Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9e6230a-2e23-47ba-a3dd-770575785f82.roa
File: f9e6230a-2e23-47ba-a3dd-770575785f82.roa (raw, json)
Hash identifier: QM4r1EuCcH8fMmedjdHrepk2B4xfBkfuWAtRonlNsD0=
Subject key identifier: 39:DB:90:90:B1:4C:81:B4:C2:BE:16:13:6D:45:37:66:DC:EC:AF:16
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 713DFD531F8D098228A0051B81157A2DF7673D64
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9e6230a-2e23-47ba-a3dd-770575785f82.roa
Signing time: Sun 19 Mar 2023 00:00:00 +0000
ROA not before: Sun 19 Mar 2023 00:00:00 +0000
ROA not after: Sun 23 Apr 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Mar 2023 08:58:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:3d:fd:53:1f:8d:09:82:28:a0:05:1b:81:15:7a:2d:f7:67:3d:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 19 00:00:00 2023 GMT
Not After : Apr 23 23:59:59 2023 GMT
Subject: serialNumber=caf2c05e19109d9f4e338d48cf365531325155cb228174bbcbfff5cca1a03f43, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914, OU=Amazon RPKI, O=Amazon.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1e:6d:e9:62:fd:84:55:cf:e4:41:3f:8e:1b:
52:c8:05:d4:e2:34:e2:fe:eb:d5:f1:ec:84:03:0d:
cb:5c:cb:76:62:4f:02:6c:88:47:63:1c:79:60:8e:
6e:5a:ed:d8:91:99:24:36:b3:94:30:bd:1a:1a:36:
8d:9b:e2:1e:2b:85:2e:16:14:08:27:90:59:5f:6f:
db:b6:1e:a0:30:1a:45:c9:72:bb:7c:00:89:b5:6a:
34:8a:3c:3a:04:7c:10:4f:04:b9:3a:29:6c:cc:42:
11:73:69:a5:75:09:da:d8:3b:62:88:3c:68:6c:b5:
bc:72:09:df:2e:5e:55:58:9e:af:9a:a9:00:88:b3:
d6:ee:8e:76:3d:e5:93:55:b9:bb:f0:7a:67:55:d6:
5d:e9:09:5c:da:f5:3b:41:5d:4f:c3:6c:f7:71:c2:
31:08:11:d2:11:f6:15:a4:8f:19:2d:69:ab:14:3b:
e1:ef:5b:e4:32:bd:fe:b8:68:42:88:07:12:da:d2:
d7:cb:c0:29:11:18:60:42:1c:4c:78:a6:5e:d2:27:
3b:7d:e8:07:14:f2:2b:ff:da:b7:79:58:b6:9d:b9:
6c:47:cf:7f:7f:9a:f3:ef:00:00:41:53:a6:ee:45:
f5:42:0d:49:3e:e3:67:1b:5c:c8:4c:20:81:11:2e:
c3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:DB:90:90:B1:4C:81:B4:C2:BE:16:13:6D:45:37:66:DC:EC:AF:16
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9e6230a-2e23-47ba-a3dd-770575785f82.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:9000::/40
Signature Algorithm: sha256WithRSAEncryption
8b:6f:dd:22:7e:10:f1:4a:68:cf:db:83:43:ba:ea:bc:aa:ff:
23:f8:50:3a:28:45:7a:10:10:22:e0:22:26:b6:c7:49:ce:b3:
af:72:f9:89:11:19:d8:a3:08:79:56:70:a4:4a:de:9e:7d:3f:
6b:c2:11:d0:c0:1b:7a:b6:0c:9f:26:ec:6d:95:8c:05:b8:12:
53:60:3c:11:5b:86:03:fb:fc:fe:43:6d:14:53:e7:bc:8e:a4:
d9:a3:17:92:ca:8e:fd:2e:3f:1f:58:03:8d:8c:30:6e:43:1e:
fa:38:fe:8b:5c:df:61:9b:30:a6:cf:22:10:83:7a:02:4d:8f:
50:1c:82:e2:bc:c0:ea:5d:23:0a:7c:8c:c2:5d:1a:81:2d:65:
97:59:cc:4b:68:07:78:ac:63:a2:0c:33:ad:c2:3d:49:c6:fe:
91:47:19:82:b3:a7:dd:b2:32:09:cc:55:dc:a6:e0:13:d2:f0:
57:72:cd:65:a7:8c:c3:9a:7f:ae:f8:1d:12:ca:6a:e0:e1:64:
ec:6b:8d:f0:f3:69:dc:fc:e1:f5:7b:93:18:5b:ee:24:06:c2:
58:23:a7:96:2a:88:59:da:be:6f:55:e8:10:16:04:e7:ae:d6:
1d:e2:35:de:d6:44:23:f5:cf:fa:10:e8:66:ed:0e:54:15:79:
5e:33:2c:61
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIUcT39Ux+NCYIooAUbgRV6LfdnPWQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzAzMTkwMDAwMDBaFw0yMzA0MjMyMzU5NTlaMIGlMUkwRwYD
VQQFE0BjYWYyYzA1ZTE5MTA5ZDlmNGUzMzhkNDhjZjM2NTUzMTMyNTE1NWNiMjI4
MTc0YmJjYmZmZjVjY2ExYTAzZjQzMS0wKwYDVQQDEyQ2NjE1YTM4Yi0zYWQ3LTQ3
YjctOGZiMi02ODVjMzhkMDA5MTQxFDASBgNVBAsTC0FtYXpvbiBSUEtJMRMwEQYD
VQQKEwpBbWF6b24uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
ph5t6WL9hFXP5EE/jhtSyAXU4jTi/uvV8eyEAw3LXMt2Yk8CbIhHYxx5YI5uWu3Y
kZkkNrOUML0aGjaNm+IeK4UuFhQIJ5BZX2/bth6gMBpFyXK7fACJtWo0ijw6BHwQ
TwS5OilszEIRc2mldQna2DtiiDxobLW8cgnfLl5VWJ6vmqkAiLPW7o52PeWTVbm7
8HpnVdZd6Qlc2vU7QV1Pw2z3ccIxCBHSEfYVpI8ZLWmrFDvh71vkMr3+uGhCiAcS
2tLXy8ApERhgQhxMeKZe0ic7fegHFPIr/9q3eVi2nblsR89/f5rz7wAAQVOm7kX1
Qg1JPuNnG1zITCCBES7DEQIDAQABo4ICIzCCAh8wHQYDVR0OBBYEFDnbkJCxTIG0
wr4WE21FN2bc7K8WMB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8MA4G
A1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVuZFo1
UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsGAQUF
BzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5jb20v
dm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC9mOWU2
MjMwYS0yZTIzLTQ3YmEtYTNkZC03NzA1NzU3ODVmODIucm9hMIGIBgNVHR8EgYAw
fjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
dU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXQf5AwDQYJ
KoZIhvcNAQELBQADggEBAItv3SJ+EPFKaM/bg0O66ryq/yP4UDooRXoQECLgIia2
x0nOs69y+YkRGdijCHlWcKRK3p59P2vCEdDAG3q2DJ8m7G2VjAW4ElNgPBFbhgP7
/P5DbRRT57yOpNmjF5LKjv0uPx9YA42MMG5DHvo4/otc32GbMKbPIhCDegJNj1Ac
guK8wOpdIwp8jMJdGoEtZZdZzEtoB3isY6IMM63CPUnG/pFHGYKzp92yMgnMVdym
4BPS8FdyzWWnjMOaf674HRLKauDhZOxrjfDzadz84fV7kxhb7iQGwlgjp5YqiFna
vm9V6BAWBOeu1h3iNd7WRCP1z/oQ6GbtDlQVeV4zLGE=
-----END CERTIFICATE-----
Generated at Sun Mar 19 16:34:20 2023 by rpki-client on console-ams.rpki-client.org