Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fffa4b9d-c694-4dd2-82e6-0ebe31095be3.roa
File: fffa4b9d-c694-4dd2-82e6-0ebe31095be3.roa (raw, json)
Hash identifier: mtbr20HAPlBPazScR74+QAHgcsxed5yYR3vsXhZH7s4=
Subject key identifier: D0:D9:FD:22:74:75:B2:42:02:F2:07:9B:D0:AB:45:60:62:81:30:89
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1F21CDCCB52FA488FC4F61449DB949AC7D3059B8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fffa4b9d-c694-4dd2-82e6-0ebe31095be3.roa
Signing time: Mon 02 Sep 2024 00:00:00 +0000
ROA not before: Mon 02 Sep 2024 00:00:00 +0000
ROA not after: Mon 07 Oct 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d079:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Sep 2024 20:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:21:cd:cc:b5:2f:a4:88:fc:4f:61:44:9d:b9:49:ac:7d:30:59:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 2 00:00:00 2024 GMT
Not After : Oct 7 23:59:59 2024 GMT
Subject: serialNumber=af3ea77bd7a623f0a26b91a802c342f09bc680b8d1b3b71f15da01f97e68bb7f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d8:8b:e9:86:47:b8:8d:f0:80:4f:aa:7a:ac:
c4:81:36:58:19:19:98:2e:a5:d9:1e:9d:cb:ea:0c:
f3:3b:79:4b:d9:7a:dd:ec:27:5b:ce:02:58:a4:73:
8a:65:33:be:8c:50:52:e9:ac:c4:14:c8:14:03:12:
4b:c7:69:c7:15:36:ea:86:7e:fb:90:43:73:cb:eb:
df:93:d5:5c:25:2c:59:6b:00:1d:61:4a:23:ff:cc:
9e:48:21:cf:96:23:0c:13:c0:af:7b:0c:7e:de:38:
a5:8b:31:66:11:40:db:2a:f2:a2:6c:ed:31:e6:c2:
d7:f1:f4:fd:a4:fb:0f:43:f7:fc:de:be:9b:96:ae:
f4:81:63:19:38:7f:be:7f:84:0a:6e:89:3b:52:54:
e2:0c:74:7b:a0:1c:b5:4c:5c:fa:c8:c8:47:2b:ff:
00:d7:b7:8c:df:56:51:58:b6:b4:be:6a:22:c9:ff:
f3:bd:60:ca:67:5c:0f:e0:92:30:a0:2e:8c:70:5c:
5b:54:7c:08:21:64:c0:55:b7:9c:65:6c:2a:60:28:
91:3f:a0:90:ea:37:97:eb:12:a9:db:75:3a:97:2b:
cc:d0:fc:65:63:35:d1:ab:01:4c:1a:1e:12:82:ea:
86:f7:78:54:c9:c0:12:ef:55:47:29:7e:4b:eb:ce:
1c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:D9:FD:22:74:75:B2:42:02:F2:07:9B:D0:AB:45:60:62:81:30:89
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fffa4b9d-c694-4dd2-82e6-0ebe31095be3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d079:1000::/40
Signature Algorithm: sha256WithRSAEncryption
73:fe:a5:1e:60:f9:43:ea:d2:26:cf:09:af:0f:9e:4e:37:85:
8d:e8:01:16:16:0f:b9:a7:8c:5e:63:d7:b0:80:59:08:ce:32:
ee:cc:be:bc:09:68:cc:66:91:b4:4c:d8:d6:f1:bf:5c:69:ca:
d7:f2:57:8b:58:24:7d:cb:3b:b8:7f:8c:f3:7a:75:cd:bb:5c:
44:17:db:3c:0c:a7:30:cb:07:9e:e6:91:8c:55:e1:99:11:80:
60:17:62:8e:16:76:f2:a1:b5:78:c4:51:28:ab:ee:f3:1b:db:
df:fe:8d:79:67:8f:dd:a0:27:78:32:1a:73:1a:03:50:50:4f:
80:11:c2:3d:d4:82:3b:c1:99:06:d5:74:98:f8:8a:b3:92:38:
ca:a7:20:65:b2:6c:54:2a:d6:9b:82:2a:8a:e0:2b:ec:0b:06:
d7:5c:9c:fe:27:64:13:fc:b8:e3:12:68:4b:73:15:f5:d1:99:
a7:e3:df:96:7d:ab:8b:f5:8c:e6:d2:ff:51:27:fb:34:e3:98:
e7:85:ac:21:8c:5a:ee:33:9f:7e:9d:86:26:be:9d:20:9d:cd:
95:65:6b:09:85:54:dc:04:c3:62:dd:d2:28:eb:09:a7:2e:0c:
52:84:39:ba:fd:92:93:e3:d6:eb:7f:66:37:c4:d9:a1:e6:c5:
5b:f0:10:f7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHyHNzLUvpIj8T2FEnblJrH0wWbgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA5MDIwMDAwMDBaFw0yNDEwMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmM2VhNzdiZDdhNjIzZjBhMjZiOTFhODAyYzM0MmYwOWJjNjgwYjhkMWIz
YjcxZjE1ZGEwMWY5N2U2OGJiN2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJrYi+mGR7iN8IBPqnqsxIE2WBkZmC6l2R6dy+oM8zt5S9l63ewnW84CWKRz
imUzvoxQUumsxBTIFAMSS8dpxxU26oZ++5BDc8vr35PVXCUsWWsAHWFKI//Mnkgh
z5YjDBPAr3sMft44pYsxZhFA2yryomztMebC1/H0/aT7D0P3/N6+m5au9IFjGTh/
vn+ECm6JO1JU4gx0e6ActUxc+sjIRyv/ANe3jN9WUVi2tL5qIsn/871gymdcD+CS
MKAujHBcW1R8CCFkwFW3nGVsKmAokT+gkOo3l+sSqdt1OpcrzND8ZWM10asBTBoe
EoLqhvd4VMnAEu9VRyl+S+vOHHkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTQ2f0i
dHWyQgLyB5vQq0VgYoEwiTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmZmYTRiOWQtYzY5NC00ZGQyLTgyZTYtMGViZTMxMDk1YmUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HkQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBz/qUeYPlD6tImzwmvD55ON4WN6AEWFg+5p4xe
Y9ewgFkIzjLuzL68CWjMZpG0TNjW8b9cacrX8leLWCR9yzu4f4zzenXNu1xEF9s8
DKcwywee5pGMVeGZEYBgF2KOFnbyobV4xFEoq+7zG9vf/o15Z4/doCd4MhpzGgNQ
UE+AEcI91II7wZkG1XSY+IqzkjjKpyBlsmxUKtabgiqK4CvsCwbXXJz+J2QT/Ljj
EmhLcxX10Zmn49+WfauL9Yzm0v9RJ/s045jnhawhjFruM59+nYYmvp0gnc2VZWsJ
hVTcBMNi3dIo6wmnLgxShDm6/ZKT49brf2Y3xNmh5sVb8BD3
-----END CERTIFICATE-----
Generated at Sat Sep 7 01:39:50 2024 by rpki-client on console-ams.rpki-client.org