Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f3b9479a-516a-4969-82fa-a0ee7531600b.roa
File: f3b9479a-516a-4969-82fa-a0ee7531600b.roa (raw, json)
Hash identifier: 5B+HMOedRMPhzL9VU2EK+7lohw08e7hUCqkgIabzJac=
Subject key identifier: 18:51:66:A6:4D:51:A8:FB:33:F6:5B:BB:9D:58:6A:CE:B1:D4:C1:47
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 28C91DC5B855A7415C2ACA6E9FA5422E7EA6EA81
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f3b9479a-516a-4969-82fa-a0ee7531600b.roa
Signing time: Fri 06 Sep 2024 00:00:00 +0000
ROA not before: Fri 06 Sep 2024 00:00:00 +0000
ROA not after: Fri 11 Oct 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Sep 2024 20:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:c9:1d:c5:b8:55:a7:41:5c:2a:ca:6e:9f:a5:42:2e:7e:a6:ea:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 6 00:00:00 2024 GMT
Not After : Oct 11 23:59:59 2024 GMT
Subject: serialNumber=3d146f7ff766c35a088727cc8ae72554f1688d16ab54780c5d26c081db1fd177, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:31:b5:8f:a6:43:a2:4d:9a:83:22:a3:1e:c8:
7c:f4:fb:71:7e:52:36:51:fe:ec:f3:3e:c4:bc:e1:
67:ab:31:60:36:16:55:68:ca:d9:48:35:85:8a:84:
bd:8f:5d:14:a4:23:da:86:08:cb:a9:6f:d3:bc:0f:
bd:48:71:ec:2d:4d:f1:cc:db:c6:4e:29:fe:9d:ee:
5f:09:10:de:e1:aa:54:5b:5a:46:0c:9f:45:a2:50:
97:9d:56:d2:f8:2d:0a:0d:87:8a:37:50:5c:51:8d:
0a:7b:78:57:08:95:1e:5f:bf:d0:52:54:09:63:e3:
58:d8:af:38:50:46:24:ad:07:ff:10:f7:c9:43:2f:
4f:43:6d:6e:0e:88:04:0d:35:d2:26:ba:dc:5f:2d:
1e:8e:a7:81:20:77:53:56:35:e8:b0:ca:70:5d:d9:
19:28:8f:b0:9c:16:84:20:95:7d:fb:8f:05:88:49:
5a:14:04:1e:12:bf:43:fe:15:00:7e:1a:cb:9b:99:
ee:7d:0e:3b:64:04:bf:6e:eb:01:b6:bf:69:ca:2f:
97:38:6d:a5:17:9d:95:fd:3a:f7:2f:26:e0:8f:08:
01:0c:95:91:13:ca:cb:34:9c:d4:d0:fa:2f:78:11:
6d:ed:bf:85:1a:1a:ba:f7:b0:c7:ee:11:8d:1f:7e:
a8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:51:66:A6:4D:51:A8:FB:33:F6:5B:BB:9D:58:6A:CE:B1:D4:C1:47
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f3b9479a-516a-4969-82fa-a0ee7531600b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:6000::/40
Signature Algorithm: sha256WithRSAEncryption
91:35:39:e2:cf:de:95:52:e0:be:9e:ca:d1:88:10:bf:62:e2:
1d:28:b0:3a:04:ad:a0:05:5f:a1:75:6f:1c:d9:2e:57:2a:72:
52:9f:35:9b:f9:18:61:b2:9f:f6:79:fc:64:25:93:30:fa:b9:
05:9f:1a:4e:5e:45:a1:34:d2:6f:1a:a8:55:75:af:6c:da:42:
90:71:76:93:3c:51:0d:f6:a4:5a:dc:4c:8c:32:02:37:ea:a6:
53:38:ec:76:75:6b:ac:5c:08:1f:85:1f:82:7e:50:5d:b9:cc:
a0:5b:d0:75:c4:c9:14:00:27:a3:d8:83:10:ba:0b:84:72:54:
82:c9:54:3b:de:49:bd:e8:5e:19:fa:f6:62:cc:61:99:5e:d6:
ee:4d:7e:b7:94:fd:28:36:f6:d9:1b:f3:6a:1d:d1:c5:5f:4d:
29:06:33:97:94:ec:fb:bb:b7:a5:c6:a6:72:9c:e3:42:b3:b4:
24:5b:c5:ac:c4:8c:fe:47:71:11:4a:34:c6:b2:9e:52:f4:4f:
60:c5:c6:ed:cf:46:f3:b1:64:bc:5b:80:61:c4:3e:68:ed:a6:
20:d1:34:b0:cd:c8:46:b5:e6:2b:9c:98:f9:69:dd:29:19:17:
78:08:d3:d8:03:f1:c9:9f:82:40:55:2b:6a:c0:9b:b2:cb:b0:
0b:10:28:22
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKMkdxbhVp0FcKspun6VCLn6m6oEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA5MDYwMDAwMDBaFw0yNDEwMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDNkMTQ2ZjdmZjc2NmMzNWEwODg3MjdjYzhhZTcyNTU0ZjE2ODhkMTZhYjU0
NzgwYzVkMjZjMDgxZGIxZmQxNzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMExtY+mQ6JNmoMiox7IfPT7cX5SNlH+7PM+xLzhZ6sxYDYWVWjK2Ug1hYqE
vY9dFKQj2oYIy6lv07wPvUhx7C1N8czbxk4p/p3uXwkQ3uGqVFtaRgyfRaJQl51W
0vgtCg2HijdQXFGNCnt4VwiVHl+/0FJUCWPjWNivOFBGJK0H/xD3yUMvT0Ntbg6I
BA010ia63F8tHo6ngSB3U1Y16LDKcF3ZGSiPsJwWhCCVffuPBYhJWhQEHhK/Q/4V
AH4ay5uZ7n0OO2QEv27rAba/acovlzhtpRedlf069y8m4I8IAQyVkRPKyzSc1ND6
L3gRbe2/hRoauvewx+4RjR9+qLsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQYUWam
TVGo+zP2W7udWGrOsdTBRzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjNiOTQ3OWEtNTE2YS00OTY5LTgyZmEtYTBlZTc1MzE2MDBiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HRg
MA0GCSqGSIb3DQEBCwUAA4IBAQCRNTniz96VUuC+nsrRiBC/YuIdKLA6BK2gBV+h
dW8c2S5XKnJSnzWb+Rhhsp/2efxkJZMw+rkFnxpOXkWhNNJvGqhVda9s2kKQcXaT
PFEN9qRa3EyMMgI36qZTOOx2dWusXAgfhR+CflBducygW9B1xMkUACej2IMQuguE
clSCyVQ73km96F4Z+vZizGGZXtbuTX63lP0oNvbZG/NqHdHFX00pBjOXlOz7u7el
xqZynONCs7QkW8WsxIz+R3ERSjTGsp5S9E9gxcbtz0bzsWS8W4BhxD5o7aYg0TSw
zchGteYrnJj5ad0pGRd4CNPYA/HJn4JAVStqwJuyy7ALECgi
-----END CERTIFICATE-----
Generated at Sat Sep 7 01:39:50 2024 by rpki-client on console-ams.rpki-client.org