Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fffa4b9d-c694-4dd2-82e6-0ebe31095be3.roa
File: fffa4b9d-c694-4dd2-82e6-0ebe31095be3.roa (raw, json)
Hash identifier: b/KdDzCpnUzlxI8otjJ7v7kQoGRYB7py7GUuB++V+w8=
Subject key identifier: E0:0C:C7:68:BB:9E:7C:56:AE:76:87:1C:BD:DD:C9:A0:0E:C8:2C:AF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 23149E66FC58DEF2782FD9E6EB485A3D9C216917
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fffa4b9d-c694-4dd2-82e6-0ebe31095be3.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d079:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:14:9e:66:fc:58:de:f2:78:2f:d9:e6:eb:48:5a:3d:9c:21:69:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=aa65b93fb8df7029aa92ad162df51430b4a3d8ab4496e601ea1e209eda6be25c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:04:7a:ae:fb:9f:a8:46:8b:af:ed:a0:d7:73:
ed:02:0b:3b:fe:c0:ce:fb:08:b7:3f:6b:48:b4:b4:
3b:32:ef:0a:ee:48:00:b3:da:96:2e:86:51:ab:a0:
cd:f3:35:0a:67:53:95:6f:96:f2:45:9d:32:55:81:
45:53:fb:4c:a6:4f:f8:f9:25:fd:dc:00:a5:3c:09:
40:35:dd:b9:b8:30:f8:89:8c:d4:c8:ad:a1:70:91:
07:f6:5d:c2:5f:4a:64:4e:99:ba:82:3d:d1:c3:bd:
70:8d:f0:52:8c:2f:be:38:f3:a8:34:1f:a9:1b:69:
fa:4b:22:42:b6:82:b2:40:ea:5b:4f:af:56:32:9d:
1d:66:7f:8c:e7:ee:52:22:2f:12:a4:74:d3:19:97:
ba:fe:66:fd:8a:8c:ce:e4:ec:c2:ed:b9:67:44:45:
e8:53:e9:52:3c:88:01:47:f1:aa:0c:7d:87:2e:29:
2c:e1:32:31:14:1f:de:65:08:ab:8d:39:48:97:f1:
ca:46:ba:24:46:c1:a8:3b:71:c8:19:3c:1e:f1:81:
26:d0:33:d9:39:e3:99:08:0c:ee:b2:e6:c6:9b:c7:
7b:00:ad:db:4d:90:40:34:a7:4d:61:d8:86:3a:ad:
58:88:aa:0a:04:84:05:c7:8f:63:eb:9a:1f:4f:7a:
9a:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:0C:C7:68:BB:9E:7C:56:AE:76:87:1C:BD:DD:C9:A0:0E:C8:2C:AF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fffa4b9d-c694-4dd2-82e6-0ebe31095be3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d079:1000::/40
Signature Algorithm: sha256WithRSAEncryption
92:de:af:6d:ac:dc:4c:fc:da:5a:f2:68:03:48:46:e3:7d:71:
04:0f:8d:06:9f:9a:6f:8e:fb:01:03:fa:c1:bd:28:de:36:58:
18:4b:f2:02:c7:31:fb:fe:e7:a3:e5:39:7c:4f:9c:d1:9a:41:
ff:aa:7d:96:e7:a5:e9:b7:5e:73:01:6f:a2:1e:df:68:dc:97:
6e:d7:6d:79:a9:6e:93:14:f9:29:e2:43:18:77:38:f8:73:a5:
d3:6f:90:d4:7c:bc:c3:0b:11:9b:db:95:d0:b3:0e:e5:e6:46:
c3:ea:99:57:61:34:2d:7a:1b:29:42:a1:af:46:27:51:1a:a2:
b4:2d:50:6f:ca:7b:be:2c:bd:80:31:1c:14:23:ed:60:01:bb:
49:b4:7a:b5:e2:b3:d7:63:bf:63:9d:18:72:9d:ad:0c:57:05:
4a:1b:f0:67:12:f7:fd:b7:a0:47:28:db:60:3e:92:56:2d:4a:
d7:38:a2:63:b4:c9:74:1a:72:ba:38:4e:34:a0:03:6a:f3:27:
9f:2c:c6:e8:43:89:36:41:fc:87:bc:d1:54:95:33:ee:5c:ad:
3f:e7:c3:c7:66:58:80:fc:a9:58:a3:2f:ae:cb:b3:06:9b:53:
a8:db:c1:38:cc:83:99:23:ed:44:e4:f4:a8:34:17:e2:b3:dc:
23:be:77:dc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIxSeZvxY3vJ4L9nm60haPZwhaRcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGFhNjViOTNmYjhkZjcwMjlhYTkyYWQxNjJkZjUxNDMwYjRhM2Q4YWI0NDk2
ZTYwMWVhMWUyMDllZGE2YmUyNWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM0Eeq77n6hGi6/toNdz7QILO/7AzvsItz9rSLS0OzLvCu5IALPali6GUaug
zfM1CmdTlW+W8kWdMlWBRVP7TKZP+Pkl/dwApTwJQDXdubgw+ImM1MitoXCRB/Zd
wl9KZE6ZuoI90cO9cI3wUowvvjjzqDQfqRtp+ksiQraCskDqW0+vVjKdHWZ/jOfu
UiIvEqR00xmXuv5m/YqMzuTswu25Z0RF6FPpUjyIAUfxqgx9hy4pLOEyMRQf3mUI
q405SJfxyka6JEbBqDtxyBk8HvGBJtAz2TnjmQgM7rLmxpvHewCt202QQDSnTWHY
hjqtWIiqCgSEBcePY+uaH096muUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTgDMdo
u558Vq52hxy93cmgDsgsrzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmZmYTRiOWQtYzY5NC00ZGQyLTgyZTYtMGViZTMxMDk1YmUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HkQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCS3q9trNxM/Npa8mgDSEbjfXEED40Gn5pvjvsB
A/rBvSjeNlgYS/ICxzH7/uej5Tl8T5zRmkH/qn2W56Xpt15zAW+iHt9o3Jdu1215
qW6TFPkp4kMYdzj4c6XTb5DUfLzDCxGb25XQsw7l5kbD6plXYTQtehspQqGvRidR
GqK0LVBvynu+LL2AMRwUI+1gAbtJtHq14rPXY79jnRhyna0MVwVKG/BnEvf9t6BH
KNtgPpJWLUrXOKJjtMl0GnK6OE40oANq8yefLMboQ4k2QfyHvNFUlTPuXK0/58PH
ZliA/KlYoy+uy7MGm1Oo28E4zIOZI+1E5PSoNBfis9wjvnfc
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:50:17 2023 by rpki-client on console-ams.rpki-client.org