Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02484022-c79f-4464-827b-2127faff0b06.roa
File: 02484022-c79f-4464-827b-2127faff0b06.roa (raw, json)
Hash identifier: qfD6+6zkh6vjER09sAaDncrHdVS/Pzi5bXYMDYBwmk4=
Subject key identifier: 78:07:CC:D1:93:5F:63:8E:9B:97:28:88:9F:9B:E1:08:F4:43:5E:E8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 656C7C3FF1DABF61B8487696A11F3F33AA4635B1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02484022-c79f-4464-827b-2127faff0b06.roa
Signing time: Tue 15 Apr 2025 15:10:04 +0000
ROA not before: Tue 15 Apr 2025 15:10:04 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:6c:7c:3f:f1:da:bf:61:b8:48:76:96:a1:1f:3f:33:aa:46:35:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:10:04 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=b5cd98f9fdaf1bbd8c7ea332acb14a5c3ffc16b94a84aaa0e81ec2826f00cea0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:6a:2a:35:92:da:37:3e:d2:2f:aa:01:6f:16:
60:f9:22:20:ab:82:fc:5f:41:49:dc:1e:d2:6e:73:
8b:97:53:64:ac:8a:88:e5:be:bc:4d:ce:66:0b:20:
93:fc:17:d3:7c:61:77:4d:90:85:fa:29:11:7e:b9:
a3:a8:a1:38:28:71:15:da:f8:29:72:f3:41:a1:64:
0f:b6:fc:5c:1a:a7:1a:b2:0f:4e:41:44:6c:cd:a3:
89:85:df:9b:42:6d:ed:5a:c2:95:82:8d:7f:52:b5:
8f:ca:b0:27:9b:52:19:36:c5:f3:66:c7:9a:cc:71:
cf:99:c1:7f:48:c9:2c:43:6f:cd:2a:51:91:c6:45:
11:df:01:28:e0:83:17:29:ee:23:1b:33:a5:4d:0a:
c0:1b:8d:6e:d2:1b:d8:b7:6b:83:58:b9:82:99:6e:
93:2e:d1:f8:89:8c:1e:1d:82:2f:f4:bc:7f:29:1a:
91:7d:67:ac:fe:81:53:09:19:c2:d4:45:37:2d:e1:
bb:61:48:af:2b:87:56:81:fb:73:60:5d:ac:86:bc:
07:9d:88:31:92:32:3a:68:99:63:30:f4:60:5e:5b:
bd:3f:cb:f5:48:7d:cb:88:a5:1a:68:c3:49:f5:be:
25:eb:d7:c3:85:e2:58:0e:c3:38:41:97:4a:90:d9:
89:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:07:CC:D1:93:5F:63:8E:9B:97:28:88:9F:9B:E1:08:F4:43:5E:E8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02484022-c79f-4464-827b-2127faff0b06.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030::/32
Signature Algorithm: sha256WithRSAEncryption
08:87:65:49:d7:ba:ae:8a:77:93:ee:59:c7:67:fb:9e:e5:96:
d1:61:a0:b0:07:25:8d:e2:d4:73:bb:f8:36:91:20:e5:fc:9c:
61:70:49:b4:da:a5:89:82:74:dd:c5:d4:3f:c8:fb:a5:1c:8a:
bc:01:43:97:75:d0:f7:7a:b2:f1:f6:82:39:cd:cc:0e:c3:a3:
af:3f:0a:4d:aa:7d:f3:59:14:17:0c:62:45:36:1c:7b:55:b8:
78:0a:b7:75:2a:23:5f:a1:4c:72:41:eb:5c:1b:16:42:df:81:
49:38:51:48:db:4a:3c:58:12:95:ea:9e:c8:1d:74:15:77:f7:
62:8d:cb:d3:ad:5b:58:51:5a:a4:f4:83:53:c1:d2:a8:7a:89:
25:fa:07:65:59:54:2f:35:67:64:89:15:83:fe:0e:89:08:0c:
be:6c:fd:6b:21:4c:95:cf:03:d9:8f:55:11:39:50:54:88:69:
f1:ab:2a:61:ab:cb:e1:af:5f:43:bb:b5:c6:49:1c:80:9f:88:
06:33:a1:2a:23:ce:5c:86:b2:2e:b5:3a:1b:67:6a:03:58:62:
1d:25:c0:c8:f9:b9:78:8a:ee:fc:3c:f8:d8:51:6b:99:8b:59:
c7:be:8b:f4:97:32:16:d4:cf:37:9a:66:a6:9e:20:99:02:80:
f0:e3:23:8b
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUZWx8P/Hav2G4SHaWoR8/M6pGNbEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTEwMDRaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1Y2Q5OGY5ZmRhZjFiYmQ4YzdlYTMzMmFjYjE0YTVjM2ZmYzE2Yjk0YTg0
YWFhMGU4MWVjMjgyNmYwMGNlYTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOhqKjWS2jc+0i+qAW8WYPkiIKuC/F9BSdwe0m5zi5dTZKyKiOW+vE3OZgsg
k/wX03xhd02QhfopEX65o6ihOChxFdr4KXLzQaFkD7b8XBqnGrIPTkFEbM2jiYXf
m0Jt7VrClYKNf1K1j8qwJ5tSGTbF82bHmsxxz5nBf0jJLENvzSpRkcZFEd8BKOCD
FynuIxszpU0KwBuNbtIb2Ldrg1i5gpluky7R+ImMHh2CL/S8fykakX1nrP6BUwkZ
wtRFNy3hu2FIryuHVoH7c2BdrIa8B52IMZIyOmiZYzD0YF5bvT/L9Uh9y4ilGmjD
SfW+JevXw4XiWA7DOEGXSpDZiakCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBR4B8zR
k19jjpuXKIifm+EI9ENe6DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDI0ODQwMjItYzc5Zi00NDY0LTgyN2ItMjEyN2ZhZmYwYjA2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0DAw
DQYJKoZIhvcNAQELBQADggEBAAiHZUnXuq6Kd5PuWcdn+57lltFhoLAHJY3i1HO7
+DaRIOX8nGFwSbTapYmCdN3F1D/I+6UcirwBQ5d10Pd6svH2gjnNzA7Do68/Ck2q
ffNZFBcMYkU2HHtVuHgKt3UqI1+hTHJB61wbFkLfgUk4UUjbSjxYEpXqnsgddBV3
92KNy9OtW1hRWqT0g1PB0qh6iSX6B2VZVC81Z2SJFYP+DokIDL5s/WshTJXPA9mP
VRE5UFSIafGrKmGry+GvX0O7tcZJHICfiAYzoSojzlyGsi61OhtnagNYYh0lwMj5
uXiK7vw8+NhRa5mLWce+i/SXMhbUzzeaZqaeIJkCgPDjI4s=
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:24 2025 by rpki-client