Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c70048ab-227b-4f94-a795-0e7749291f1b.roa
File: c70048ab-227b-4f94-a795-0e7749291f1b.roa (raw, json)
Hash identifier: LiXf5aOH0rDerxMC+q+zbHwKt/UyIJv6n45czi3m9f4=
Subject key identifier: 6B:C0:78:85:34:E7:C0:CD:BD:4B:54:09:3B:82:6B:50:FF:5B:D0:D8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0D31C28FE6E84364C60B140A1B512F4BA7FC10F2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c70048ab-227b-4f94-a795-0e7749291f1b.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Apr 2024 17:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:31:c2:8f:e6:e8:43:64:c6:0b:14:0a:1b:51:2f:4b:a7:fc:10:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=5c4b24a339d20d0093c46318adbdc52c0770533ae7866541514d1254a5621e30, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:71:0f:09:fc:87:15:5c:f7:78:25:f1:51:29:
ba:8a:99:ef:48:49:52:81:74:ec:db:c6:78:1f:57:
2a:8c:75:e1:5f:e3:2d:2b:69:cc:8a:a5:d4:c2:74:
a2:65:32:41:2d:17:51:62:64:e0:fd:98:1d:9a:46:
9f:17:68:80:44:35:01:73:7f:cc:e4:3f:d8:45:bc:
c8:3f:e4:c2:ee:c3:98:f9:94:2f:6b:82:f5:8c:91:
62:c6:58:69:26:88:91:4e:da:b1:57:dc:ce:2f:f4:
fb:67:13:1c:0a:8c:a3:ea:d3:cf:b2:35:18:60:9b:
fc:de:18:3e:78:52:22:a5:28:3e:f2:c1:60:fb:53:
b3:a2:39:24:37:87:20:c8:f0:aa:00:73:a7:65:ed:
56:11:55:c4:31:8d:fd:37:3f:cf:0d:96:c6:ef:85:
d7:d2:e7:ce:7a:93:0e:00:11:c2:9c:e9:b4:e8:aa:
f0:53:ff:d4:6a:25:ff:9b:a5:83:45:22:4a:bb:75:
af:96:da:44:73:c1:ce:2c:09:4a:c9:5b:81:4f:40:
41:28:0e:85:00:75:e3:53:f0:1f:b4:fd:05:bf:29:
e0:4d:1a:98:a7:0c:d2:77:03:2d:48:b4:f9:c8:21:
1c:4e:1f:59:7c:25:ce:0c:f3:e2:fd:c5:67:7c:7f:
b3:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:C0:78:85:34:E7:C0:CD:BD:4B:54:09:3B:82:6B:50:FF:5B:D0:D8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c70048ab-227b-4f94-a795-0e7749291f1b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:8000::/40
Signature Algorithm: sha256WithRSAEncryption
36:fc:97:fb:a7:6c:f2:de:fd:e1:f7:f1:3e:f6:93:79:50:3b:
3b:65:9a:c4:f2:fe:ed:a9:20:8d:81:89:97:27:aa:4b:60:f2:
61:b9:08:6b:6b:60:26:ba:87:70:17:68:54:b7:8b:3f:28:ab:
95:e7:4d:a2:47:49:dd:2d:eb:32:30:51:54:52:94:eb:d2:b2:
87:10:71:46:a1:c2:94:38:63:ca:a1:67:d5:f3:94:31:3b:6b:
d5:cb:c7:c8:05:bb:df:a9:b3:f7:ba:a8:a4:de:7e:e7:db:2b:
4a:b1:c4:66:02:f7:90:bf:ec:ed:d5:14:17:c1:4d:ba:52:2c:
1d:b2:b1:f5:ac:bc:90:b5:88:d7:8f:ad:fb:2d:97:6d:39:e9:
bd:2c:07:c2:54:86:6f:ce:87:fd:e7:b7:f6:92:94:e7:4d:aa:
7a:9f:f9:e0:58:ba:53:86:e8:2b:09:c4:8c:38:23:bc:a0:0f:
a3:68:bd:e6:f4:57:c9:3f:fc:0b:a5:81:3d:87:bf:13:78:b3:
9f:04:9d:fb:39:f3:60:c5:99:ca:ee:47:81:09:e4:4d:48:c0:
4a:36:42:6d:af:5f:2c:36:55:77:3f:28:82:8b:be:14:e1:08:
99:03:01:5f:a8:3a:ca:87:a4:64:e8:f0:7b:3f:d3:41:97:48:
51:c1:84:bc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDTHCj+boQ2TGCxQKG1EvS6f8EPIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjNGIyNGEzMzlkMjBkMDA5M2M0NjMxOGFkYmRjNTJjMDc3MDUzM2FlNzg2
NjU0MTUxNGQxMjU0YTU2MjFlMzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJlxDwn8hxVc93gl8VEpuoqZ70hJUoF07NvGeB9XKox14V/jLStpzIql1MJ0
omUyQS0XUWJk4P2YHZpGnxdogEQ1AXN/zOQ/2EW8yD/kwu7DmPmUL2uC9YyRYsZY
aSaIkU7asVfczi/0+2cTHAqMo+rTz7I1GGCb/N4YPnhSIqUoPvLBYPtTs6I5JDeH
IMjwqgBzp2XtVhFVxDGN/Tc/zw2Wxu+F19LnznqTDgARwpzptOiq8FP/1Gol/5ul
g0UiSrt1r5baRHPBziwJSslbgU9AQSgOhQB141PwH7T9Bb8p4E0amKcM0ncDLUi0
+cghHE4fWXwlzgzz4v3FZ3x/s78CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRrwHiF
NOfAzb1LVAk7gmtQ/1vQ2DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzcwMDQ4YWItMjI3Yi00Zjk0LWE3OTUtMGU3NzQ5MjkxZjFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HuA
MA0GCSqGSIb3DQEBCwUAA4IBAQA2/Jf7p2zy3v3h9/E+9pN5UDs7ZZrE8v7tqSCN
gYmXJ6pLYPJhuQhra2AmuodwF2hUt4s/KKuV502iR0ndLesyMFFUUpTr0rKHEHFG
ocKUOGPKoWfV85QxO2vVy8fIBbvfqbP3uqik3n7n2ytKscRmAveQv+zt1RQXwU26
UiwdsrH1rLyQtYjXj637LZdtOem9LAfCVIZvzof957f2kpTnTap6n/ngWLpThugr
CcSMOCO8oA+jaL3m9FfJP/wLpYE9h78TeLOfBJ37OfNgxZnK7keBCeRNSMBKNkJt
r18sNlV3PyiCi74U4QiZAwFfqDrKh6Rk6PB7P9NBl0hRwYS8
-----END CERTIFICATE-----
Generated at Sat Apr 20 01:09:34 2024 by rpki-client on console-ams.rpki-client.org