Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e02b574a-4acd-4629-94f4-7fe8ac12a1aa.roa
File: e02b574a-4acd-4629-94f4-7fe8ac12a1aa.roa (raw, json)
Hash identifier: cxTXmcSk9XBShTYfFQ40vH9JVmwTxPcS0uQ8Vypb8iQ=
Subject key identifier: 37:D6:9D:58:C6:BA:0E:B0:31:63:B6:09:C4:C5:7E:51:A0:3C:1A:AB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1076723C49AFCFB40D079BE70891C101F94BFBD1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e02b574a-4acd-4629-94f4-7fe8ac12a1aa.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07c:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:76:72:3c:49:af:cf:b4:0d:07:9b:e7:08:91:c1:01:f9:4b:fb:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=a57d0807f5b46e04bcd17b4d507678c87a4257a0a230e17af40b9346b8115bee, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ab:07:64:60:3a:45:df:f7:6e:00:aa:be:98:
fc:26:ee:86:12:d1:c3:94:d9:ab:b5:3c:72:3a:04:
5c:6d:79:0b:26:ce:27:97:e7:d8:99:94:84:eb:db:
32:ce:1a:6a:d9:fb:83:98:53:67:40:86:f6:4c:4a:
9a:6c:b3:69:a4:c1:6e:e4:76:a4:7c:e1:cc:f2:d0:
64:b3:4e:f7:6b:c6:93:79:e1:24:c6:de:44:f8:04:
64:28:5c:db:55:93:6c:e2:a9:11:dd:b5:4d:92:75:
aa:33:a3:c9:c7:e1:c1:82:98:a5:c9:2f:4e:aa:17:
c5:76:15:55:6a:4c:61:4d:57:32:db:67:bf:63:15:
38:d7:39:18:40:15:8a:28:23:b9:df:9d:63:ab:a8:
51:61:22:76:cf:11:c2:12:30:16:8d:eb:2f:d0:9a:
73:2a:35:4b:3c:60:4e:5d:9a:1d:44:5f:1a:da:47:
8f:0d:77:16:8c:aa:16:f9:4e:67:23:62:17:fc:c5:
d2:24:c2:7b:7e:86:91:47:c1:73:89:29:f0:14:b8:
12:50:91:63:fc:05:1b:35:d4:42:b3:a7:20:bf:3a:
4d:f2:6a:d9:ed:ac:65:96:53:e6:f0:e9:2c:7e:c8:
42:cd:58:85:49:16:30:64:79:64:b0:5b:45:e5:18:
ed:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:D6:9D:58:C6:BA:0E:B0:31:63:B6:09:C4:C5:7E:51:A0:3C:1A:AB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e02b574a-4acd-4629-94f4-7fe8ac12a1aa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07c:c000::/40
Signature Algorithm: sha256WithRSAEncryption
5c:b2:ce:58:db:25:d8:67:60:62:d1:20:a5:20:52:64:b4:fb:
25:6e:77:40:11:7f:02:5d:7e:22:c6:58:c5:8b:46:dd:9f:04:
6f:02:f8:2f:32:27:05:29:33:fb:a1:e2:9f:8e:c0:fc:10:97:
35:1d:83:53:b9:a1:0b:61:56:10:ae:c3:89:50:74:86:45:fe:
53:c5:98:44:fd:d1:b6:5e:9a:0b:6a:7e:56:2b:29:45:52:8b:
fb:1b:5e:31:df:74:f9:0f:e1:7c:f3:89:49:23:ac:1c:d2:64:
de:c4:96:5e:c4:59:ac:59:b2:8f:f4:aa:b9:18:ce:15:68:93:
99:ab:84:73:55:1d:d0:35:81:2d:be:8e:3b:40:63:3e:9f:d9:
bf:da:6e:a0:63:57:90:a7:a8:ed:c8:87:19:69:86:db:44:35:
d3:e4:f3:6a:ce:0d:3e:84:52:3c:10:2e:55:bb:fc:53:3d:41:
81:6d:75:99:fa:8f:7c:0c:71:77:e4:ac:2b:53:ce:9f:69:7c:
d0:4e:d1:6c:2b:b4:d0:84:9e:2e:2b:1e:e0:76:66:42:28:70:
14:de:e3:98:aa:65:71:c7:ec:3a:f4:3c:2f:87:a7:c8:84:2b:
b1:a2:b0:53:ca:b7:30:3f:ae:00:15:77:c1:ab:d5:41:01:e9:
98:72:42:33
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEHZyPEmvz7QNB5vnCJHBAflL+9EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGE1N2QwODA3ZjViNDZlMDRiY2QxN2I0ZDUwNzY3OGM4N2E0MjU3YTBhMjMw
ZTE3YWY0MGI5MzQ2YjgxMTViZWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI+rB2RgOkXf924Aqr6Y/CbuhhLRw5TZq7U8cjoEXG15CybOJ5fn2JmUhOvb
Ms4aatn7g5hTZ0CG9kxKmmyzaaTBbuR2pHzhzPLQZLNO92vGk3nhJMbeRPgEZChc
21WTbOKpEd21TZJ1qjOjycfhwYKYpckvTqoXxXYVVWpMYU1XMttnv2MVONc5GEAV
iigjud+dY6uoUWEids8RwhIwFo3rL9Cacyo1SzxgTl2aHURfGtpHjw13FoyqFvlO
ZyNiF/zF0iTCe36GkUfBc4kp8BS4ElCRY/wFGzXUQrOnIL86TfJq2e2sZZZT5vDp
LH7IQs1YhUkWMGR5ZLBbReUY7YcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ31p1Y
xroOsDFjtgnExX5RoDwaqzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTAyYjU3NGEtNGFjZC00NjI5LTk0ZjQtN2ZlOGFjMTJhMWFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HzA
MA0GCSqGSIb3DQEBCwUAA4IBAQBcss5Y2yXYZ2Bi0SClIFJktPslbndAEX8CXX4i
xljFi0bdnwRvAvgvMicFKTP7oeKfjsD8EJc1HYNTuaELYVYQrsOJUHSGRf5TxZhE
/dG2XpoLan5WKylFUov7G14x33T5D+F884lJI6wc0mTexJZexFmsWbKP9Kq5GM4V
aJOZq4RzVR3QNYEtvo47QGM+n9m/2m6gY1eQp6jtyIcZaYbbRDXT5PNqzg0+hFI8
EC5Vu/xTPUGBbXWZ+o98DHF35KwrU86faXzQTtFsK7TQhJ4uKx7gdmZCKHAU3uOY
qmVxx+w69Dwvh6fIhCuxorBTyrcwP64AFXfBq9VBAemYckIz
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:27 2023 by rpki-client on console-ams.rpki-client.org