Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/031fdd48-d66d-4cba-8375-4bf3f56ae206.roa
File: 031fdd48-d66d-4cba-8375-4bf3f56ae206.roa (raw, json)
Hash identifier: tlQn8B6EzkSl5qxes76vMy61xLJWA+dq3TPNh2F3emY=
Subject key identifier: 36:A2:4A:9C:BD:90:1F:88:0F:98:32:CF:3E:B6:7D:06:58:ED:78:92
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 59963F0041AD187D020A962CCB31D1859EBB9289
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/031fdd48-d66d-4cba-8375-4bf3f56ae206.roa
Signing time: Fri 25 Apr 2025 19:40:43 +0000
ROA not before: Fri 25 Apr 2025 19:40:43 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:c080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:96:3f:00:41:ad:18:7d:02:0a:96:2c:cb:31:d1:85:9e:bb:92:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:40:43 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=63376cfca10b8648ccf688bfd79585f8697da0d833dd4e4820d3b965708552cd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:6e:1b:c4:38:ed:bd:01:00:e1:1d:cc:a0:10:
79:b3:ef:96:10:10:69:f2:64:3b:98:d7:96:22:1b:
8c:3e:d5:01:bd:8e:a4:68:85:34:56:e3:4a:ac:e4:
94:7b:4d:09:3b:91:e2:53:fe:57:7b:15:63:3c:4b:
8c:b5:ac:d0:be:7a:a1:fa:ea:64:41:be:7d:fd:2e:
e0:0f:29:60:6c:34:17:8e:cd:ef:a0:ba:89:61:1d:
8b:4f:45:e1:cb:24:59:14:9e:34:f2:5d:5a:29:3d:
c8:16:2f:45:6d:b5:d2:35:ac:83:6f:28:ea:30:d9:
e9:9d:c0:ac:13:2d:bc:90:92:f2:36:7d:52:e3:43:
8a:3a:7d:25:3b:80:dd:6e:b2:d7:99:61:83:7c:28:
69:49:0d:5e:2d:5b:e3:b8:f1:7b:71:1b:56:d8:d9:
72:69:3d:bd:6e:e7:7f:fc:2d:5c:c1:80:5c:b9:c4:
be:6c:c7:17:de:5e:ac:52:66:2f:e4:1c:42:f3:c4:
e8:8d:7e:10:1d:b4:78:46:b9:41:0b:a1:a1:93:88:
37:00:75:03:60:ab:5e:98:b2:52:1e:77:eb:bb:d7:
7a:b3:eb:a7:f1:f3:93:8b:c6:21:4a:45:f8:4a:36:
7b:4e:0c:d3:6c:49:c8:c1:ac:a9:f6:1d:ef:35:ad:
92:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:A2:4A:9C:BD:90:1F:88:0F:98:32:CF:3E:B6:7D:06:58:ED:78:92
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/031fdd48-d66d-4cba-8375-4bf3f56ae206.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:c080::/46
Signature Algorithm: sha256WithRSAEncryption
0c:0e:97:45:23:2d:6d:f1:ce:b7:3d:bf:bb:7c:87:f7:28:2a:
1c:e5:58:29:e7:cf:0c:12:ea:cb:5a:24:9b:a4:61:cf:11:82:
c2:95:02:bf:41:e9:99:74:73:37:61:fc:2b:12:09:0f:7d:49:
7f:00:41:42:18:9b:85:cb:c0:0a:99:f1:b7:07:d2:cd:4a:b7:
01:99:04:04:98:e2:32:ad:0a:12:46:bb:10:8c:b5:7f:06:3f:
88:c4:e1:61:e5:80:cf:7e:bb:42:2b:14:45:e8:68:6e:68:a9:
2e:b9:72:19:c6:2f:ee:be:ef:90:dd:55:c6:0e:8e:a4:7d:f1:
f7:2d:fd:43:03:73:12:50:79:5d:67:50:6d:67:d1:2c:82:23:
ed:81:03:48:f3:de:49:c8:af:b6:e0:29:8e:32:03:af:fb:49:
c3:3d:6e:12:50:5c:f4:3c:b0:e6:56:ac:65:4f:44:18:44:a7:
38:84:75:74:04:82:78:a7:07:28:ec:ef:a0:45:fb:d8:59:fe:
b6:27:8a:9e:83:cb:48:6c:18:bb:ff:a6:0f:91:e3:59:eb:49:
5d:7a:e1:98:19:2d:5d:a0:31:e9:be:78:a5:a7:0d:9e:16:ab:
0f:d1:ae:cb:68:fc:36:98:3c:89:5c:21:8b:04:f5:fb:7b:bf:
4f:f1:8c:f2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWZY/AEGtGH0CCpYsyzHRhZ67kokwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTQwNDNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDYzMzc2Y2ZjYTEwYjg2NDhjY2Y2ODhiZmQ3OTU4NWY4Njk3ZGEwZDgzM2Rk
NGU0ODIwZDNiOTY1NzA4NTUyY2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALFuG8Q47b0BAOEdzKAQebPvlhAQafJkO5jXliIbjD7VAb2OpGiFNFbjSqzk
lHtNCTuR4lP+V3sVYzxLjLWs0L56ofrqZEG+ff0u4A8pYGw0F47N76C6iWEdi09F
4cskWRSeNPJdWik9yBYvRW210jWsg28o6jDZ6Z3ArBMtvJCS8jZ9UuNDijp9JTuA
3W6y15lhg3woaUkNXi1b47jxe3EbVtjZcmk9vW7nf/wtXMGAXLnEvmzHF95erFJm
L+QcQvPE6I1+EB20eEa5QQuhoZOINwB1A2CrXpiyUh5367vXerPrp/Hzk4vGIUpF
+Eo2e04M02xJyMGsqfYd7zWtkrsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ2okqc
vZAfiA+YMs8+tn0GWO14kjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDMxZmRkNDgtZDY2ZC00Y2JhLTgzNzUtNGJmM2Y1NmFlMjA2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HfA
gDANBgkqhkiG9w0BAQsFAAOCAQEADA6XRSMtbfHOtz2/u3yH9ygqHOVYKefPDBLq
y1okm6RhzxGCwpUCv0HpmXRzN2H8KxIJD31JfwBBQhibhcvACpnxtwfSzUq3AZkE
BJjiMq0KEka7EIy1fwY/iMThYeWAz367QisURehobmipLrlyGcYv7r7vkN1Vxg6O
pH3x9y39QwNzElB5XWdQbWfRLIIj7YEDSPPeScivtuApjjIDr/tJwz1uElBc9Dyw
5lasZU9EGESnOIR1dASCeKcHKOzvoEX72Fn+tieKnoPLSGwYu/+mD5HjWetJXXrh
mBktXaAx6b54pacNnharD9Guy2j8Npg8iVwhiwT1+3u/T/GM8g==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:14 2025 by rpki-client