Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c39dd71c-f22c-4bb4-9c6f-dfc8c6a02ffd.roa
File: c39dd71c-f22c-4bb4-9c6f-dfc8c6a02ffd.roa (raw, json)
Hash identifier: lbEdqlwrxmd9Zc03SN1PCDBYGEWfiBX0KnG/c2RxuOA=
Subject key identifier: 4C:86:42:F6:63:EA:A8:3B:B6:8B:02:91:4A:0E:D1:91:B1:52:88:70
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2A0B6ABBDC19EB60EDE6327D159BD6C6DE263B7C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c39dd71c-f22c-4bb4-9c6f-dfc8c6a02ffd.roa
Signing time: Fri 08 Mar 2024 00:00:00 +0000
ROA not before: Fri 08 Mar 2024 00:00:00 +0000
ROA not after: Fri 12 Apr 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 Mar 2024 18:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:0b:6a:bb:dc:19:eb:60:ed:e6:32:7d:15:9b:d6:c6:de:26:3b:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 8 00:00:00 2024 GMT
Not After : Apr 12 23:59:59 2024 GMT
Subject: serialNumber=1b5045d91cb8ef30a1d0948d5270c392f08307a4b144bab988e4768b80da412a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c2:9e:9a:18:be:77:a0:e5:54:18:e9:ed:ed:
e5:72:ca:77:63:07:3e:4c:c6:6d:ca:6f:46:0a:78:
ce:6b:e2:95:dd:ac:03:68:0b:6f:e1:3f:dd:e2:77:
fc:3f:2f:46:cc:31:45:0f:66:82:9e:af:2f:c0:a9:
87:0a:99:cf:6c:81:5e:8b:14:27:4d:3f:b8:25:94:
95:18:5c:08:72:73:f0:a4:a8:6f:6b:56:0b:1e:ee:
15:bb:fa:6e:7d:19:f9:a2:ec:86:d3:f7:27:d0:63:
35:03:36:6e:70:07:e1:28:f1:a6:6f:15:d8:0b:18:
6f:47:c9:45:0a:87:9f:ba:5d:e7:cb:1f:9e:db:ad:
84:b7:40:07:e3:0d:24:aa:b6:d4:81:59:47:db:14:
ee:47:76:25:b5:6d:c8:9f:76:cd:68:d4:f4:3c:16:
22:c3:dd:fe:c1:45:87:7a:ab:36:bf:4b:26:00:99:
89:43:17:b9:ae:04:d3:50:27:9e:a9:71:ff:6d:87:
82:14:66:23:96:71:58:b0:fe:37:3c:eb:b6:26:e7:
4e:75:99:64:91:4f:66:88:e1:6b:60:53:5a:b3:d0:
fc:7e:28:06:22:27:63:ce:7e:4c:a5:3f:64:91:23:
d8:b3:67:35:02:c1:be:10:78:f4:a4:4c:6b:16:5a:
17:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:86:42:F6:63:EA:A8:3B:B6:8B:02:91:4A:0E:D1:91:B1:52:88:70
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c39dd71c-f22c-4bb4-9c6f-dfc8c6a02ffd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:a000::/40
Signature Algorithm: sha256WithRSAEncryption
c3:07:3d:b0:8c:8f:b5:fb:22:0b:c7:64:98:21:98:d6:cf:b1:
a8:43:4f:44:31:ad:93:a3:08:4c:cd:4c:2e:9b:44:04:f5:57:
4b:02:d5:e8:c3:14:1c:bb:c0:0f:f7:19:40:33:70:e2:f4:40:
fb:b1:7c:55:8b:cc:44:90:0c:ba:09:a2:3a:60:33:91:80:8c:
cc:91:43:57:83:47:18:7e:b7:2a:f3:b3:e8:1e:a2:2d:30:79:
54:9c:5d:49:99:fd:7b:ad:9a:92:60:51:d7:db:8f:13:21:00:
fe:28:fa:39:d0:03:c9:63:a1:4a:31:00:6d:89:b0:51:13:d2:
5a:ae:af:50:4a:08:c9:57:c1:c9:97:16:29:38:d8:e6:e8:fe:
ad:a5:83:a9:a2:cd:16:89:8a:3f:ad:1e:e8:10:2c:de:bf:0e:
32:8e:28:1f:fa:39:8c:5c:3b:57:5d:6f:f0:64:d6:da:fd:3d:
84:dc:80:43:d2:50:5d:65:f0:0e:a4:30:c1:69:02:96:3a:a0:
dd:25:c0:bf:13:4b:02:a3:f9:1f:9f:68:97:eb:62:a9:66:7a:
ce:00:e5:a2:80:e2:bb:4f:b3:83:72:1f:b5:fd:83:b9:8f:ed:
50:3b:bc:b7:e2:27:7e:29:99:ba:b2:71:9b:ac:f3:41:c3:aa:
2e:ba:a5:6f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKgtqu9wZ62Dt5jJ9FZvWxt4mO3wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDAzMDgwMDAwMDBaFw0yNDA0MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDFiNTA0NWQ5MWNiOGVmMzBhMWQwOTQ4ZDUyNzBjMzkyZjA4MzA3YTRiMTQ0
YmFiOTg4ZTQ3NjhiODBkYTQxMmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK7CnpoYvneg5VQY6e3t5XLKd2MHPkzGbcpvRgp4zmvild2sA2gLb+E/3eJ3
/D8vRswxRQ9mgp6vL8CphwqZz2yBXosUJ00/uCWUlRhcCHJz8KSob2tWCx7uFbv6
bn0Z+aLshtP3J9BjNQM2bnAH4Sjxpm8V2AsYb0fJRQqHn7pd58sfntuthLdAB+MN
JKq21IFZR9sU7kd2JbVtyJ92zWjU9DwWIsPd/sFFh3qrNr9LJgCZiUMXua4E01An
nqlx/22HghRmI5ZxWLD+NzzrtibnTnWZZJFPZojha2BTWrPQ/H4oBiInY85+TKU/
ZJEj2LNnNQLBvhB49KRMaxZaF6sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRMhkL2
Y+qoO7aLApFKDtGRsVKIcDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzM5ZGQ3MWMtZjIyYy00YmI0LTljNmYtZGZjOGM2YTAyZmZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H6g
MA0GCSqGSIb3DQEBCwUAA4IBAQDDBz2wjI+1+yILx2SYIZjWz7GoQ09EMa2TowhM
zUwum0QE9VdLAtXowxQcu8AP9xlAM3Di9ED7sXxVi8xEkAy6CaI6YDORgIzMkUNX
g0cYfrcq87PoHqItMHlUnF1Jmf17rZqSYFHX248TIQD+KPo50APJY6FKMQBtibBR
E9Jarq9QSgjJV8HJlxYpONjm6P6tpYOpos0WiYo/rR7oECzevw4yjigf+jmMXDtX
XW/wZNba/T2E3IBD0lBdZfAOpDDBaQKWOqDdJcC/E0sCo/kfn2iX62KpZnrOAOWi
gOK7T7ODch+1/YO5j+1QO7y34id+KZm6snGbrPNBw6ouuqVv
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:06:43 2024 by rpki-client on console-ams.rpki-client.org