Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d87254b0-b4eb-4fa7-903a-4d7122b9c6b4.roa
File: d87254b0-b4eb-4fa7-903a-4d7122b9c6b4.roa (raw, json)
Hash identifier: xr7AnxAfIDOt9BxexdXTT8mMIPFAfM5Pid2j60krKRw=
Subject key identifier: 7A:D8:76:B5:E1:F2:B8:5E:13:E0:C4:5B:86:D6:38:5F:1B:6D:4B:FB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7A83399E00B25534EC83C0D35BB18EE45925AAED
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d87254b0-b4eb-4fa7-903a-4d7122b9c6b4.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d070:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:83:39:9e:00:b2:55:34:ec:83:c0:d3:5b:b1:8e:e4:59:25:aa:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=0f605029c70ff89429c4e6f3f3edbba1807dc3ea02e99ad78027cf8286f036c2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:7b:7d:f2:28:66:db:5c:fc:03:e3:2f:5c:92:
bd:84:49:d4:ef:19:de:6f:01:8e:8c:f6:e2:b3:83:
c6:bd:61:5f:56:41:ef:b3:dd:8c:25:f8:15:cf:11:
c3:ba:84:70:20:47:c5:8f:f3:12:89:c7:75:af:c3:
e2:1e:9d:1e:42:ff:26:32:8a:a7:7c:e2:47:a1:33:
0f:34:e4:a2:d3:0e:f0:43:52:db:4b:a0:47:11:0d:
d8:f8:99:8d:32:b1:c8:5e:35:a4:90:9b:7e:a9:76:
16:b3:1a:45:49:62:8d:b8:e7:55:38:d5:c6:b4:c1:
69:2a:42:6c:06:5c:21:13:b6:40:ca:3c:22:4b:bc:
b1:bc:b6:9b:cb:48:4c:0e:b3:64:a8:72:77:e6:29:
4e:df:3c:20:fb:80:75:9f:6c:4d:f6:e2:14:39:61:
bc:5a:a7:ae:51:c3:57:13:62:5c:a9:b3:78:13:a2:
ab:17:30:df:2d:8e:5e:d7:ea:3b:73:e0:08:54:5c:
e8:ed:20:5d:25:0f:40:e2:89:c4:c0:73:07:6d:15:
ba:27:11:9e:6a:6b:84:16:cc:91:1f:56:4b:f0:91:
28:b7:2c:80:7a:b3:b9:f0:b0:87:e1:6d:3b:ac:b6:
77:e6:80:d6:52:c0:7f:a8:bb:77:a1:b2:f1:f7:9c:
60:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:D8:76:B5:E1:F2:B8:5E:13:E0:C4:5B:86:D6:38:5F:1B:6D:4B:FB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d87254b0-b4eb-4fa7-903a-4d7122b9c6b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d070:5000::/40
Signature Algorithm: sha256WithRSAEncryption
28:dd:75:04:2d:85:cb:1c:c1:fb:9b:b7:a1:1f:03:de:f4:4b:
14:6f:b3:d7:dd:2c:70:23:99:77:d5:1b:a3:b3:1b:ce:fe:07:
5a:00:6e:35:39:01:40:d7:89:20:f5:81:49:d8:86:bc:fa:92:
e2:a8:df:7c:38:e6:fb:3e:4a:1f:bd:17:2c:94:13:ac:33:36:
c4:b1:af:97:b0:7d:be:58:27:0b:5f:6e:9e:2d:12:ea:40:e7:
ae:ae:ca:a5:38:9d:a5:eb:9c:7b:f5:db:ae:11:5d:70:07:37:
85:2d:68:bc:05:bf:9e:6c:88:89:cb:9a:c0:6f:91:d7:fb:96:
cc:b9:da:e6:f8:e5:73:1f:be:db:bd:f4:ba:1c:6f:e1:63:c5:
d0:8b:e2:0d:2c:05:93:a0:02:a5:da:31:c8:53:7b:53:1e:36:
ff:d1:33:06:d7:8a:59:fe:d2:07:4e:08:86:d8:f2:e7:45:2a:
46:ec:a8:8c:e8:23:9a:94:eb:95:0b:cc:19:36:8c:48:5a:2b:
8a:3d:57:35:85:a2:3d:15:c8:05:24:c2:b9:4a:21:e2:d1:e2:
85:ec:47:a2:7c:a7:7f:a1:f8:52:f5:9d:4b:f6:54:54:2e:0e:
f6:d1:e4:fe:a8:08:2e:b8:98:17:31:7a:15:a4:c7:f0:21:e7:
3f:a8:2e:f9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeoM5ngCyVTTsg8DTW7GO5Fklqu0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDBmNjA1MDI5YzcwZmY4OTQyOWM0ZTZmM2YzZWRiYmExODA3ZGMzZWEwMmU5
OWFkNzgwMjdjZjgyODZmMDM2YzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMp7ffIoZttc/APjL1ySvYRJ1O8Z3m8Bjoz24rODxr1hX1ZB77PdjCX4Fc8R
w7qEcCBHxY/zEonHda/D4h6dHkL/JjKKp3ziR6EzDzTkotMO8ENS20ugRxEN2PiZ
jTKxyF41pJCbfql2FrMaRUlijbjnVTjVxrTBaSpCbAZcIRO2QMo8Iku8sby2m8tI
TA6zZKhyd+YpTt88IPuAdZ9sTfbiFDlhvFqnrlHDVxNiXKmzeBOiqxcw3y2OXtfq
O3PgCFRc6O0gXSUPQOKJxMBzB20VuicRnmprhBbMkR9WS/CRKLcsgHqzufCwh+Ft
O6y2d+aA1lLAf6i7d6Gy8fecYFMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR62Ha1
4fK4XhPgxFuG1jhfG21L+zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDg3MjU0YjAtYjRlYi00ZmE3LTkwM2EtNGQ3MTIyYjljNmI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HBQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAo3XUELYXLHMH7m7ehHwPe9EsUb7PX3SxwI5l3
1RujsxvO/gdaAG41OQFA14kg9YFJ2Ia8+pLiqN98OOb7PkofvRcslBOsMzbEsa+X
sH2+WCcLX26eLRLqQOeursqlOJ2l65x79duuEV1wBzeFLWi8Bb+ebIiJy5rAb5HX
+5bMudrm+OVzH77bvfS6HG/hY8XQi+INLAWToAKl2jHIU3tTHjb/0TMG14pZ/tIH
TgiG2PLnRSpG7KiM6COalOuVC8wZNoxIWiuKPVc1haI9FcgFJMK5SiHi0eKF7Eei
fKd/ofhS9Z1L9lRULg720eT+qAguuJgXMXoVpMfwIec/qC75
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:27 2023 by rpki-client on console-ams.rpki-client.org