Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa679cd8-5924-43d7-8928-c65bc2ec3659.roa
File: aa679cd8-5924-43d7-8928-c65bc2ec3659.roa (raw, json)
Hash identifier: 2Cg7KQnTd5qHVGpEVGQVG8X4aPxiDX/ti4Ij6IWjsjs=
Subject key identifier: 63:4F:FE:7D:71:6F:9E:C4:6A:84:89:AD:E1:E8:1D:62:70:17:47:AF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4B22263BACB09951A08DD31CEE1BFD70CCF53615
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa679cd8-5924-43d7-8928-c65bc2ec3659.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:22:26:3b:ac:b0:99:51:a0:8d:d3:1c:ee:1b:fd:70:cc:f5:36:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=06601aa96c75d2cd9652c2569cd7e8e26cb833c951227b31a47799ec5de6f9e7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:06:fa:69:a8:07:e4:99:4f:63:bb:10:d9:57:
03:84:71:79:bc:c1:9b:58:0f:35:69:27:5e:d4:24:
e9:f8:9e:b0:33:d2:a5:0d:9c:29:05:6a:3a:11:00:
f5:89:4d:8a:1d:a7:b0:d7:4a:b4:f9:9d:14:f1:3c:
0b:59:b4:1c:e7:33:d1:25:bf:c9:0a:04:16:a3:4f:
61:29:88:38:21:24:2e:4b:24:60:21:ef:d7:7f:4b:
b3:f9:14:58:a7:4f:35:4b:1d:b6:de:3c:95:4b:9c:
ea:b6:2d:a1:55:7b:1b:f1:a2:c0:e1:5d:c5:df:d3:
07:12:79:6a:5d:2a:6c:d2:1a:57:4f:8c:3b:62:35:
c5:df:27:00:e0:a0:d3:65:5e:65:28:86:f0:d5:d2:
0e:d7:dd:78:9b:77:41:2a:2a:5b:a3:f5:44:53:f9:
63:3e:fc:4c:66:e3:f4:f5:d3:5f:90:cd:e8:52:a9:
62:27:50:c0:01:99:18:78:7a:f1:16:73:0c:d5:e8:
fe:9c:df:d6:21:01:2c:c0:e7:a9:b0:2a:d4:6e:e4:
c9:ba:c8:23:0a:a2:6c:ee:5b:d1:9e:e6:3e:d8:f8:
00:6f:26:b0:c3:a9:4a:b4:1c:ef:a3:9c:8e:e3:d5:
44:6a:5f:e2:1c:a9:ec:7f:f9:0a:83:a0:77:09:41:
d4:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:4F:FE:7D:71:6F:9E:C4:6A:84:89:AD:E1:E8:1D:62:70:17:47:AF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa679cd8-5924-43d7-8928-c65bc2ec3659.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:c000::/40
Signature Algorithm: sha256WithRSAEncryption
2d:85:7e:28:e0:39:c4:93:47:07:4c:a5:77:1a:ae:3a:91:21:
74:e2:6e:d3:b9:fb:cc:26:c5:3e:9f:20:a2:f7:0d:59:09:de:
c0:c7:14:c8:b8:52:bc:05:9f:d3:b3:4b:1f:b0:69:2c:28:62:
8d:e7:e0:f5:5b:50:25:74:b3:41:10:3b:52:17:3a:bd:cc:15:
6e:39:86:7d:44:c0:87:25:95:c2:f2:5d:05:b4:b2:30:d6:6a:
cb:d1:bd:11:1d:f0:12:0c:ad:88:3b:7f:24:3b:b6:88:f6:3e:
3a:93:83:94:e4:2a:e8:05:04:59:e5:1f:9b:cf:3a:a9:ea:90:
22:44:1b:81:70:f1:bf:4d:1c:20:ba:11:9b:9b:e7:2c:63:f9:
94:c4:9d:4f:24:28:22:c6:b4:0a:75:fd:3f:1f:bc:75:8b:1c:
fd:cc:c8:15:7b:09:f2:04:78:5e:2f:c9:f1:65:44:16:52:1a:
15:26:35:3a:ed:04:6c:79:86:0a:02:2c:75:f4:77:63:ac:67:
30:62:18:68:44:75:eb:1c:c3:ce:39:21:a8:f1:40:ab:23:b6:
6f:6a:5b:75:ac:d6:27:f5:b4:53:ec:f8:e9:04:67:d4:b7:92:
46:d1:9c:11:60:4a:9f:b9:d7:08:fa:19:3d:40:f1:95:aa:be:
00:0d:dc:37
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSyImO6ywmVGgjdMc7hv9cMz1NhUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2NjAxYWE5NmM3NWQyY2Q5NjUyYzI1NjljZDdlOGUyNmNiODMzYzk1MTIy
N2IzMWE0Nzc5OWVjNWRlNmY5ZTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPEG+mmoB+SZT2O7ENlXA4RxebzBm1gPNWknXtQk6fiesDPSpQ2cKQVqOhEA
9YlNih2nsNdKtPmdFPE8C1m0HOcz0SW/yQoEFqNPYSmIOCEkLkskYCHv139Ls/kU
WKdPNUsdtt48lUuc6rYtoVV7G/GiwOFdxd/TBxJ5al0qbNIaV0+MO2I1xd8nAOCg
02VeZSiG8NXSDtfdeJt3QSoqW6P1RFP5Yz78TGbj9PXTX5DN6FKpYidQwAGZGHh6
8RZzDNXo/pzf1iEBLMDnqbAq1G7kybrIIwqibO5b0Z7mPtj4AG8msMOpSrQc76Oc
juPVRGpf4hyp7H/5CoOgdwlB1JsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRjT/59
cW+exGqEia3h6B1icBdHrzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWE2NzljZDgtNTkyNC00M2Q3LTg5MjgtYzY1YmMyZWMzNjU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HjA
MA0GCSqGSIb3DQEBCwUAA4IBAQAthX4o4DnEk0cHTKV3Gq46kSF04m7TufvMJsU+
nyCi9w1ZCd7AxxTIuFK8BZ/Ts0sfsGksKGKN5+D1W1AldLNBEDtSFzq9zBVuOYZ9
RMCHJZXC8l0FtLIw1mrL0b0RHfASDK2IO38kO7aI9j46k4OU5CroBQRZ5R+bzzqp
6pAiRBuBcPG/TRwguhGbm+csY/mUxJ1PJCgixrQKdf0/H7x1ixz9zMgVewnyBHhe
L8nxZUQWUhoVJjU67QRseYYKAix19HdjrGcwYhhoRHXrHMPOOSGo8UCrI7Zvalt1
rNYn9bRT7PjpBGfUt5JG0ZwRYEqfudcI+hk9QPGVqr4ADdw3
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:35:27 2024 by rpki-client on console-ams.rpki-client.org