Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
File: f7a46ea9-b416-4218-a790-28cf84d702ce.roa (raw, json)
Hash identifier: zDmOQyzE5USZ2qR0cYF4sB+ki5Qp6lmLyUJfjffteuc=
Subject key identifier: 23:12:67:68:EB:EF:05:B0:F6:4F:97:E8:10:5B:71:4E:11:3E:D5:41
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 23BD0AF4F207B03E9DD4CA76D33FC74FEF94A1D1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d026::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 12 Dec 2024 14:33:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:bd:0a:f4:f2:07:b0:3e:9d:d4:ca:76:d3:3f:c7:4f:ef:94:a1:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=ef1e90d9bb1f4b5183aed8e4ce7d3bbb19797858b79c47675a9da868e10ff381, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ac:c0:bc:a4:66:e3:04:7c:35:59:90:da:6a:
da:32:cc:b6:fe:aa:a0:a3:9d:d1:56:ec:78:99:6a:
fc:8a:a1:00:f7:98:ef:d4:66:77:7f:8d:2a:38:a7:
bc:0a:06:63:b0:26:6e:2c:18:72:ae:5a:74:4b:72:
11:8c:77:62:78:a5:cc:0a:33:ff:cf:3e:e1:aa:6f:
45:f9:29:75:2c:42:95:eb:23:c2:66:4a:27:ff:3d:
0e:85:6c:57:29:7f:36:dd:61:c3:6a:4c:e2:37:3b:
25:d6:45:2e:f1:ce:36:62:b1:0a:03:33:dd:40:7f:
31:81:4f:17:af:aa:76:5e:ee:06:e1:33:47:32:7c:
36:e0:05:6f:6f:57:a5:0f:a9:c8:70:f6:c4:a4:7d:
fc:34:4a:37:b6:95:b0:54:4c:d5:39:c4:08:51:05:
af:20:70:45:a7:cc:a9:a7:06:a8:ff:b9:d1:bd:52:
fd:db:09:b5:f1:19:1d:40:61:92:ac:26:92:ec:8d:
6d:3b:7d:ad:70:d3:1e:e2:5e:1c:a7:e1:0e:b5:d8:
67:8f:37:21:52:69:72:8e:ec:0b:b0:0f:09:80:0c:
8d:ab:49:b0:bb:2f:b9:5f:ea:6a:a5:9f:bb:80:6e:
a7:64:1b:5d:60:ff:a6:6b:1f:c4:4f:a0:bc:35:9d:
f0:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:12:67:68:EB:EF:05:B0:F6:4F:97:E8:10:5B:71:4E:11:3E:D5:41
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d026::/36
Signature Algorithm: sha256WithRSAEncryption
2e:52:fa:32:e2:82:1c:5b:a2:7a:ee:30:64:b9:da:ad:1c:d6:
5b:19:6d:e4:53:70:7b:6f:95:25:a9:14:f8:5d:ec:dd:c4:9d:
8d:31:ed:2e:ac:ed:f9:3c:51:c6:43:ae:dc:2f:60:74:3c:e7:
38:20:c0:d3:2d:7e:4a:04:74:ab:e8:2a:3e:00:9a:49:34:9f:
6c:dc:9d:c9:4b:72:d7:4d:25:e7:8a:c3:c5:0a:de:8f:19:a3:
04:96:fa:07:04:2b:04:2b:f1:9c:36:f0:98:ed:56:f3:5d:92:
8e:f7:41:16:93:85:d3:18:64:9b:41:1b:69:c0:cd:7d:19:79:
9e:e8:86:e6:07:5e:20:23:9c:f2:1a:c4:aa:52:e3:0e:d5:45:
27:ca:42:99:8e:bf:de:17:5b:a3:47:e5:d4:13:52:24:16:7c:
13:7d:34:51:9a:d6:ef:2c:c9:bc:c8:94:90:2c:aa:98:ea:b5:
98:60:28:d0:3e:eb:cc:42:fd:2e:dc:c7:7c:92:5a:69:4b:ce:
7b:59:6f:ca:b5:c7:d5:c4:02:d2:51:d1:b9:7d:fa:49:9b:48:
51:28:9c:e9:e0:68:a7:fb:11:c6:4e:0d:c5:ca:0f:7a:f9:b7:
e1:b9:f9:6a:59:2a:2b:7c:6d:8b:ab:27:6e:8e:1b:36:f9:f0:
d2:a0:b8:38
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUI70K9PIHsD6d1Mp20z/HT++UodEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmMWU5MGQ5YmIxZjRiNTE4M2FlZDhlNGNlN2QzYmJiMTk3OTc4NThiNzlj
NDc2NzVhOWRhODY4ZTEwZmYzODExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANWswLykZuMEfDVZkNpq2jLMtv6qoKOd0VbseJlq/IqhAPeY79Rmd3+NKjin
vAoGY7AmbiwYcq5adEtyEYx3YnilzAoz/88+4apvRfkpdSxClesjwmZKJ/89DoVs
Vyl/Nt1hw2pM4jc7JdZFLvHONmKxCgMz3UB/MYFPF6+qdl7uBuEzRzJ8NuAFb29X
pQ+pyHD2xKR9/DRKN7aVsFRM1TnECFEFryBwRafMqacGqP+50b1S/dsJtfEZHUBh
kqwmkuyNbTt9rXDTHuJeHKfhDrXYZ483IVJpco7sC7APCYAMjatJsLsvuV/qaqWf
u4Bup2QbXWD/pmsfxE+gvDWd8AMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQjEmdo
6+8FsPZPl+gQW3FOET7VQTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjdhNDZlYTktYjQxNi00MjE4LWE3OTAtMjhjZjg0ZDcwMmNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CYA
MA0GCSqGSIb3DQEBCwUAA4IBAQAuUvoy4oIcW6J67jBkudqtHNZbGW3kU3B7b5Ul
qRT4XezdxJ2NMe0urO35PFHGQ67cL2B0POc4IMDTLX5KBHSr6Co+AJpJNJ9s3J3J
S3LXTSXnisPFCt6PGaMElvoHBCsEK/GcNvCY7VbzXZKO90EWk4XTGGSbQRtpwM19
GXme6IbmB14gI5zyGsSqUuMO1UUnykKZjr/eF1ujR+XUE1IkFnwTfTRRmtbvLMm8
yJSQLKqY6rWYYCjQPuvMQv0u3Md8klppS857WW/KtcfVxALSUdG5ffpJm0hRKJzp
4Gin+xHGTg3Fyg96+bfhuflqWSorfG2Lqydujhs2+fDSoLg4
-----END CERTIFICATE-----
Generated at Wed Dec 11 22:44:37 2024 by rpki-client on console-ams.rpki-client.org