Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ef4f5658-1df5-4b15-b458-c8609229af7f.roa
File: ef4f5658-1df5-4b15-b458-c8609229af7f.roa (raw, json)
Hash identifier: SPt3qyEao+7oGNhjCKhJgw/xX8iAaBpLFjkJuJYWN+Q=
Subject key identifier: D6:83:3C:50:34:6C:B4:56:5B:66:4F:C9:76:71:4A:20:37:8E:1F:9B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 413D3F70B286BF0C1756D9258F68A57CD36B214A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ef4f5658-1df5-4b15-b458-c8609229af7f.roa
Signing time: Fri 15 Nov 2024 00:00:00 +0000
ROA not before: Fri 15 Nov 2024 00:00:00 +0000
ROA not after: Fri 20 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:3d:3f:70:b2:86:bf:0c:17:56:d9:25:8f:68:a5:7c:d3:6b:21:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 15 00:00:00 2024 GMT
Not After : Dec 20 23:59:59 2024 GMT
Subject: serialNumber=7dcd0038429c8c298968175f9ba92ba208b8de52b807ed714eef1e7f6055bfdd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:28:c8:5b:5e:e4:0f:55:bd:af:36:fe:cd:e2:
91:02:b7:7c:a7:fc:10:ad:db:d3:60:fa:96:3c:27:
0c:c2:0e:a6:b5:b6:d8:c7:1e:1e:2a:48:02:76:23:
5e:db:93:a2:48:3a:6e:8c:88:c3:f7:d1:c4:9b:22:
6d:95:f9:de:e4:88:7a:8b:c0:ef:aa:6b:72:05:2b:
ef:85:55:80:ab:1b:c6:51:90:9e:39:12:04:41:e3:
58:d2:b8:a9:fc:1c:2c:16:dc:c7:fd:a8:c1:21:56:
78:de:8d:5f:77:87:8c:f4:ee:f3:52:a3:11:fc:1f:
14:b4:9e:42:ef:29:d5:08:45:78:a6:21:4c:1a:a1:
f2:41:e1:1c:02:af:e9:50:5a:e4:41:f5:a7:20:af:
92:af:26:71:59:d6:40:8c:34:a8:a0:b7:7e:4b:a4:
09:32:f3:6a:ee:0e:4c:92:e7:be:8c:56:7b:d7:b0:
06:2f:93:0a:22:91:06:40:b9:47:ed:c9:08:ee:98:
5d:e8:9e:5a:1c:52:87:3b:98:26:4e:7a:3a:46:b9:
c8:4f:c9:e7:9e:05:04:c9:7b:33:71:a4:94:28:e2:
61:1f:88:d2:bf:48:76:f3:fb:23:c4:df:04:55:3e:
4d:a0:e2:bf:0e:ec:ad:2b:81:a4:01:76:62:50:58:
6b:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:83:3C:50:34:6C:B4:56:5B:66:4F:C9:76:71:4A:20:37:8E:1F:9B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ef4f5658-1df5-4b15-b458-c8609229af7f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:5000::/40
Signature Algorithm: sha256WithRSAEncryption
a8:4e:39:0d:cf:d1:6c:48:6b:0d:46:6d:80:ec:73:5c:9c:14:
83:e9:77:27:d7:43:85:2c:9f:6a:87:b9:ac:bc:66:44:40:68:
dd:3b:0b:1d:2b:08:dd:3f:98:f0:02:13:53:78:d2:f5:89:b5:
80:95:7f:08:86:1c:b3:13:32:62:9d:4c:ee:85:a6:3d:46:c7:
ea:1d:c9:39:cf:b0:b8:38:d7:98:20:25:4c:67:6c:a1:46:24:
23:59:ba:79:81:0d:a3:a2:9f:e9:f7:0b:66:7c:f0:b7:3d:31:
40:89:81:53:1c:bf:48:a7:f8:8a:d1:7b:8c:45:fb:a8:e2:b2:
b5:4d:bf:17:13:24:e7:9a:06:14:23:ec:24:7b:64:fa:ed:a0:
a7:0f:be:82:56:7d:94:4e:69:d1:65:f6:f9:b3:9e:c4:33:91:
11:c2:f3:bd:ef:c6:35:ae:d2:6b:20:ee:29:0b:fb:b7:14:a1:
67:c1:e3:6e:49:5c:47:3f:de:ba:4d:b7:5e:73:fd:11:78:09:
17:11:e8:2a:5b:f9:1b:f9:ba:2b:55:73:9f:6e:02:fa:fb:66:
51:19:dc:71:87:7f:ae:60:dd:aa:05:29:59:67:ff:77:6d:1b:
50:5b:7e:28:ae:77:eb:53:79:54:10:50:cb:ae:59:db:75:2c:
58:8d:86:03
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQT0/cLKGvwwXVtklj2ilfNNrIUowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTUwMDAwMDBaFw0yNDEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDdkY2QwMDM4NDI5YzhjMjk4OTY4MTc1ZjliYTkyYmEyMDhiOGRlNTJiODA3
ZWQ3MTRlZWYxZTdmNjA1NWJmZGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALcoyFte5A9Vva82/s3ikQK3fKf8EK3b02D6ljwnDMIOprW22MceHipIAnYj
XtuTokg6boyIw/fRxJsibZX53uSIeovA76prcgUr74VVgKsbxlGQnjkSBEHjWNK4
qfwcLBbcx/2owSFWeN6NX3eHjPTu81KjEfwfFLSeQu8p1QhFeKYhTBqh8kHhHAKv
6VBa5EH1pyCvkq8mcVnWQIw0qKC3fkukCTLzau4OTJLnvoxWe9ewBi+TCiKRBkC5
R+3JCO6YXeieWhxShzuYJk56Oka5yE/J554FBMl7M3GklCjiYR+I0r9IdvP7I8Tf
BFU+TaDivw7srSuBpAF2YlBYa8sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTWgzxQ
NGy0VltmT8l2cUogN44fmzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWY0ZjU2NTgtMWRmNS00YjE1LWI0NTgtYzg2MDkyMjlhZjdmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HJQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCoTjkNz9FsSGsNRm2A7HNcnBSD6Xcn10OFLJ9q
h7msvGZEQGjdOwsdKwjdP5jwAhNTeNL1ibWAlX8IhhyzEzJinUzuhaY9RsfqHck5
z7C4ONeYICVMZ2yhRiQjWbp5gQ2jop/p9wtmfPC3PTFAiYFTHL9Ip/iK0XuMRfuo
4rK1Tb8XEyTnmgYUI+wke2T67aCnD76CVn2UTmnRZfb5s57EM5ERwvO978Y1rtJr
IO4pC/u3FKFnweNuSVxHP966Tbdec/0ReAkXEegqW/kb+borVXOfbgL6+2ZRGdxx
h3+uYN2qBSlZZ/93bRtQW34ornfrU3lUEFDLrlnbdSxYjYYD
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:07:46 2024 by rpki-client on console-ams.rpki-client.org