Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c44d3640-5b10-4e27-a9a8-e3a689b9244e.roa
File: c44d3640-5b10-4e27-a9a8-e3a689b9244e.roa (raw, json)
Hash identifier: jpjm2sKMlXLrc8Bd3tkZgoVBf12kxjIxHM6lb6rU1uo=
Subject key identifier: 37:A1:C0:8D:BE:10:CD:2F:67:6C:98:BB:20:55:86:AA:41:23:1D:6C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2D8FF43A645FD91192A227A50180D482102870B5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c44d3640-5b10-4e27-a9a8-e3a689b9244e.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07c:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:8f:f4:3a:64:5f:d9:11:92:a2:27:a5:01:80:d4:82:10:28:70:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=d399a40c7c04a2be4f5e572ced46d1d65ec90814cad34db0e83317a132469a25, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:03:8c:2f:89:d0:10:71:c0:91:e1:42:85:65:
19:ab:5c:fe:f6:0c:0d:9c:e0:83:8a:11:34:24:18:
4f:34:58:94:77:4f:02:39:bd:95:7f:19:b5:4c:5e:
16:3f:03:48:09:03:18:d1:70:00:a5:93:c2:77:ff:
8d:3a:b1:ae:54:5c:46:e7:78:4d:3a:ef:2f:48:59:
3f:9c:10:3a:69:5f:61:d5:63:68:16:31:15:6f:b8:
87:5c:13:1d:3b:2a:fc:e5:43:20:1a:7b:71:47:a1:
cc:b6:76:1c:7b:4a:35:bb:99:74:b5:40:45:0b:5d:
97:41:77:2e:46:87:aa:c7:83:86:d0:10:6e:b1:98:
c5:33:5c:60:e7:e6:8b:39:ac:ec:94:ae:01:e4:20:
2a:d9:a2:67:fb:6e:a5:b4:eb:65:c7:2d:dd:23:bc:
08:99:c1:35:aa:5f:c5:10:ff:ce:3b:d0:2f:40:9f:
8d:15:38:cd:8a:df:b3:3d:b3:00:83:f4:34:73:7e:
b4:8b:32:d8:65:fc:3f:17:24:d8:10:dc:05:62:e5:
c6:45:21:54:a4:dd:25:a7:47:fc:bf:65:7d:55:cc:
c5:ed:71:89:7b:38:51:27:e5:b6:2b:cb:d3:b4:71:
83:15:04:ea:5f:18:f1:a5:bd:41:b8:67:3f:48:4b:
29:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:A1:C0:8D:BE:10:CD:2F:67:6C:98:BB:20:55:86:AA:41:23:1D:6C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c44d3640-5b10-4e27-a9a8-e3a689b9244e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07c:8000::/40
Signature Algorithm: sha256WithRSAEncryption
4d:3e:48:c2:87:d9:ff:b4:63:d7:af:d2:6e:f2:64:c3:87:fc:
6b:88:7e:17:1a:73:cc:07:f2:c0:02:76:78:b4:1f:7b:36:48:
87:1e:91:2d:89:cd:90:d3:ec:a1:37:8d:e5:e2:b4:8d:96:9a:
a2:c0:be:5c:67:eb:e2:1a:ce:41:4e:86:83:c8:bf:8e:8e:9f:
4c:da:88:af:34:5d:b4:30:33:e5:d0:47:5f:54:42:8d:1a:eb:
35:c0:23:2a:46:bd:c0:9d:d1:7a:49:ba:87:a8:d7:44:1c:89:
66:98:6c:95:92:eb:30:21:28:c2:a7:f7:6e:6d:b4:67:b3:f9:
fc:dc:7e:f9:3b:1a:62:9c:6b:ee:a9:f2:a8:73:6d:70:63:aa:
d4:0a:61:d6:a1:d8:50:ac:7f:6c:3e:d9:9a:21:37:b3:e5:d6:
65:8e:0d:8b:4d:d8:24:48:a8:e9:c3:51:ff:06:76:f4:fc:bb:
fc:b6:3f:ca:5a:aa:63:24:0b:f5:54:14:7c:9e:ea:f7:9e:ed:
c5:fc:32:72:2a:ef:30:d5:bc:7b:21:47:71:76:c1:c7:91:5b:
c1:0e:a4:ba:8c:80:27:97:6c:54:28:63:87:b6:77:73:f1:8a:
40:98:d4:61:76:26:f5:a9:dd:69:93:16:2d:3b:65:d7:3f:5b:
84:2b:04:d6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULY/0OmRf2RGSoielAYDUghAocLUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQzOTlhNDBjN2MwNGEyYmU0ZjVlNTcyY2VkNDZkMWQ2NWVjOTA4MTRjYWQz
NGRiMGU4MzMxN2ExMzI0NjlhMjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALcDjC+J0BBxwJHhQoVlGatc/vYMDZzgg4oRNCQYTzRYlHdPAjm9lX8ZtUxe
Fj8DSAkDGNFwAKWTwnf/jTqxrlRcRud4TTrvL0hZP5wQOmlfYdVjaBYxFW+4h1wT
HTsq/OVDIBp7cUehzLZ2HHtKNbuZdLVARQtdl0F3LkaHqseDhtAQbrGYxTNcYOfm
izms7JSuAeQgKtmiZ/tupbTrZcct3SO8CJnBNapfxRD/zjvQL0CfjRU4zYrfsz2z
AIP0NHN+tIsy2GX8Pxck2BDcBWLlxkUhVKTdJadH/L9lfVXMxe1xiXs4USfltivL
07RxgxUE6l8Y8aW9QbhnP0hLKVcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ3ocCN
vhDNL2dsmLsgVYaqQSMdbDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzQ0ZDM2NDAtNWIxMC00ZTI3LWE5YTgtZTNhNjg5YjkyNDRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HyA
MA0GCSqGSIb3DQEBCwUAA4IBAQBNPkjCh9n/tGPXr9Ju8mTDh/xriH4XGnPMB/LA
AnZ4tB97NkiHHpEtic2Q0+yhN43l4rSNlpqiwL5cZ+viGs5BToaDyL+Ojp9M2oiv
NF20MDPl0EdfVEKNGus1wCMqRr3AndF6SbqHqNdEHIlmmGyVkuswISjCp/dubbRn
s/n83H75OxpinGvuqfKoc21wY6rUCmHWodhQrH9sPtmaITez5dZljg2LTdgkSKjp
w1H/Bnb0/Lv8tj/KWqpjJAv1VBR8nur3nu3F/DJyKu8w1bx7IUdxdsHHkVvBDqS6
jIAnl2xUKGOHtndz8YpAmNRhdib1qd1pkxYtO2XXP1uEKwTW
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:27 2023 by rpki-client on console-ams.rpki-client.org