Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb21710a-a37a-4476-ab6b-3d079e9d1cc9.roa
File: bb21710a-a37a-4476-ab6b-3d079e9d1cc9.roa (raw, json)
Hash identifier: iI9PQQ435+Vnr18solAlMh3sz/GY5i7P/A0L6FnMAco=
Subject key identifier: 6A:C1:BF:68:54:31:58:38:2B:DC:03:9C:E3:F5:EE:B4:CF:07:60:BC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 61D3B2783553887FFCA22D843B1D31F198B6578F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb21710a-a37a-4476-ab6b-3d079e9d1cc9.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:d3:b2:78:35:53:88:7f:fc:a2:2d:84:3b:1d:31:f1:98:b6:57:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=5f7467ed120ef907c195ef3d967534a0de2d7c1ba7aaecbf22ea785ddf9509d8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d6:9c:b4:aa:b7:d0:53:48:02:b4:fa:64:0b:
1e:1d:17:06:8b:8b:f3:9c:88:13:cb:d9:6b:eb:df:
59:30:e1:58:cb:f6:b4:d0:62:55:0e:6a:af:26:ab:
11:0e:c2:74:f6:74:c3:d8:ab:71:c0:6e:ee:a4:00:
fe:62:95:6f:3f:cd:21:8b:95:40:70:17:66:fa:18:
5b:5d:5d:69:c2:f6:f9:63:06:1e:f5:d0:d9:e9:42:
31:97:8e:01:17:71:df:37:b6:af:5e:2f:9f:03:58:
d8:7b:d7:f7:ad:ad:67:35:a5:a1:e8:e3:f1:d7:4c:
fe:82:2b:87:d3:5e:f1:60:9f:fa:66:a7:29:2e:a7:
2c:d7:bb:ab:92:27:c4:07:30:9d:66:aa:f1:78:9e:
6e:10:9f:db:3f:fa:d2:55:c5:07:12:25:f5:6b:2c:
ac:49:5d:62:31:7a:5d:ff:04:96:cc:d5:57:7a:0a:
bc:fa:f3:98:98:fc:76:c4:e4:11:37:b4:a2:13:ad:
1e:b8:b6:fd:95:0e:a6:be:18:a8:8b:86:70:d8:ff:
fc:c1:19:8c:f1:aa:d7:6b:d2:9a:2a:db:97:2b:0e:
c5:33:48:13:bd:c2:8a:51:8e:fc:fe:fc:bd:4b:a3:
f5:86:f4:54:fc:b3:87:35:42:69:eb:a2:70:8c:00:
c3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:C1:BF:68:54:31:58:38:2B:DC:03:9C:E3:F5:EE:B4:CF:07:60:BC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb21710a-a37a-4476-ab6b-3d079e9d1cc9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:4000::/40
Signature Algorithm: sha256WithRSAEncryption
c1:a9:b8:b0:37:02:a9:09:39:26:90:7b:0a:05:74:fd:0e:21:
c7:a5:fd:01:92:03:e1:83:6c:51:f2:2f:e4:cb:bd:d9:ae:9b:
5e:bf:84:42:02:04:0e:ef:98:31:1f:7c:cc:19:79:59:7b:9a:
07:23:09:b3:8d:d2:fe:1d:5b:1b:60:c4:d9:14:ad:8b:00:74:
28:ba:8a:b3:52:a7:bd:17:11:d9:d2:57:2b:e4:6f:d7:41:54:
d5:e6:55:88:74:86:c3:19:0f:e9:e0:19:32:d9:8c:e3:18:98:
30:ed:00:e3:26:af:aa:33:48:d7:91:13:d3:f7:df:fc:3f:d7:
dd:8b:f1:5d:59:ab:67:fe:ff:b6:cd:13:1c:83:14:84:08:79:
8c:22:ba:69:eb:6c:8e:0b:4e:87:98:4c:8f:51:45:8b:f2:7b:
81:51:34:17:a7:c6:1b:59:45:6c:9a:16:14:e5:7a:06:3f:fb:
62:25:f6:60:f4:e0:bd:c4:6e:35:1b:17:88:c5:47:1b:65:7a:
58:5d:a3:ab:bd:5a:0d:e9:f2:e0:bd:a9:3e:0f:ec:85:0d:1f:
3d:8e:fd:bd:07:69:42:62:0e:19:b5:e9:a7:48:01:ce:2a:aa:
a0:c3:fb:69:19:2f:4d:1f:d1:43:a3:53:0e:3a:dc:08:c3:e1:
54:53:49:38
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYdOyeDVTiH/8oi2EOx0x8Zi2V48wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDVmNzQ2N2VkMTIwZWY5MDdjMTk1ZWYzZDk2NzUzNGEwZGUyZDdjMWJhN2Fh
ZWNiZjIyZWE3ODVkZGY5NTA5ZDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMbWnLSqt9BTSAK0+mQLHh0XBouL85yIE8vZa+vfWTDhWMv2tNBiVQ5qryar
EQ7CdPZ0w9irccBu7qQA/mKVbz/NIYuVQHAXZvoYW11dacL2+WMGHvXQ2elCMZeO
ARdx3ze2r14vnwNY2HvX962tZzWloejj8ddM/oIrh9Ne8WCf+manKS6nLNe7q5In
xAcwnWaq8XiebhCf2z/60lXFBxIl9WssrEldYjF6Xf8ElszVV3oKvPrzmJj8dsTk
ETe0ohOtHri2/ZUOpr4YqIuGcNj//MEZjPGq12vSmirblysOxTNIE73CilGO/P78
vUuj9Yb0VPyzhzVCaeuicIwAwxECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRqwb9o
VDFYOCvcA5zj9e60zwdgvDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmIyMTcxMGEtYTM3YS00NDc2LWFiNmItM2QwNzllOWQxY2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H5A
MA0GCSqGSIb3DQEBCwUAA4IBAQDBqbiwNwKpCTkmkHsKBXT9DiHHpf0BkgPhg2xR
8i/ky73Zrptev4RCAgQO75gxH3zMGXlZe5oHIwmzjdL+HVsbYMTZFK2LAHQouoqz
Uqe9FxHZ0lcr5G/XQVTV5lWIdIbDGQ/p4Bky2YzjGJgw7QDjJq+qM0jXkRPT99/8
P9fdi/FdWatn/v+2zRMcgxSECHmMIrpp62yOC06HmEyPUUWL8nuBUTQXp8YbWUVs
mhYU5XoGP/tiJfZg9OC9xG41GxeIxUcbZXpYXaOrvVoN6fLgvak+D+yFDR89jv29
B2lCYg4ZtemnSAHOKqqgw/tpGS9NH9FDo1MOOtwIw+FUU0k4
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:27 2023 by rpki-client on console-ams.rpki-client.org