Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d99eb465-9cfd-49b1-9346-6d846f862940.roa
File: d99eb465-9cfd-49b1-9346-6d846f862940.roa (raw, json)
Hash identifier: AIxFYYM51vxIuEBYrHFq9+twUJgUZr8ul9Pm6nwtlHE=
Subject key identifier: F1:78:31:75:C1:09:42:14:21:F4:CC:3B:E0:E1:A0:84:84:82:E3:8F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2C89F9335128340DC0263A2A55F28E34E3D1C458
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d99eb465-9cfd-49b1-9346-6d846f862940.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 23:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:89:f9:33:51:28:34:0d:c0:26:3a:2a:55:f2:8e:34:e3:d1:c4:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=5d7d34e140ffe61953271bb628608e521a8563af5c4e7da174459891d0523252, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:99:7a:67:ea:d8:b8:55:e1:6b:0e:d2:26:44:
89:78:99:66:fe:73:0d:1d:75:95:54:37:d9:e6:bc:
c8:2a:f7:6a:ca:3c:d7:c6:e9:65:c1:65:62:22:25:
5f:78:36:8d:28:7b:c6:13:f6:af:67:29:51:7a:ef:
69:51:7b:3a:bd:ac:ff:9f:ce:c0:9e:e3:52:27:d1:
43:11:e3:5c:72:c3:e4:6e:f9:a8:92:be:6b:ce:ce:
de:76:a2:d5:69:5d:73:e2:c5:55:34:ed:b9:f0:a7:
92:41:04:aa:94:d0:b2:47:02:8f:2f:f3:fb:5e:2c:
d0:bd:e8:2b:7a:7b:e9:48:2b:f4:04:92:42:0a:ac:
93:79:83:78:21:d9:51:b0:10:99:29:71:8a:35:0f:
fb:1f:fe:57:a6:05:07:95:23:a8:e3:2e:55:8b:e8:
47:73:91:a5:d9:c0:33:87:66:48:40:da:d2:03:12:
9c:b4:1c:fe:3d:f4:5e:f2:1c:30:cb:67:bb:c1:e2:
6c:1a:ba:3f:4e:56:b8:12:66:af:58:09:cb:c4:5b:
e9:e3:86:71:f3:6c:b7:bf:49:96:45:01:c8:e1:b7:
b8:7a:f1:fc:46:c8:dd:36:11:f0:44:14:a3:21:19:
da:3a:55:3b:84:e1:83:17:d8:af:56:19:62:55:e0:
e5:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:78:31:75:C1:09:42:14:21:F4:CC:3B:E0:E1:A0:84:84:82:E3:8F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d99eb465-9cfd-49b1-9346-6d846f862940.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:4000::/40
Signature Algorithm: sha256WithRSAEncryption
bb:3c:79:0f:03:65:cf:b9:d1:54:b3:07:3d:ed:f2:07:54:38:
e6:54:7f:1b:c5:ee:a0:60:a5:fe:23:29:60:9f:27:55:ba:22:
43:6c:6b:bc:ae:92:5c:e5:b7:15:42:6d:7f:22:76:d2:c5:1e:
32:1a:4a:10:cd:ab:d5:36:15:30:ab:99:41:1f:c8:13:37:37:
44:62:4e:d6:4d:35:83:6d:34:88:b1:e0:db:7e:db:97:96:52:
8d:c3:13:a0:cf:25:6b:81:ba:48:b2:b3:a2:12:2b:5b:fa:3f:
e6:dc:d3:b4:53:57:d2:24:2c:b2:f9:3c:c8:bb:ca:7a:40:cc:
e3:b6:59:28:56:52:a7:a7:05:ac:93:e0:b1:e8:9f:b6:cb:bd:
d7:8a:29:f8:07:6f:f8:80:92:c0:b0:1e:27:16:9e:a2:ff:b3:
2a:42:a3:68:d2:4d:dc:b3:1e:74:c5:fc:94:87:51:b3:49:5f:
2a:d2:29:c9:95:b2:8e:75:08:7f:b7:75:c2:0e:a8:9c:1f:c3:
57:56:a1:bc:b1:fb:1c:9d:b5:22:f5:2c:c2:2a:b3:c5:24:19:
dc:ef:09:da:e8:0b:e5:0c:ce:0d:c8:a6:f5:05:72:7a:bf:52:
83:cb:a4:79:73:60:53:13:d8:a0:a7:db:22:bf:02:5b:22:4b:
c6:e7:78:5f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULIn5M1EoNA3AJjoqVfKONOPRxFgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDVkN2QzNGUxNDBmZmU2MTk1MzI3MWJiNjI4NjA4ZTUyMWE4NTYzYWY1YzRl
N2RhMTc0NDU5ODkxZDA1MjMyNTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOaZemfq2LhV4WsO0iZEiXiZZv5zDR11lVQ32ea8yCr3aso818bpZcFlYiIl
X3g2jSh7xhP2r2cpUXrvaVF7Or2s/5/OwJ7jUifRQxHjXHLD5G75qJK+a87O3nai
1Wldc+LFVTTtufCnkkEEqpTQskcCjy/z+14s0L3oK3p76Ugr9ASSQgqsk3mDeCHZ
UbAQmSlxijUP+x/+V6YFB5UjqOMuVYvoR3ORpdnAM4dmSEDa0gMSnLQc/j30XvIc
MMtnu8HibBq6P05WuBJmr1gJy8Rb6eOGcfNst79JlkUByOG3uHrx/EbI3TYR8EQU
oyEZ2jpVO4ThgxfYr1YZYlXg5VUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTxeDF1
wQlCFCH0zDvg4aCEhILjjzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDk5ZWI0NjUtOWNmZC00OWIxLTkzNDYtNmQ4NDZmODYyOTQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DVA
MA0GCSqGSIb3DQEBCwUAA4IBAQC7PHkPA2XPudFUswc97fIHVDjmVH8bxe6gYKX+
IylgnydVuiJDbGu8rpJc5bcVQm1/InbSxR4yGkoQzavVNhUwq5lBH8gTNzdEYk7W
TTWDbTSIseDbftuXllKNwxOgzyVrgbpIsrOiEitb+j/m3NO0U1fSJCyy+TzIu8p6
QMzjtlkoVlKnpwWsk+Cx6J+2y73Xiin4B2/4gJLAsB4nFp6i/7MqQqNo0k3csx50
xfyUh1GzSV8q0inJlbKOdQh/t3XCDqicH8NXVqG8sfscnbUi9SzCKrPFJBnc7wna
6AvlDM4NyKb1BXJ6v1KDy6R5c2BTE9igp9sivwJbIkvG53hf
-----END CERTIFICATE-----
Generated at Fri Apr 26 06:08:16 2024 by rpki-client on console-ams.rpki-client.org