Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa
File: bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa (raw, json)
Hash identifier: icMTRk04INLaCsT5glyww976W4Cv8J2xODqdiPhONHU=
Subject key identifier: 11:DD:24:10:A7:4B:20:13:64:89:7A:DB:40:25:9C:3C:69:76:64:CD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7FBC7863217BA960567536D54E287D0EF6706773
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa
Signing time: Tue 19 Nov 2024 00:00:00 +0000
ROA not before: Tue 19 Nov 2024 00:00:00 +0000
ROA not after: Tue 24 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:bc:78:63:21:7b:a9:60:56:75:36:d5:4e:28:7d:0e:f6:70:67:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 19 00:00:00 2024 GMT
Not After : Dec 24 23:59:59 2024 GMT
Subject: serialNumber=af66c0f0672de280da8b3d0c71e0658c0d4b368ed45d0dcdc6eac2ab85d8886e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:20:70:a4:02:af:5e:5a:b6:48:af:a1:b1:b6:
bd:32:6b:37:72:8a:62:5d:c9:dc:a9:36:31:d1:ec:
bd:56:a0:fe:da:77:78:61:26:1e:5a:ba:0e:77:c7:
cd:72:88:57:1a:5d:c1:b1:88:38:fb:e6:d0:eb:46:
59:eb:7f:4c:91:7f:25:d0:2e:05:3c:b7:e9:5e:91:
da:ec:cb:29:f3:a5:9b:d6:b4:c6:68:b9:f2:53:1c:
75:7c:09:38:21:70:13:0a:df:c0:75:0f:5e:71:35:
4a:25:9a:85:4e:bd:13:80:77:42:9f:2f:c8:88:e5:
26:65:35:d8:d4:35:a3:39:cd:79:d4:2e:0a:73:b8:
b6:07:a0:42:1f:5e:c7:4c:bb:b7:7d:3c:69:60:0b:
a7:99:9b:45:e3:37:c4:5d:5d:51:b8:a6:03:73:11:
a9:6d:9f:e7:7f:da:97:63:f1:96:67:e3:56:89:3f:
51:09:60:af:6a:76:63:66:1e:77:40:56:4d:1f:49:
6c:c3:de:de:8b:e7:a5:1a:9a:03:04:d9:0a:8c:5e:
ea:c4:7f:69:d5:5f:4c:6b:7c:fe:97:a7:82:95:3c:
8a:21:94:eb:6a:eb:55:b3:ad:21:e2:7d:fb:1b:5a:
50:e9:86:65:3f:11:ef:67:db:35:8d:c9:da:8e:a4:
b9:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:DD:24:10:A7:4B:20:13:64:89:7A:DB:40:25:9C:3C:69:76:64:CD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:5000::/40
Signature Algorithm: sha256WithRSAEncryption
39:a2:9d:0d:4c:78:b5:7f:f8:ae:92:6a:7a:ad:ad:de:ab:fa:
1a:c7:49:dc:cb:09:15:71:bf:f2:59:91:62:27:43:6b:80:e8:
ea:0a:3e:f4:40:9c:3b:55:9b:49:99:80:18:95:fe:c1:f8:bd:
1c:e5:ae:13:37:02:e5:24:77:43:0d:d3:96:f7:b0:fd:69:14:
14:cb:39:8a:89:46:6d:bb:f8:bc:60:34:49:c9:94:b7:97:a8:
32:a1:38:8e:a7:da:64:a2:83:d5:4a:72:7c:df:a2:01:6f:6e:
79:ed:01:c7:bb:37:a5:8a:1c:16:39:a1:ba:48:d1:c0:08:09:
7a:b8:d6:ad:6f:1c:bb:d8:47:60:14:ad:c3:64:36:bf:e5:e3:
77:a8:c8:c2:77:19:a4:33:4b:22:96:84:b8:3e:a1:4d:ef:27:
a2:31:a8:c0:16:96:e2:f8:c5:17:25:bb:eb:6b:de:02:c6:f0:
fb:4a:63:88:5a:e6:e1:46:be:d1:5b:74:66:a5:cf:10:8b:f9:
9a:ef:d9:78:f2:08:a5:15:36:f6:0c:b5:f7:27:13:31:5b:7b:
dc:bb:ea:c4:1c:61:02:f3:4e:ea:f1:5d:06:6f:80:98:63:83:
80:d4:c4:1d:8f:f2:57:0b:57:d3:0c:a6:0d:2c:ee:ae:26:9b:
17:24:e3:1e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUf7x4YyF7qWBWdTbVTih9DvZwZ3MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTkwMDAwMDBaFw0yNDEyMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmNjZjMGYwNjcyZGUyODBkYThiM2QwYzcxZTA2NThjMGQ0YjM2OGVkNDVk
MGRjZGM2ZWFjMmFiODVkODg4NmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMQgcKQCr15atkivobG2vTJrN3KKYl3J3Kk2MdHsvVag/tp3eGEmHlq6DnfH
zXKIVxpdwbGIOPvm0OtGWet/TJF/JdAuBTy36V6R2uzLKfOlm9a0xmi58lMcdXwJ
OCFwEwrfwHUPXnE1SiWahU69E4B3Qp8vyIjlJmU12NQ1oznNedQuCnO4tgegQh9e
x0y7t308aWALp5mbReM3xF1dUbimA3MRqW2f53/al2PxlmfjVok/UQlgr2p2Y2Ye
d0BWTR9JbMPe3ovnpRqaAwTZCoxe6sR/adVfTGt8/pengpU8iiGU62rrVbOtIeJ9
+xtaUOmGZT8R72fbNY3J2o6kubECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQR3SQQ
p0sgE2SJettAJZw8aXZkzTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmM2OWY4ZjYtMDNjOC00NDY4LWE5OGEtZjIzZmU0MGVlYWVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA5op0NTHi1f/iukmp6ra3eq/oax0ncywkVcb/y
WZFiJ0NrgOjqCj70QJw7VZtJmYAYlf7B+L0c5a4TNwLlJHdDDdOW97D9aRQUyzmK
iUZtu/i8YDRJyZS3l6gyoTiOp9pkooPVSnJ836IBb2557QHHuzelihwWOaG6SNHA
CAl6uNatbxy72EdgFK3DZDa/5eN3qMjCdxmkM0siloS4PqFN7yeiMajAFpbi+MUX
Jbvra94CxvD7SmOIWubhRr7RW3Rmpc8Qi/ma79l48gilFTb2DLX3JxMxW3vcu+rE
HGEC807q8V0Gb4CYY4OA1MQdj/JXC1fTDKYNLO6uJpsXJOMe
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:07:45 2024 by rpki-client on console-ams.rpki-client.org