Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a96d9971-6d4e-47a3-9408-d633699b643b.roa
File: a96d9971-6d4e-47a3-9408-d633699b643b.roa (raw, json)
Hash identifier: TE+jPyIjyGh1eWABTI1or1EL0HPbpxl3ehHW3Mn5vMs=
Subject key identifier: C7:8C:9C:87:2E:B2:8A:8C:23:A3:E3:2B:09:53:48:03:A9:C9:46:90
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 517B956D6722C7B569679585DE01C9C9629EDFD0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a96d9971-6d4e-47a3-9408-d633699b643b.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:7b:95:6d:67:22:c7:b5:69:67:95:85:de:01:c9:c9:62:9e:df:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=e475eef23f7fc1fc826cd167d4ad70e7e29985189132d9171881b03ddeec8cf3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ab:f7:c4:69:5d:f8:a2:51:09:1e:e4:ad:33:
aa:1e:1f:f5:4b:ab:d6:c9:7c:f1:ed:27:78:54:35:
0e:a1:9d:04:0a:77:9d:17:50:c4:88:d7:e0:9c:5e:
bf:7d:1c:92:87:79:c4:19:60:3b:8a:f3:51:c8:bc:
32:be:48:25:c3:68:d2:f1:bd:19:de:31:ef:de:12:
5e:b3:b1:72:06:af:7e:1a:74:dc:14:45:b4:dd:f7:
d4:6d:d5:50:5d:07:ec:77:e4:a4:e5:dc:20:ef:d7:
9f:4b:43:7c:d8:5a:af:52:68:ca:83:4d:fc:9e:f0:
c1:69:38:b7:f8:03:be:fd:b8:ad:aa:9c:d7:56:3c:
33:85:c7:db:70:6a:8f:a3:5e:25:ea:77:cd:d1:57:
45:b8:4b:12:7c:a8:91:0c:3c:a2:7c:9d:be:05:21:
6b:87:82:ef:08:85:c4:f3:0e:5a:04:a5:62:2f:4b:
ea:de:ff:2b:8c:83:df:bd:f1:a5:b5:9e:d8:b5:3d:
bf:47:7f:c6:48:36:03:55:a0:3f:df:bb:ae:1f:cf:
e6:cc:ad:1f:b0:52:9f:84:ab:a8:25:03:24:bc:0a:
22:3d:64:7b:64:a5:be:bf:34:59:00:ba:e6:7f:eb:
a8:34:8f:7a:10:ee:0e:7d:f8:ca:52:59:93:4b:aa:
db:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:8C:9C:87:2E:B2:8A:8C:23:A3:E3:2B:09:53:48:03:A9:C9:46:90
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a96d9971-6d4e-47a3-9408-d633699b643b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:2000::/40
Signature Algorithm: sha256WithRSAEncryption
51:81:df:10:c3:c0:da:1e:13:0c:e8:3f:8b:50:4b:4e:10:8e:
0b:6a:48:c5:3f:d9:97:38:4f:87:45:37:9f:83:f1:2d:47:95:
dd:6a:0d:c5:9b:17:a0:37:fa:02:cf:0b:6e:1f:7d:35:26:cd:
6f:fa:00:f5:74:37:6e:14:8f:28:30:ff:15:3d:32:16:8b:aa:
03:30:11:34:76:70:8e:44:dc:15:88:34:ac:07:b3:25:7a:a0:
6a:8b:7f:62:be:0b:fe:ae:71:71:31:41:15:49:5a:50:15:ab:
77:73:59:23:f9:d5:b7:28:5f:84:e1:98:18:b7:8a:66:43:8b:
ce:82:54:cf:18:0c:f3:fa:75:1d:ba:11:3d:23:fa:a3:94:f9:
18:dd:bc:81:8d:1b:02:d3:38:1b:c9:45:c7:c7:4a:33:cd:1f:
2f:72:3a:b2:b9:ee:1a:e5:7b:20:2b:ba:ef:d8:64:0c:37:05:
f9:b5:e2:1d:e8:98:6e:c5:22:f2:e3:9e:d8:b7:a4:2d:74:e2:
a4:69:17:2c:a5:f2:c8:aa:34:5e:5c:4e:61:c4:02:ba:8c:a6:
f9:1c:3c:69:cb:5d:e6:83:fc:98:e4:55:89:e4:b9:9a:86:b6:
a7:c8:f4:41:22:c0:2f:78:48:b5:71:e7:0d:e0:8f:78:88:00:
e2:8c:ed:52
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUXuVbWcix7VpZ5WF3gHJyWKe39AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGU0NzVlZWYyM2Y3ZmMxZmM4MjZjZDE2N2Q0YWQ3MGU3ZTI5OTg1MTg5MTMy
ZDkxNzE4ODFiMDNkZGVlYzhjZjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANmr98RpXfiiUQke5K0zqh4f9Uur1sl88e0neFQ1DqGdBAp3nRdQxIjX4Jxe
v30ckod5xBlgO4rzUci8Mr5IJcNo0vG9Gd4x794SXrOxcgavfhp03BRFtN331G3V
UF0H7HfkpOXcIO/Xn0tDfNhar1JoyoNN/J7wwWk4t/gDvv24raqc11Y8M4XH23Bq
j6NeJep3zdFXRbhLEnyokQw8onydvgUha4eC7wiFxPMOWgSlYi9L6t7/K4yD373x
pbWe2LU9v0d/xkg2A1WgP9+7rh/P5sytH7BSn4SrqCUDJLwKIj1ke2Slvr80WQC6
5n/rqDSPehDuDn34ylJZk0uq23sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTHjJyH
LrKKjCOj4ysJU0gDqclGkDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTk2ZDk5NzEtNmQ0ZS00N2EzLTk0MDgtZDYzMzY5OWI2NDNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H4g
MA0GCSqGSIb3DQEBCwUAA4IBAQBRgd8Qw8DaHhMM6D+LUEtOEI4LakjFP9mXOE+H
RTefg/EtR5Xdag3FmxegN/oCzwtuH301Js1v+gD1dDduFI8oMP8VPTIWi6oDMBE0
dnCORNwViDSsB7MleqBqi39ivgv+rnFxMUEVSVpQFat3c1kj+dW3KF+E4ZgYt4pm
Q4vOglTPGAzz+nUduhE9I/qjlPkY3byBjRsC0zgbyUXHx0ozzR8vcjqyue4a5Xsg
K7rv2GQMNwX5teId6JhuxSLy457Yt6QtdOKkaRcspfLIqjReXE5hxAK6jKb5HDxp
y13mg/yY5FWJ5LmahranyPRBIsAveEi1cecN4I94iADijO1S
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:27 2023 by rpki-client on console-ams.rpki-client.org