Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dac78198-f4cc-4437-840d-17db5bc1e05f.roa
File: dac78198-f4cc-4437-840d-17db5bc1e05f.roa (raw, json)
Hash identifier: WlAz+6tNbQy7a4SFYDfYWB8xBpN8Qjda+HYOSfQBFRQ=
Subject key identifier: 3C:61:6E:C8:BA:72:52:05:24:71:DD:42:B5:3E:97:06:20:64:1C:CC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 64A9F17C1BE624357E612DD9ADB82D92881758BF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dac78198-f4cc-4437-840d-17db5bc1e05f.roa
Signing time: Sat 20 Apr 2024 00:00:00 +0000
ROA not before: Sat 20 Apr 2024 00:00:00 +0000
ROA not after: Sat 25 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d013::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:a9:f1:7c:1b:e6:24:35:7e:61:2d:d9:ad:b8:2d:92:88:17:58:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 20 00:00:00 2024 GMT
Not After : May 25 23:59:59 2024 GMT
Subject: serialNumber=aff898b09af773dc99c406378375b274316e3d50eee9ce4f0f7d8a301360edec, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:15:3c:df:ef:03:fe:90:5f:6e:2f:4f:8d:22:
1c:37:9d:d4:96:4a:70:6c:0b:a3:08:97:c9:62:16:
77:bd:de:df:f4:a1:2c:cb:40:eb:42:f7:bd:95:99:
fd:e5:b0:90:11:d2:c8:31:2f:53:69:cf:d0:f9:22:
41:3c:8a:7f:a1:7d:10:3c:10:7a:fe:cd:a8:c5:b7:
36:5c:8d:b5:e4:6c:2a:b8:bd:ce:7d:12:b8:6d:9c:
d1:a0:c8:14:ff:29:0e:b6:a3:e7:43:f6:fc:e1:74:
d3:0c:7c:53:2c:11:70:55:7d:b8:0b:87:ee:87:0f:
58:0d:5c:80:3a:6e:35:e6:b8:58:b7:47:5c:ab:2d:
1c:02:55:54:9c:6a:d1:8a:8f:53:45:37:60:44:09:
2d:3d:fd:fb:99:b1:d2:03:ee:0c:19:00:c4:5f:cc:
5f:37:c8:68:fd:c8:69:ec:b7:b9:83:7b:94:50:ea:
5e:70:5a:eb:e0:03:b5:07:ef:74:01:d8:aa:00:be:
b9:aa:9b:7a:53:a3:8d:16:00:b0:32:fc:7b:3b:8a:
5e:c4:41:a3:1d:bc:16:ca:1f:34:3b:24:50:2e:65:
a7:56:db:b4:4e:0a:e2:2d:f9:99:4f:f5:51:8b:49:
cb:73:c3:85:17:5b:38:77:ab:15:25:61:2e:33:84:
99:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:61:6E:C8:BA:72:52:05:24:71:DD:42:B5:3E:97:06:20:64:1C:CC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dac78198-f4cc-4437-840d-17db5bc1e05f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d013::/36
Signature Algorithm: sha256WithRSAEncryption
a6:6b:bb:9b:63:0f:9c:38:df:cc:15:5d:1f:a2:b1:fd:01:8c:
9c:f1:00:fc:0b:fb:7b:02:87:80:cf:dd:b1:76:da:19:20:da:
40:d5:13:ba:5b:80:ed:d1:30:b9:26:de:70:1d:2b:4a:fd:bc:
39:58:dd:83:ba:a8:8b:43:83:63:da:77:9f:1a:a2:bb:cc:7d:
ca:7f:0d:4f:5d:d1:19:12:e7:cc:6a:e6:ce:e4:64:cf:25:75:
de:48:f0:cc:66:96:53:cf:b6:ae:e3:fc:1f:e7:1e:59:02:d6:
38:bb:23:b4:61:ba:95:a0:67:5b:c3:d5:5b:4c:c9:2b:95:95:
4a:54:1e:65:b6:13:dd:b9:bd:d1:a6:d8:6d:d8:05:b8:d9:b2:
be:9c:18:4b:ba:7b:e0:c6:05:54:5b:da:3a:30:d2:af:7b:17:
e9:27:9c:92:31:41:7d:ad:0a:f2:ef:bc:39:ba:0a:9d:ea:84:
34:41:09:a3:e0:05:ee:09:e9:da:ed:01:bd:1f:6d:8d:ca:58:
63:93:73:ee:13:1b:84:db:fc:ff:4f:be:51:88:ed:22:3e:02:
a4:9f:e6:f9:a8:e3:2b:97:0a:18:4a:16:f0:35:ac:f8:aa:b5:
8a:31:56:27:33:4f:55:79:77:13:1b:df:a0:41:b6:63:31:0d:
a8:b7:f2:1e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZKnxfBvmJDV+YS3ZrbgtkogXWL8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MjAwMDAwMDBaFw0yNDA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmZjg5OGIwOWFmNzczZGM5OWM0MDYzNzgzNzViMjc0MzE2ZTNkNTBlZWU5
Y2U0ZjBmN2Q4YTMwMTM2MGVkZWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJMVPN/vA/6QX24vT40iHDed1JZKcGwLowiXyWIWd73e3/ShLMtA60L3vZWZ
/eWwkBHSyDEvU2nP0PkiQTyKf6F9EDwQev7NqMW3NlyNteRsKri9zn0SuG2c0aDI
FP8pDraj50P2/OF00wx8UywRcFV9uAuH7ocPWA1cgDpuNea4WLdHXKstHAJVVJxq
0YqPU0U3YEQJLT39+5mx0gPuDBkAxF/MXzfIaP3Iaey3uYN7lFDqXnBa6+ADtQfv
dAHYqgC+uaqbelOjjRYAsDL8ezuKXsRBox28FsofNDskUC5lp1bbtE4K4i35mU/1
UYtJy3PDhRdbOHerFSVhLjOEmVkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ8YW7I
unJSBSRx3UK1PpcGIGQczDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGFjNzgxOTgtZjRjYy00NDM3LTg0MGQtMTdkYjViYzFlMDVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BMA
MA0GCSqGSIb3DQEBCwUAA4IBAQCma7ubYw+cON/MFV0forH9AYyc8QD8C/t7AoeA
z92xdtoZINpA1RO6W4Dt0TC5Jt5wHStK/bw5WN2DuqiLQ4Nj2nefGqK7zH3Kfw1P
XdEZEufMaubO5GTPJXXeSPDMZpZTz7au4/wf5x5ZAtY4uyO0YbqVoGdbw9VbTMkr
lZVKVB5lthPdub3Rptht2AW42bK+nBhLunvgxgVUW9o6MNKvexfpJ5ySMUF9rQry
77w5ugqd6oQ0QQmj4AXuCena7QG9H22Nylhjk3PuExuE2/z/T75RiO0iPgKkn+b5
qOMrlwoYShbwNaz4qrWKMVYnM09VeXcTG9+gQbZjMQ2ot/Ie
-----END CERTIFICATE-----
Generated at Sat Apr 27 17:54:24 2024 by rpki-client on console-ams.rpki-client.org