Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d37dfec6-4d5a-4fea-a026-1350fc8af8c3.roa
File: d37dfec6-4d5a-4fea-a026-1350fc8af8c3.roa (raw, json)
Hash identifier: r7bRYROFcLJnsht59VLf0aAw/deJdOak0B90WFift98=
Subject key identifier: 28:24:56:17:DA:A0:87:FC:00:89:52:08:64:95:5C:EB:08:72:68:E2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 469E97AF0A748ADD2ACE5BBEDF8D87354DF937AF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d37dfec6-4d5a-4fea-a026-1350fc8af8c3.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:9e:97:af:0a:74:8a:dd:2a:ce:5b:be:df:8d:87:35:4d:f9:37:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=eb5e139a059dcd92c6c1ea83957e432bb95bd7f4ddadd21d684b101f07699437, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:76:0c:5b:49:82:7e:f2:38:61:7f:80:ef:53:
dd:a4:51:e1:64:8e:49:a2:df:7f:92:fc:37:38:f0:
61:8e:4e:4e:da:1b:d7:a0:28:2d:94:dd:88:1b:ee:
a1:b2:ee:e6:a1:94:f4:12:77:94:e0:00:70:f4:98:
c0:25:17:09:b0:ef:31:60:8d:6b:ae:04:06:6b:5e:
a1:90:03:1f:66:9b:bc:3a:1b:ed:59:f1:1e:e9:7e:
bd:01:35:06:9f:81:46:f4:33:35:b1:cc:d4:bf:c3:
0b:b3:a9:0b:5c:2f:e2:ef:5e:75:c1:16:d3:2d:07:
33:96:82:e7:c1:c3:48:98:d2:be:4f:d5:b7:4c:be:
7b:1f:46:9b:b2:c2:b5:06:60:95:ae:4e:b2:b7:25:
f9:0f:61:37:63:d3:8b:de:24:dc:58:8b:24:b2:3f:
c3:7f:b3:45:ad:81:19:ea:76:af:d6:8e:e7:1d:fe:
6f:2e:55:3f:df:4b:28:88:a3:3f:06:9d:8f:94:4b:
a0:7e:be:9f:57:43:03:93:b0:7a:33:07:b4:cb:b3:
63:67:f8:b2:59:23:10:c9:63:bb:33:f9:72:42:60:
f2:75:26:e0:70:bd:4b:e6:46:74:a3:23:6e:42:ca:
42:db:5b:f6:e5:70:d6:1b:c6:f2:73:cd:8e:72:cb:
3c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:24:56:17:DA:A0:87:FC:00:89:52:08:64:95:5C:EB:08:72:68:E2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d37dfec6-4d5a-4fea-a026-1350fc8af8c3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:1000::/40
Signature Algorithm: sha256WithRSAEncryption
6e:e3:b9:73:ef:c2:08:7d:bc:41:2a:dd:4e:57:6c:06:ef:8a:
fd:ab:82:e2:13:b3:77:d2:73:1b:07:01:7f:66:3d:b1:be:bc:
23:cd:c0:e1:b5:8a:b1:9d:2a:d8:f1:2f:5a:6d:34:35:14:7a:
df:8b:e9:df:8d:71:12:e7:03:ba:b6:25:69:48:d8:3e:a5:ac:
fe:10:9c:a0:51:18:0a:84:46:71:98:19:d0:ec:3a:06:8f:61:
a5:ee:a5:dd:b1:3a:f7:e4:ac:33:b7:77:45:19:a5:82:01:ab:
9a:2a:2e:c1:0b:56:53:41:23:ed:e6:45:ed:12:3b:ca:c3:2e:
0f:b9:7b:dc:08:7d:64:a4:7c:71:e3:fa:bd:fa:a6:12:01:2a:
24:cf:dc:ef:a1:f0:13:9c:3b:a9:55:e8:56:af:59:25:4f:cf:
81:14:2b:3e:72:d5:96:c0:22:48:23:77:e3:1b:7f:01:5b:f9:
c3:28:e8:3a:5c:7e:d4:66:60:ee:45:ad:13:9e:2b:c0:03:32:
e4:18:28:3b:01:79:11:5c:f1:68:3a:7c:6a:eb:7f:7e:ea:73:
21:90:62:a6:27:77:7f:4e:af:a7:a4:20:42:73:e4:0e:75:3e:
ce:68:96:d4:f4:d4:3c:9b:5a:4e:29:55:be:49:0f:96:e5:35:
39:0c:65:1d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURp6Xrwp0it0qzlu+342HNU35N68wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGViNWUxMzlhMDU5ZGNkOTJjNmMxZWE4Mzk1N2U0MzJiYjk1YmQ3ZjRkZGFk
ZDIxZDY4NGIxMDFmMDc2OTk0MzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKR2DFtJgn7yOGF/gO9T3aRR4WSOSaLff5L8NzjwYY5OTtob16AoLZTdiBvu
obLu5qGU9BJ3lOAAcPSYwCUXCbDvMWCNa64EBmteoZADH2abvDob7VnxHul+vQE1
Bp+BRvQzNbHM1L/DC7OpC1wv4u9edcEW0y0HM5aC58HDSJjSvk/Vt0y+ex9Gm7LC
tQZgla5Osrcl+Q9hN2PTi94k3FiLJLI/w3+zRa2BGep2r9aO5x3+by5VP99LKIij
Pwadj5RLoH6+n1dDA5OwejMHtMuzY2f4slkjEMljuzP5ckJg8nUm4HC9S+ZGdKMj
bkLKQttb9uVw1hvG8nPNjnLLPGsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQoJFYX
2qCH/ACJUghklVzrCHJo4jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDM3ZGZlYzYtNGQ1YS00ZmVhLWEwMjYtMTM1MGZjOGFmOGMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DoQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBu47lz78IIfbxBKt1OV2wG74r9q4LiE7N30nMb
BwF/Zj2xvrwjzcDhtYqxnSrY8S9abTQ1FHrfi+nfjXES5wO6tiVpSNg+paz+EJyg
URgKhEZxmBnQ7DoGj2Gl7qXdsTr35Kwzt3dFGaWCAauaKi7BC1ZTQSPt5kXtEjvK
wy4PuXvcCH1kpHxx4/q9+qYSASokz9zvofATnDupVehWr1klT8+BFCs+ctWWwCJI
I3fjG38BW/nDKOg6XH7UZmDuRa0TnivAAzLkGCg7AXkRXPFoOnxq639+6nMhkGKm
J3d/Tq+npCBCc+QOdT7OaJbU9NQ8m1pOKVW+SQ+W5TU5DGUd
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:50:17 2023 by rpki-client on console-ams.rpki-client.org