Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/060d4100-8917-4547-940a-7545ce6a0fcb.roa
File: 060d4100-8917-4547-940a-7545ce6a0fcb.roa (raw, json)
Hash identifier: 9WBYMpNc9zLcQfVoKsdbJO2h5+bVob8aw7c8jt5/CjY=
Subject key identifier: 0A:90:3B:91:2C:53:CF:85:27:FD:77:F1:60:3E:2E:E2:41:E3:61:EC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7D74DB3AF88115D1452BFB52A4FE1FBCFAD56B9C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/060d4100-8917-4547-940a-7545ce6a0fcb.roa
Signing time: Mon 21 Apr 2025 18:30:35 +0000
ROA not before: Mon 21 Apr 2025 18:30:35 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:880::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:74:db:3a:f8:81:15:d1:45:2b:fb:52:a4:fe:1f:bc:fa:d5:6b:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 21 18:30:35 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=95cca4d27e560e4698849b7e38ba9c84b43ea6ecbb448df5e3975822ed634c71, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:12:be:01:eb:47:e7:28:ac:72:a6:96:2d:b9:
46:74:d1:89:f9:a9:f9:d8:98:83:bd:ef:df:56:7f:
1f:61:98:82:52:68:56:be:f1:d1:33:55:e6:54:90:
b2:a4:bc:d2:09:8c:4d:94:94:70:12:e7:9c:9a:2f:
c0:8f:df:f8:b0:56:ac:45:7c:31:95:9b:4a:d7:d7:
07:43:69:04:ce:68:58:17:40:ec:16:8d:14:19:46:
00:95:d2:ef:b7:d7:ac:dc:b7:dc:ea:17:08:af:d0:
e1:a6:8d:66:a0:ef:da:2e:b8:0b:3f:48:da:85:f0:
3f:23:b1:27:89:15:5d:aa:68:b2:ad:9c:d2:7c:67:
8e:b5:2c:1c:86:e6:c0:92:61:31:be:cf:73:07:2d:
f1:d2:66:59:0a:01:2c:03:38:e4:4e:13:ea:a4:6e:
f8:28:cd:c6:77:ca:3e:5a:dd:04:63:3f:57:70:f7:
af:3e:f3:07:d4:a7:e4:a2:94:3c:28:86:bc:09:e2:
cc:54:e8:ab:b1:b2:30:9e:c8:ed:2d:00:33:27:47:
6d:8a:d7:1d:7f:1d:35:56:3d:a0:5e:71:82:d6:3e:
83:f6:68:3c:e3:2a:36:b4:df:69:3b:19:ec:43:7e:
ef:d3:3d:9b:83:d7:8b:de:44:cc:61:5a:cd:63:9c:
0d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:90:3B:91:2C:53:CF:85:27:FD:77:F1:60:3E:2E:E2:41:E3:61:EC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/060d4100-8917-4547-940a-7545ce6a0fcb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:880::/46
Signature Algorithm: sha256WithRSAEncryption
96:39:1e:be:e7:de:a6:da:77:27:6e:21:4e:f3:a0:18:0c:eb:
e5:bc:cf:59:92:e2:bf:50:6f:5f:cd:cb:12:b1:82:11:f7:2f:
41:a3:ab:d6:85:a1:13:4b:48:2f:8a:83:9e:48:d6:b9:65:52:
29:e8:5e:ca:88:d9:7c:a6:93:f5:89:32:02:5b:68:7c:2a:cf:
b0:db:c2:cd:7c:5b:71:49:45:76:1c:a0:be:b1:08:be:34:be:
1a:72:d5:d9:c3:84:f1:c2:1b:cc:a4:e3:69:8e:eb:9d:c1:7a:
12:76:f3:57:59:67:09:89:dc:13:59:d1:a3:52:ad:5b:23:aa:
b4:18:4c:c5:0b:55:8e:a0:08:7e:d2:48:4b:90:ca:57:b9:2f:
8c:87:b0:d3:20:ba:a8:83:ab:c9:1a:ac:9f:2f:97:2a:49:2d:
ff:3d:69:a9:c0:f5:30:88:c3:a6:a8:1b:5f:42:b2:2b:99:73:
da:1b:b8:b6:60:a2:9c:00:6b:03:6f:6b:00:a8:38:71:fb:c7:
b3:e2:f2:b0:91:46:0b:bb:9e:e4:d6:51:13:00:93:21:88:67:
1c:4a:b8:97:69:37:74:19:4b:01:d7:f5:e5:32:3d:7a:76:c8:
9a:f3:9a:b9:57:eb:f3:65:e0:96:ca:91:2a:cc:9b:63:c3:ae:
b6:df:80:3e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfXTbOviBFdFFK/tSpP4fvPrVa5wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjExODMwMzVaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDk1Y2NhNGQyN2U1NjBlNDY5ODg0OWI3ZTM4YmE5Yzg0YjQzZWE2ZWNiYjQ0
OGRmNWUzOTc1ODIyZWQ2MzRjNzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKwSvgHrR+corHKmli25RnTRifmp+diYg73v31Z/H2GYglJoVr7x0TNV5lSQ
sqS80gmMTZSUcBLnnJovwI/f+LBWrEV8MZWbStfXB0NpBM5oWBdA7BaNFBlGAJXS
77fXrNy33OoXCK/Q4aaNZqDv2i64Cz9I2oXwPyOxJ4kVXaposq2c0nxnjrUsHIbm
wJJhMb7Pcwct8dJmWQoBLAM45E4T6qRu+CjNxnfKPlrdBGM/V3D3rz7zB9Sn5KKU
PCiGvAnizFToq7GyMJ7I7S0AMydHbYrXHX8dNVY9oF5xgtY+g/ZoPOMqNrTfaTsZ
7EN+79M9m4PXi95EzGFazWOcDf8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQKkDuR
LFPPhSf9d/FgPi7iQeNh7DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDYwZDQxMDAtODkxNy00NTQ3LTk0MGEtNzU0NWNlNmEwZmNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HsI
gDANBgkqhkiG9w0BAQsFAAOCAQEAljkevufeptp3J24hTvOgGAzr5bzPWZLiv1Bv
X83LErGCEfcvQaOr1oWhE0tIL4qDnkjWuWVSKeheyojZfKaT9YkyAltofCrPsNvC
zXxbcUlFdhygvrEIvjS+GnLV2cOE8cIbzKTjaY7rncF6EnbzV1lnCYncE1nRo1Kt
WyOqtBhMxQtVjqAIftJIS5DKV7kvjIew0yC6qIOryRqsny+XKkkt/z1pqcD1MIjD
pqgbX0KyK5lz2hu4tmCinABrA29rAKg4cfvHs+LysJFGC7ue5NZREwCTIYhnHEq4
l2k3dBlLAdf15TI9enbImvOauVfr82XglsqRKsybY8Outt+APg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:50:04 2025 by rpki-client