Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d33501f4-37b1-436c-b8e9-4674e1466304.roa
File: d33501f4-37b1-436c-b8e9-4674e1466304.roa (raw, json)
Hash identifier: 8ul8bGS5C2vQyLtyc+BQUdjQVd6lfpRnQ16uFYbJi6M=
Subject key identifier: 99:3C:CF:FA:80:0A:4F:13:2B:4A:AC:3F:71:39:3B:84:52:2B:6F:3C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3FDB1CE0605CC4780EC4DA1EE03FFA30296C8F61
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d33501f4-37b1-436c-b8e9-4674e1466304.roa
Signing time: Sat 18 Mar 2023 00:00:00 +0000
ROA not before: Sat 18 Mar 2023 00:00:00 +0000
ROA not after: Sat 22 Apr 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Mar 2023 16:08:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:db:1c:e0:60:5c:c4:78:0e:c4:da:1e:e0:3f:fa:30:29:6c:8f:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 18 00:00:00 2023 GMT
Not After : Apr 22 23:59:59 2023 GMT
Subject: serialNumber=1dbeef0aab7ffb1c19c254646b7f9dd62ff26864aaf2ff8d6cd5a75f941ef532, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:7f:93:24:02:99:98:2c:8b:ab:ef:56:8b:17:
f0:55:b4:7f:97:b5:a7:19:5a:1d:6a:b0:93:ae:fe:
82:0a:22:ab:ae:2f:06:86:75:93:4a:cc:1a:22:f9:
83:1d:a9:98:56:61:d6:33:af:ba:18:f4:5e:c3:67:
86:72:4f:4d:70:41:eb:37:28:c9:ae:39:fa:58:41:
94:18:a2:15:87:24:c5:b2:4b:ca:46:b0:4a:23:94:
71:20:0e:4e:8a:bd:6a:13:62:0a:20:14:6d:e6:25:
9c:c6:11:03:fe:08:29:2e:39:1b:6b:9d:de:be:26:
14:bf:96:17:3a:7e:2e:12:f5:95:8e:bf:52:2e:ca:
b7:83:f9:5a:27:f1:a1:0a:93:2d:79:7f:f1:8e:b5:
57:9c:c9:d1:92:0d:8b:c3:c3:2a:6d:96:f8:61:98:
81:37:cd:33:b5:21:5e:59:ca:04:24:72:97:4b:30:
ee:4c:f4:b3:50:13:ea:95:e6:56:9d:74:e1:44:af:
2c:50:9d:f6:c6:e3:d7:d1:90:01:9e:32:f8:bd:d2:
1f:18:c9:14:f2:8b:5c:31:8f:83:1a:eb:5c:7a:b8:
d7:50:1c:33:2a:61:3e:1e:a7:3d:e9:00:32:65:19:
06:a2:cd:d5:be:2a:40:3e:94:7a:c4:ad:e8:c6:d8:
1b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:3C:CF:FA:80:0A:4F:13:2B:4A:AC:3F:71:39:3B:84:52:2B:6F:3C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d33501f4-37b1-436c-b8e9-4674e1466304.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:6000::/40
Signature Algorithm: sha256WithRSAEncryption
af:97:46:8f:f0:09:1d:de:eb:73:23:8f:d4:70:87:0a:98:29:
e3:89:cd:46:7c:62:50:e4:79:ce:42:67:ef:34:7f:0f:8c:3b:
42:2e:e8:d7:d3:1c:45:1a:a9:95:68:3e:a0:d1:a7:3d:79:e1:
c3:4f:48:9b:54:8d:3d:1d:42:2e:0e:6e:01:5f:3a:e9:9f:1c:
ee:62:4f:b0:82:e8:69:ed:bd:92:53:07:8a:1d:44:20:ab:47:
08:83:04:06:af:8a:45:19:d4:49:d4:d7:0c:81:c2:0d:fe:9a:
b9:71:3c:06:c8:10:cd:1d:79:e0:55:f5:38:9f:74:4a:00:19:
1c:ad:15:56:d1:65:0a:44:81:ae:84:b1:7b:83:ed:5b:8e:d2:
0c:20:18:7c:a4:0a:8a:53:86:f8:5b:5d:3e:a3:55:5f:e0:2d:
74:93:c9:4b:b9:50:7b:ce:1f:a5:8d:e0:0f:8d:a6:69:d1:4b:
5c:55:c4:2c:36:52:55:13:98:1a:21:ed:a9:c1:04:0b:3f:f6:
e6:57:a7:b6:cb:b2:4e:11:d0:d3:15:26:e5:f7:c2:58:2d:ab:
d0:3e:95:b5:74:6e:db:66:d9:dc:86:07:9e:bf:b7:e4:7e:b5:
29:8a:45:94:8a:59:04:ce:76:87:9d:8b:c0:a6:a1:90:4b:c2:
07:df:5d:ac
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIUP9sc4GBcxHgOxNoe4D/6MClsj2EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzAzMTgwMDAwMDBaFw0yMzA0MjIyMzU5NTlaMIGlMUkwRwYD
VQQFE0AxZGJlZWYwYWFiN2ZmYjFjMTljMjU0NjQ2YjdmOWRkNjJmZjI2ODY0YWFm
MmZmOGQ2Y2Q1YTc1Zjk0MWVmNTMyMS0wKwYDVQQDEyQ2NjE1YTM4Yi0zYWQ3LTQ3
YjctOGZiMi02ODVjMzhkMDA5MTQxFDASBgNVBAsTC0FtYXpvbiBSUEtJMRMwEQYD
VQQKEwpBbWF6b24uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
y3+TJAKZmCyLq+9WixfwVbR/l7WnGVodarCTrv6CCiKrri8GhnWTSswaIvmDHamY
VmHWM6+6GPRew2eGck9NcEHrNyjJrjn6WEGUGKIVhyTFskvKRrBKI5RxIA5Oir1q
E2IKIBRt5iWcxhED/ggpLjkba53eviYUv5YXOn4uEvWVjr9SLsq3g/laJ/GhCpMt
eX/xjrVXnMnRkg2Lw8MqbZb4YZiBN80ztSFeWcoEJHKXSzDuTPSzUBPqleZWnXTh
RK8sUJ32xuPX0ZABnjL4vdIfGMkU8otcMY+DGutcerjXUBwzKmE+Hqc96QAyZRkG
os3VvipAPpR6xK3oxtgbCQIDAQABo4ICIzCCAh8wHQYDVR0OBBYEFJk8z/qACk8T
K0qsP3E5O4RSK288MB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8MA4G
A1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVuZFo1
UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsGAQUF
BzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5jb20v
dm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC9kMzM1
MDFmNC0zN2IxLTQzNmMtYjhlOS00Njc0ZTE0NjYzMDQucm9hMIGIBgNVHR8EgYAw
fjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
dU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXQOmAwDQYJ
KoZIhvcNAQELBQADggEBAK+XRo/wCR3e63Mjj9RwhwqYKeOJzUZ8YlDkec5CZ+80
fw+MO0Iu6NfTHEUaqZVoPqDRpz154cNPSJtUjT0dQi4ObgFfOumfHO5iT7CC6Gnt
vZJTB4odRCCrRwiDBAavikUZ1EnU1wyBwg3+mrlxPAbIEM0deeBV9TifdEoAGRyt
FVbRZQpEga6EsXuD7VuO0gwgGHykCopThvhbXT6jVV/gLXSTyUu5UHvOH6WN4A+N
pmnRS1xVxCw2UlUTmBoh7anBBAs/9uZXp7bLsk4R0NMVJuX3wlgtq9A+lbV0bttm
2dyGB56/t+R+tSmKRZSKWQTOdoedi8CmoZBLwgffXaw=
-----END CERTIFICATE-----
Generated at Sat Mar 18 00:30:39 2023 by rpki-client on console-ams.rpki-client.org