Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e0cc362c-4a3a-4eec-9b91-4d4a8c1380dd.roa
File: e0cc362c-4a3a-4eec-9b91-4d4a8c1380dd.roa (raw, json)
Hash identifier: /turT+d+SdYjBLeQJ4TE10p5nQ+s2ZSLVJq7eJWLbv0=
Subject key identifier: 2D:F4:3F:AD:C2:99:44:04:E8:12:EA:68:19:CF:C8:EE:B7:E6:B3:3D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 59E39B9E2D801B7E999B7F0743BB2346E8F7B675
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e0cc362c-4a3a-4eec-9b91-4d4a8c1380dd.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:e3:9b:9e:2d:80:1b:7e:99:9b:7f:07:43:bb:23:46:e8:f7:b6:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=d9149e170188604b070d93c242e1eb458c9b726f562d2aef2788c19e7abce691, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c4:ff:7f:38:2b:bf:4a:58:2b:ac:4e:54:46:
6a:72:0a:7f:8b:c0:c1:fe:ae:f4:79:87:87:6e:0f:
be:a7:94:3d:7c:3b:77:ac:20:95:ef:85:90:a6:3f:
50:38:46:96:0d:86:a8:1c:cf:13:57:c5:4f:99:fa:
ad:71:be:a3:09:f4:2e:70:7b:e7:84:44:b1:64:ff:
a1:f3:cd:36:72:e7:35:c6:42:00:ba:7d:ce:54:22:
19:fb:a0:54:7c:0e:2f:c4:61:f2:99:2e:0e:8c:28:
ca:52:18:f9:aa:aa:88:9d:e2:c4:31:5b:e9:bc:8e:
6f:1a:c7:a6:4f:65:80:d7:1e:99:05:10:4d:c0:a4:
d6:8d:4a:f3:e0:1b:bb:4a:cf:be:95:9d:5a:a7:fd:
38:b7:9e:54:48:c4:02:d0:80:68:1c:40:92:54:be:
5c:d7:ca:d9:6a:c1:36:b0:26:67:01:da:be:61:e7:
40:a1:85:89:b8:91:7a:b8:d5:08:36:56:62:96:d8:
ff:09:2e:45:f9:20:14:cd:75:63:6e:51:90:99:0c:
cb:11:36:ca:3e:30:bd:98:49:c2:98:23:12:de:6e:
e4:0c:0b:12:b7:c6:36:4f:d1:7a:1f:64:a9:11:c7:
55:9f:9a:87:d3:cb:d2:f4:4e:0e:dc:f6:39:2d:1b:
9a:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:F4:3F:AD:C2:99:44:04:E8:12:EA:68:19:CF:C8:EE:B7:E6:B3:3D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e0cc362c-4a3a-4eec-9b91-4d4a8c1380dd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:1000::/40
Signature Algorithm: sha256WithRSAEncryption
67:9c:0a:9a:16:26:4d:d9:a0:48:8a:5f:c9:51:04:14:24:90:
85:fa:8a:f5:67:63:be:5e:bc:7a:ec:51:c7:0e:c0:73:ef:c0:
da:64:10:67:d2:b3:db:87:cc:be:d2:55:e1:06:a9:52:b1:58:
29:c6:10:8a:76:e8:70:7a:0f:76:83:2e:d2:07:cc:a9:cc:96:
2b:43:3b:79:f3:f9:5c:d8:9d:01:60:0a:a1:30:f8:37:5b:2a:
79:4a:b0:cb:26:93:59:ee:d2:1c:2f:6c:f8:1b:bd:0b:d8:b4:
70:13:1d:32:62:19:f2:49:80:b4:bf:4a:8d:11:78:9d:50:1c:
ee:20:71:6c:f3:bb:0d:50:cc:5f:1b:bb:26:9b:e6:6b:67:98:
eb:88:ac:dc:18:fe:43:c9:4e:bc:12:77:ed:fc:f4:d7:b1:10:
1f:06:80:e1:57:00:ed:83:82:48:01:69:5a:15:7e:71:39:1f:
a5:0d:1a:48:37:4a:46:84:8c:dc:18:dd:f4:0c:8c:65:6d:aa:
85:cb:91:92:33:63:58:67:c3:0f:fe:12:23:4b:34:f9:5f:06:
86:c2:b6:43:ca:16:5e:f4:17:8a:8d:05:d2:e6:c8:40:3b:cb:
1a:5a:c8:56:6f:39:17:4a:89:03:5d:f8:c4:6a:e7:08:9c:d5:
13:47:dd:c0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWeObni2AG36Zm38HQ7sjRuj3tnUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ5MTQ5ZTE3MDE4ODYwNGIwNzBkOTNjMjQyZTFlYjQ1OGM5YjcyNmY1NjJk
MmFlZjI3ODhjMTllN2FiY2U2OTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKPE/384K79KWCusTlRGanIKf4vAwf6u9HmHh24PvqeUPXw7d6wgle+FkKY/
UDhGlg2GqBzPE1fFT5n6rXG+own0LnB754REsWT/ofPNNnLnNcZCALp9zlQiGfug
VHwOL8Rh8pkuDowoylIY+aqqiJ3ixDFb6byObxrHpk9lgNcemQUQTcCk1o1K8+Ab
u0rPvpWdWqf9OLeeVEjEAtCAaBxAklS+XNfK2WrBNrAmZwHavmHnQKGFibiRerjV
CDZWYpbY/wkuRfkgFM11Y25RkJkMyxE2yj4wvZhJwpgjEt5u5AwLErfGNk/Reh9k
qRHHVZ+ah9PL0vRODtz2OS0bms8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQt9D+t
wplEBOgS6mgZz8jut+azPTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTBjYzM2MmMtNGEzYS00ZWVjLTliOTEtNGQ0YThjMTM4MGRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0AAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBnnAqaFiZN2aBIil/JUQQUJJCF+or1Z2O+Xrx6
7FHHDsBz78DaZBBn0rPbh8y+0lXhBqlSsVgpxhCKduhweg92gy7SB8ypzJYrQzt5
8/lc2J0BYAqhMPg3Wyp5SrDLJpNZ7tIcL2z4G70L2LRwEx0yYhnySYC0v0qNEXid
UBzuIHFs87sNUMxfG7smm+ZrZ5jriKzcGP5DyU68Enft/PTXsRAfBoDhVwDtg4JI
AWlaFX5xOR+lDRpIN0pGhIzcGN30DIxlbaqFy5GSM2NYZ8MP/hIjSzT5XwaGwrZD
yhZe9BeKjQXS5shAO8saWshWbzkXSokDXfjEaucInNUTR93A
-----END CERTIFICATE-----
Generated at Fri Apr 26 02:47:31 2024 by rpki-client on console-ams.rpki-client.org