Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc880146-7b38-40c6-b452-8f8d46b57e17.roa
File: fc880146-7b38-40c6-b452-8f8d46b57e17.roa (raw, json)
Hash identifier: /PiUey1EBwOuwXgEJMHnw+8Dp7PONgSe6mmAwj9DL9Q=
Subject key identifier: F0:24:71:77:41:41:ED:D8:11:19:A9:09:EC:A9:FD:1E:49:00:CF:3A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0181B3AD9CF3D759A471530AB2C1570B8C8C76F9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc880146-7b38-40c6-b452-8f8d46b57e17.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07c:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 23:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:b3:ad:9c:f3:d7:59:a4:71:53:0a:b2:c1:57:0b:8c:8c:76:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=205294abba6304d01648dc421741005932612556787adbcba8dbf72bbad82f7c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:62:80:aa:e9:c9:1a:6c:46:f2:00:78:60:01:
3f:2f:bb:2f:b6:e5:e3:55:bc:a0:2b:26:c2:b6:79:
2e:8c:28:29:60:81:3a:c0:a8:c3:04:ad:62:00:7d:
33:89:39:14:82:d3:38:8d:c5:20:7e:f3:01:dd:71:
b5:b0:72:24:72:12:9d:91:0c:d1:1e:ee:86:7d:f3:
1e:f4:92:27:bf:8c:15:2c:d2:c0:96:97:9d:f8:8b:
90:a0:db:c9:79:95:fd:df:be:63:73:16:22:0e:d8:
3b:3d:68:4d:88:fb:fe:02:88:1d:34:57:14:01:fd:
7e:ce:38:ac:f5:5b:07:e9:68:4f:a6:ed:9b:f7:c0:
56:27:80:f1:d5:2c:d2:b9:15:eb:24:39:c1:bb:59:
7b:02:3f:ec:47:ad:fc:96:a9:ff:b7:ff:f2:48:fe:
ec:ed:46:79:2d:9a:96:43:8c:7a:f5:6b:1f:b1:e3:
7e:5d:2e:ad:44:6f:ea:fb:5d:0a:24:99:0b:e0:2f:
91:78:a0:87:c6:c6:1e:f2:c0:23:49:6f:bb:00:49:
d0:ab:99:a3:ed:a9:86:8f:41:93:dc:00:8f:31:0f:
a9:69:41:1c:87:ff:af:1b:ea:b6:f8:76:63:33:9f:
7a:6d:81:d7:b4:6e:37:2d:90:84:59:f9:10:4e:8a:
41:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:24:71:77:41:41:ED:D8:11:19:A9:09:EC:A9:FD:1E:49:00:CF:3A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc880146-7b38-40c6-b452-8f8d46b57e17.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07c:2000::/40
Signature Algorithm: sha256WithRSAEncryption
28:97:71:35:68:c5:83:6f:7a:1f:18:01:06:fc:6b:a2:00:2c:
de:81:7a:d1:da:7b:66:9b:b4:cd:bf:00:d2:63:14:55:83:69:
1d:01:b6:0b:d7:3d:fd:94:56:15:4a:20:49:68:38:a8:6a:75:
e8:2e:ae:62:cc:1c:aa:71:b6:15:47:28:08:1b:36:91:19:02:
5d:e4:08:ee:b1:d0:f6:91:eb:15:2f:de:c7:38:59:93:2b:39:
50:a9:bc:80:98:72:ef:6e:01:06:83:7a:39:9a:c3:68:ad:1a:
50:91:aa:f1:7c:ff:b7:03:c0:d3:de:19:ce:38:c6:da:ed:3a:
08:41:de:d2:40:e8:e5:6c:09:83:6d:da:fe:58:a5:7b:3b:dc:
a4:7f:45:99:fc:87:05:ca:50:5d:5d:cb:17:30:1e:2e:28:2c:
c0:e3:f1:dc:ef:19:78:e5:67:e4:76:9a:38:bd:70:20:db:0d:
a5:1b:6f:0c:c0:3e:10:3f:57:3a:09:1d:aa:bb:2b:a9:c7:42:
1c:5e:fb:90:bb:12:e7:85:b5:71:73:4b:d3:7a:d2:61:14:22:
d7:bc:0b:04:55:db:ed:c4:1d:65:0b:ac:d1:2d:4d:a4:9b:1f:
19:02:e3:83:4a:fb:c5:b5:ff:42:95:90:c8:5d:db:4c:53:9a:
a7:98:27:2a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAYGzrZzz11mkcVMKssFXC4yMdvkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDIwNTI5NGFiYmE2MzA0ZDAxNjQ4ZGM0MjE3NDEwMDU5MzI2MTI1NTY3ODdh
ZGJjYmE4ZGJmNzJiYmFkODJmN2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJpigKrpyRpsRvIAeGABPy+7L7bl41W8oCsmwrZ5LowoKWCBOsCowwStYgB9
M4k5FILTOI3FIH7zAd1xtbByJHISnZEM0R7uhn3zHvSSJ7+MFSzSwJaXnfiLkKDb
yXmV/d++Y3MWIg7YOz1oTYj7/gKIHTRXFAH9fs44rPVbB+loT6btm/fAVieA8dUs
0rkV6yQ5wbtZewI/7Eet/Jap/7f/8kj+7O1GeS2alkOMevVrH7Hjfl0urURv6vtd
CiSZC+AvkXigh8bGHvLAI0lvuwBJ0KuZo+2pho9Bk9wAjzEPqWlBHIf/rxvqtvh2
YzOfem2B17RuNy2QhFn5EE6KQXMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTwJHF3
QUHt2BEZqQnsqf0eSQDPOjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmM4ODAxNDYtN2IzOC00MGM2LWI0NTItOGY4ZDQ2YjU3ZTE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hwg
MA0GCSqGSIb3DQEBCwUAA4IBAQAol3E1aMWDb3ofGAEG/GuiACzegXrR2ntmm7TN
vwDSYxRVg2kdAbYL1z39lFYVSiBJaDioanXoLq5izByqcbYVRygIGzaRGQJd5Aju
sdD2kesVL97HOFmTKzlQqbyAmHLvbgEGg3o5msNorRpQkarxfP+3A8DT3hnOOMba
7ToIQd7SQOjlbAmDbdr+WKV7O9ykf0WZ/IcFylBdXcsXMB4uKCzA4/Hc7xl45Wfk
dpo4vXAg2w2lG28MwD4QP1c6CR2quyupx0IcXvuQuxLnhbVxc0vTetJhFCLXvAsE
VdvtxB1lC6zRLU2kmx8ZAuODSvvFtf9ClZDIXdtMU5qnmCcq
-----END CERTIFICATE-----
Generated at Fri Apr 26 06:08:16 2024 by rpki-client on console-ams.rpki-client.org