Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9de8135-15d5-4e2d-91da-2744e9de020d.roa
File: f9de8135-15d5-4e2d-91da-2744e9de020d.roa (raw, json)
Hash identifier: 6GGYy+Gkp28N8Fo+d1DUXvL+JD2dki7ry/JIrLIoi6k=
Subject key identifier: FF:72:CD:8C:3B:70:BA:AA:76:E3:AE:A2:77:A2:54:74:BE:C0:CE:76
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0A1200CC21A3A7CEDC1E17BC2A9A131DC141F156
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9de8135-15d5-4e2d-91da-2744e9de020d.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:12:00:cc:21:a3:a7:ce:dc:1e:17:bc:2a:9a:13:1d:c1:41:f1:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=f76d5e0662704482e4d534b0295c9c0422719bb9c625bd2ee96158516ca50f95, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ee:db:2e:bd:02:7c:fb:15:31:05:32:5c:2a:
b6:78:d3:64:fb:8c:fe:3b:f5:6a:fc:e1:81:bd:a3:
4d:94:13:1a:6b:04:fb:3e:f8:48:08:5e:48:c2:e0:
71:60:c8:71:66:0e:8a:84:a4:7b:87:b0:fe:eb:74:
97:7a:1a:94:77:85:4a:6d:80:50:f4:44:08:24:c1:
7d:f4:d4:ac:c4:a6:9d:94:d3:f7:8b:85:fc:71:9a:
b2:af:48:9b:ee:60:b8:68:f6:bc:7d:88:ab:90:28:
5d:48:cc:dd:86:69:06:eb:ce:d8:ae:d9:ab:8d:3f:
8a:db:d1:15:d4:c8:9a:81:0b:f4:eb:96:9b:e8:ea:
d6:3a:90:68:e5:c7:81:ad:32:48:f0:54:d8:50:a2:
06:42:3f:b6:59:0d:d6:2c:35:54:8c:94:59:ff:8a:
dd:90:90:9a:40:ac:25:02:4d:ef:e5:2a:08:7c:75:
55:a0:7b:56:c5:05:85:28:65:d1:5a:1c:3a:96:0e:
d2:30:e9:1f:e1:88:df:c5:b9:3b:2a:4b:3d:52:19:
d1:1e:62:cc:02:42:06:af:e4:2a:e3:42:3e:f8:6b:
31:ed:31:37:ad:91:f3:9a:64:cf:52:5b:9e:96:43:
38:2e:5b:ee:2b:9e:c0:6a:24:a3:d1:6b:30:91:80:
02:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:72:CD:8C:3B:70:BA:AA:76:E3:AE:A2:77:A2:54:74:BE:C0:CE:76
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9de8135-15d5-4e2d-91da-2744e9de020d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:c000::/40
Signature Algorithm: sha256WithRSAEncryption
b7:bf:52:81:96:0c:fa:e7:fb:86:28:6d:fb:da:a6:1f:bc:7d:
b5:a1:d2:fc:27:f1:82:00:52:e7:19:1e:be:04:6f:72:e7:c7:
5a:af:f9:7b:8b:6f:b9:e8:d4:d5:fe:5d:1e:ae:05:22:d8:58:
dc:54:6e:82:bd:a2:d3:6d:1e:e7:ca:23:b5:9c:8b:a0:0d:bb:
3f:8b:40:44:45:e0:9e:4e:e7:82:5a:55:e2:35:1b:f9:17:57:
b5:b6:e4:cc:2f:23:1d:40:cb:54:fa:85:6f:8a:6a:30:12:5c:
0a:43:17:e9:58:6c:27:56:07:0f:f7:01:d8:9d:dd:f0:62:e5:
fd:a5:7f:ce:b9:99:fe:56:e4:d5:9d:1a:67:57:35:4a:70:c5:
65:b9:dd:41:1a:3d:0b:5c:16:7f:d8:0c:1e:c0:b4:7b:fe:c2:
da:e6:d2:db:06:5a:fa:04:96:6c:e7:cd:06:1a:ee:8b:25:a5:
ba:e8:76:59:6a:06:cf:7b:36:9b:02:11:e9:39:b0:35:7a:c7:
88:d9:58:05:c3:01:9c:22:30:d7:65:a0:b1:2b:65:7d:8e:70:
3c:36:be:aa:73:fa:cb:54:f5:42:fa:84:80:f6:52:64:f7:c0:
97:6e:6c:73:58:df:19:e0:3a:d6:3b:7f:0a:1e:7d:51:ab:92:
43:8d:b3:83
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUChIAzCGjp87cHhe8KpoTHcFB8VYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGY3NmQ1ZTA2NjI3MDQ0ODJlNGQ1MzRiMDI5NWM5YzA0MjI3MTliYjljNjI1
YmQyZWU5NjE1ODUxNmNhNTBmOTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALfu2y69Anz7FTEFMlwqtnjTZPuM/jv1avzhgb2jTZQTGmsE+z74SAheSMLg
cWDIcWYOioSke4ew/ut0l3oalHeFSm2AUPRECCTBffTUrMSmnZTT94uF/HGasq9I
m+5guGj2vH2Iq5AoXUjM3YZpBuvO2K7Zq40/itvRFdTImoEL9OuWm+jq1jqQaOXH
ga0ySPBU2FCiBkI/tlkN1iw1VIyUWf+K3ZCQmkCsJQJN7+UqCHx1VaB7VsUFhShl
0VocOpYO0jDpH+GI38W5OypLPVIZ0R5izAJCBq/kKuNCPvhrMe0xN62R85pkz1Jb
npZDOC5b7iuewGoko9FrMJGAAmUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT/cs2M
O3C6qnbjrqJ3olR0vsDOdjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjlkZTgxMzUtMTVkNS00ZTJkLTkxZGEtMjc0NGU5ZGUwMjBkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DDA
MA0GCSqGSIb3DQEBCwUAA4IBAQC3v1KBlgz65/uGKG372qYfvH21odL8J/GCAFLn
GR6+BG9y58dar/l7i2+56NTV/l0ergUi2FjcVG6CvaLTbR7nyiO1nIugDbs/i0BE
ReCeTueCWlXiNRv5F1e1tuTMLyMdQMtU+oVvimowElwKQxfpWGwnVgcP9wHYnd3w
YuX9pX/OuZn+VuTVnRpnVzVKcMVlud1BGj0LXBZ/2AwewLR7/sLa5tLbBlr6BJZs
580GGu6LJaW66HZZagbPezabAhHpObA1eseI2VgFwwGcIjDXZaCxK2V9jnA8Nr6q
c/rLVPVC+oSA9lJk98CXbmxzWN8Z4DrWO38KHn1Rq5JDjbOD
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:27 2023 by rpki-client on console-ams.rpki-client.org