f:a6:88:8e:
c7:a9:3b:08:92:32:98:43:29:c4:d3:0e:de:75:e5:
61:7c:b9:a3:a5:1f:35:cc:2f:44:4d:f2:1e:7f:87:
3c:f8:4c:de:cd:12:dc:fc:fa:47:36:68:f0:c5:d6:
2c:61:7b:01:c3:f0:96:5c:6e:50:18:e4:42:52:5f:
2f:0f:cc:88:0d:8e:2e:2c:f1:08:2b:71:d6:9c:7e:
c6:db:44:1a:b4:0d:a1:55:d7:dc:55:6c:b7:a9:e2:
df:fc:d3:cf:d0:0b:3b:12:8a:9c:eb:10:a0:18:b9:
1e:90:7b:31:28:ae:57:ba:31:49:63:eb:7b:3d:bf:
86:5a:54:f3:e4:a3:41:b6:e3:68:0b:b5:d8:b1:8c:
07:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:41:79:A3:D9:F8:B0:73:F5:06:E4:34:67:9C:66:0B:C6:06:1C:24
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a8f701ff-5301-42b0-952d-8fdd27a23bac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:c000::/40
Signature Algorithm: sha256WithRSAEncryption
4b:eb:0f:f2:6e:f4:1a:05:0c:88:d5:5b:bf:c4:d5:1d:e1:1a:
48:f3:6a:0f:85:e0:e0:16:a1:48:02:bf:26:fa:3b:6d:5a:87:
8f:fe:61:be:82:97:e3:3d:a3:99:c9:68:69:27:bb:4e:a5:fb:
5f:97:55:64:73:15:02:15:d7:80:b5:90:44:d9:67:ef:37:8d:
74:09:b2:57:be:ea:a7:45:fa:00:32:04:cd:2e:bb:de:39:8b:
71:cf:bb:b7:13:af:0a:1c:21:8d:a1:ec:d9:1c:33:3e:24:d9:
ae:66:aa:90:ec:b4:60:28:69:bb:a0:c1:47:b9:b3:c2:ab:a4:
7a:a6:8f:05:ad:5d:28:6c:02:69:f4:ee:6b:5a:2f:5b:63:f3:
36:d4:8d:40:31:d4:39:a6:93:c4:35:cd:f6:3d:47:0d:57:03:
f6:85:9c:e6:ee:ec:5f:52:1f:67:62:f4:ac:70:16:c5:7e:6c:
86:a8:1f:5b:2f:ce:1e:6e:fd:22:2e:6f:a3:17:0b:e3:4e:cf:
bc:02:a0:e8:de:46:f8:95:0f:36:db:0d:62:e9:d4:8e:a4:78:
d9:32:d6:6d:ac:e1:20:19:f0:e0:a0:21:7a:3b:14:e6:ac:aa:
0b:a1:70:2a:0e:44:c5:28:04:43:33:91:fa:dc:2f:ce:c7:9a:
d6:1b:e6:1f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJxN5ME/6sKDagvITmdqFJOEDzo4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDQzMjI3ZmJlNGIwZDY1MzRhMzk0Y2Q5OWIzNzY4OGM5MmI3MDNhZDM5OTg3
Y2FkNDNhOWY5OGIwNzdlOTY1ZWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN0mXX0Y6WeYLig3zCzS1IEs0H4XWE+zgjGvpLyNVFgOcGBJUassuEBpizl2
4cb6UZzxwfKw5Lwk82Iu8LWCcA47M4ev2ZfKGF6N7on2ED1uUEB28fZ72dBrnXFS
grTQFatlEmGNaucFzrAhH3a5O7kdox9/poiOx6k7CJIymEMpxNMO3nXlYXy5o6Uf
NcwvRE3yHn+HPPhM3s0S3Pz6RzZo8MXWLGF7AcPwllxuUBjkQlJfLw/MiA2OLizx
CCtx1px+xttEGrQNoVXX3FVst6ni3/zTz9ALOxKKnOsQoBi5HpB7MSiuV7oxSWPr
ez2/hlpU8+SjQbbjaAu12LGMB1kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSfQXmj
2fiwc/UG5DRnnGYLxgYcJDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YThmNzAxZmYtNTMwMS00MmIwLTk1MmQtOGZkZDI3YTIzYmFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HfA
MA0GCSqGSIb3DQEBCwUAA4IBAQBL6w/ybvQaBQyI1Vu/xNUd4RpI82oPheDgFqFI
Ar8m+jttWoeP/mG+gpfjPaOZyWhpJ7tOpftfl1VkcxUCFdeAtZBE2WfvN410CbJX
vuqnRfoAMgTNLrveOYtxz7u3E68KHCGNoezZHDM+JNmuZqqQ7LRgKGm7oMFHubPC
q6R6po8FrV0obAJp9O5rWi9bY/M21I1AMdQ5ppPENc32PUcNVwP2hZzm7uxfUh9n
YvSscBbFfmyGqB9bL84ebv0iLm+jFwvjTs+8AqDo3kb4lQ822w1i6dSOpHjZMtZt
rOEgGfDgoCF6OxTmrKoLoXAqDkTFKARDM5H63C/Ox5rWG+Yf
-----END CERTIFICATE-----
Generated at Fri Apr 19 01:44:15 2024 by rpki-client on console-ams.rpki-client.org