Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa679cd8-5924-43d7-8928-c65bc2ec3659.roa
File: aa679cd8-5924-43d7-8928-c65bc2ec3659.roa (raw, json)
Hash identifier: mXOYcZzOaXYSwcP7rp5I8oGgeK0Wdby64PDKquPB5Wk=
Subject key identifier: 64:C7:A2:0F:15:11:AD:C6:81:34:4D:E7:A3:DF:93:EF:96:E1:6C:59
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1275E470296B5B4C1E069A4A6ECFB84A33A72E1D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa679cd8-5924-43d7-8928-c65bc2ec3659.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:75:e4:70:29:6b:5b:4c:1e:06:9a:4a:6e:cf:b8:4a:33:a7:2e:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=1a25a953d417004a8ce4ba3129955fee4a4c23b3cf51e4204b42f84417a7aa62, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:53:5a:f6:80:4b:b1:99:19:05:e0:b8:46:92:
fe:06:01:17:26:d3:e4:a0:d3:2c:ad:b2:27:6f:60:
14:f8:93:32:d0:4c:b9:c6:06:f2:31:d4:95:15:25:
35:34:e6:82:0c:75:91:07:ad:08:0e:4d:fd:78:40:
d8:9c:b5:79:45:18:6f:9e:6c:db:27:f0:7e:c2:88:
03:48:16:ff:29:3f:0c:35:d8:5c:03:ee:67:2d:cf:
c7:2d:87:03:9a:f8:87:25:f7:c3:e2:aa:2e:10:94:
1d:2f:b5:67:32:1f:b0:0d:17:98:da:bc:6b:d1:be:
81:0f:f5:f8:09:dd:00:97:29:f2:cc:e3:98:bc:81:
e6:e2:c2:b1:e7:de:0f:ae:96:66:8c:dd:f2:5b:bf:
0c:9a:65:cf:3c:85:3c:1b:0d:53:d1:9c:4b:17:d5:
0f:d4:24:ed:f6:0d:08:f7:75:b6:67:a0:b4:0a:2c:
12:0c:e1:78:35:eb:21:67:75:a8:c8:23:db:ad:1b:
34:33:cc:94:29:1d:11:a9:5f:6f:b6:93:1c:8b:8d:
0d:29:97:f2:e3:a2:01:e5:70:32:ed:c9:6c:98:f5:
55:68:d6:7a:06:75:45:a9:ff:c6:b0:70:c0:6e:a0:
6a:4c:45:68:90:f2:25:2f:92:62:fe:54:27:14:2c:
95:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:C7:A2:0F:15:11:AD:C6:81:34:4D:E7:A3:DF:93:EF:96:E1:6C:59
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa679cd8-5924-43d7-8928-c65bc2ec3659.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:c000::/40
Signature Algorithm: sha256WithRSAEncryption
10:05:6e:8b:61:55:57:87:51:87:1e:33:64:17:15:c3:db:f4:
5e:0c:2e:9c:84:b6:51:57:d1:64:e2:6d:e3:9d:4f:ad:b4:e1:
8b:c4:37:98:22:3d:6b:13:a5:07:84:b0:72:6d:8a:9a:ce:6b:
d6:97:4a:15:52:35:ed:d5:6b:3d:f1:7e:3d:ec:0a:05:68:00:
55:3a:1c:40:2c:49:21:ed:7d:ce:a7:91:f4:46:16:e3:7c:e2:
72:83:a7:4f:60:0c:e0:04:c5:51:52:82:74:da:d1:04:4d:ec:
d7:ac:4d:40:ef:8f:2a:9b:8e:74:1c:6e:36:52:d9:ec:5c:1d:
00:9f:cf:d9:61:05:6d:9a:9b:3a:8c:de:ec:31:c6:34:3c:dd:
31:d5:ae:31:86:9b:68:84:61:89:7a:5e:99:8a:bb:15:bc:bf:
c6:8f:2e:be:21:f5:91:1e:ed:92:eb:6c:a0:9c:74:0b:92:46:
f3:64:39:d6:85:6e:72:c8:43:6e:5b:3f:f7:97:35:0b:91:42:
9e:77:de:1d:c3:a4:7d:d6:9a:0e:59:90:c3:5c:a6:b7:95:15:
43:61:69:38:aa:84:09:55:7d:82:87:b6:0a:a2:25:86:c4:c5:
ea:65:03:ab:55:1b:a6:4e:ad:35:95:e4:4f:ff:7d:3f:98:0d:
8a:8a:a4:ea
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEnXkcClrW0weBppKbs+4SjOnLh0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhMjVhOTUzZDQxNzAwNGE4Y2U0YmEzMTI5OTU1ZmVlNGE0YzIzYjNjZjUx
ZTQyMDRiNDJmODQ0MTdhN2FhNjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIpTWvaAS7GZGQXguEaS/gYBFybT5KDTLK2yJ29gFPiTMtBMucYG8jHUlRUl
NTTmggx1kQetCA5N/XhA2Jy1eUUYb55s2yfwfsKIA0gW/yk/DDXYXAPuZy3Pxy2H
A5r4hyX3w+KqLhCUHS+1ZzIfsA0XmNq8a9G+gQ/1+AndAJcp8szjmLyB5uLCsefe
D66WZozd8lu/DJplzzyFPBsNU9GcSxfVD9Qk7fYNCPd1tmegtAosEgzheDXrIWd1
qMgj260bNDPMlCkdEalfb7aTHIuNDSmX8uOiAeVwMu3JbJj1VWjWegZ1Ran/xrBw
wG6gakxFaJDyJS+SYv5UJxQslUECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRkx6IP
FRGtxoE0Teej35PvluFsWTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWE2NzljZDgtNTkyNC00M2Q3LTg5MjgtYzY1YmMyZWMzNjU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HjA
MA0GCSqGSIb3DQEBCwUAA4IBAQAQBW6LYVVXh1GHHjNkFxXD2/ReDC6chLZRV9Fk
4m3jnU+ttOGLxDeYIj1rE6UHhLBybYqazmvWl0oVUjXt1Ws98X497AoFaABVOhxA
LEkh7X3Op5H0RhbjfOJyg6dPYAzgBMVRUoJ02tEETezXrE1A748qm450HG42Utns
XB0An8/ZYQVtmps6jN7sMcY0PN0x1a4xhptohGGJel6ZirsVvL/Gjy6+IfWRHu2S
62ygnHQLkkbzZDnWhW5yyENuWz/3lzULkUKed94dw6R91poOWZDDXKa3lRVDYWk4
qoQJVX2Ch7YKoiWGxMXqZQOrVRumTq01leRP/30/mA2KiqTq
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:07:45 2024 by rpki-client on console-ams.rpki-client.org