Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/06a4b0ee-b740-45a8-9574-79207837db5b.roa
File: 06a4b0ee-b740-45a8-9574-79207837db5b.roa (raw, json)
Hash identifier: Ykdku9BukzuaBOgwjtvYUex7zV9FrPvBP9yIlMs86Zg=
Subject key identifier: 23:D9:FB:B1:92:28:A3:5E:E0:82:79:0B:E7:A1:93:03:A9:25:E2:17
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0A7E6716EDFDB51CE343E4A293577D052AEC1670
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/06a4b0ee-b740-45a8-9574-79207837db5b.roa
Signing time: Fri 25 Apr 2025 19:21:07 +0000
ROA not before: Fri 25 Apr 2025 19:21:07 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:a0c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:7e:67:16:ed:fd:b5:1c:e3:43:e4:a2:93:57:7d:05:2a:ec:16:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:21:07 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=143f8dae61ef81c436802c1ee90b957a653a6d255b0b46a7a6babca2c6d02782, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:56:b9:4b:4f:bb:51:9a:47:c4:2f:1b:da:4d:
a3:71:66:37:4b:9a:96:1a:e9:80:84:ad:ce:95:91:
ca:d8:91:77:c1:37:9b:ce:d2:b7:4d:fa:d0:e9:84:
8f:67:18:af:08:47:f2:0b:1b:c3:31:1e:c1:d7:6e:
66:18:f1:7c:7f:b8:95:81:63:74:f4:8c:66:fe:f9:
06:5c:d3:07:62:47:0d:51:ce:89:9b:2c:ff:14:7e:
11:8a:11:7c:c7:05:cd:b4:8f:5e:08:aa:e9:5d:a4:
35:e0:6a:a9:74:04:30:f9:5e:48:93:61:1a:c7:d2:
ab:06:8c:9c:30:89:87:cb:52:e6:01:05:2e:09:1b:
4e:aa:ae:1a:57:5e:4c:72:45:28:40:16:da:90:99:
9b:e2:cd:bb:5d:90:60:a7:c0:4a:80:a4:9f:ce:40:
9f:21:cb:0f:c4:9a:ff:d6:ce:a8:dc:f2:eb:1e:c8:
95:f8:d6:8c:f0:8f:92:04:dc:83:fe:ff:1a:9a:dc:
5e:9b:03:48:68:bb:84:e7:9f:9d:68:ae:26:c1:ab:
b6:49:2b:7c:86:af:aa:fa:ad:ab:36:1f:41:c7:8b:
28:4d:71:cd:b0:dd:2e:ea:70:70:46:37:b9:b1:22:
e7:e8:64:6e:d6:d4:f4:7e:22:be:02:90:a5:83:17:
2f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:D9:FB:B1:92:28:A3:5E:E0:82:79:0B:E7:A1:93:03:A9:25:E2:17
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/06a4b0ee-b740-45a8-9574-79207837db5b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:a0c0::/46
Signature Algorithm: sha256WithRSAEncryption
5c:81:5d:35:74:d3:cd:f0:a5:8a:5b:10:96:ff:31:1b:2d:ad:
1f:f6:fb:6c:f6:8e:ce:b7:4b:4e:a0:6d:75:0d:c3:a6:03:cd:
2f:4e:0e:72:f8:fd:2e:fe:81:ab:04:e7:00:24:87:93:21:a0:
1e:4f:53:b1:99:59:e1:aa:73:4e:1b:e4:7e:d0:7b:3f:d6:2e:
ba:17:ff:00:d9:35:c9:6f:d2:42:ff:ac:32:c3:26:80:56:44:
9f:14:f3:01:57:12:51:0e:6e:77:4b:19:b4:d3:17:a1:50:6b:
ac:dc:d0:a9:d0:17:ac:63:1e:0f:3d:9b:aa:5e:7c:48:69:98:
dc:96:ef:c4:fe:73:55:7f:bb:a7:e2:f0:5f:4b:02:a6:ef:39:
4f:2b:88:55:f1:7d:43:0e:06:17:36:4f:79:16:d2:bf:04:f3:
55:1e:6f:07:55:27:91:75:c2:2d:ec:07:7c:38:1a:af:82:f8:
51:e7:37:5b:88:b1:d3:f8:24:ff:16:7a:5c:04:6b:75:84:06:
7a:8d:6f:17:8c:ad:6e:dc:74:79:ab:b3:77:79:d9:61:9b:49:
f1:81:15:cc:ec:e5:2c:14:27:d4:8b:36:d9:f6:a4:bb:61:43:
56:ef:6f:4f:3d:1d:8f:40:22:e0:03:1b:56:b9:47:e1:1b:b9:
82:44:d8:75
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUCn5nFu39tRzjQ+Sik1d9BSrsFnAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTIxMDdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0M2Y4ZGFlNjFlZjgxYzQzNjgwMmMxZWU5MGI5NTdhNjUzYTZkMjU1YjBi
NDZhN2E2YmFiY2EyYzZkMDI3ODIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKZWuUtPu1GaR8QvG9pNo3FmN0ualhrpgIStzpWRytiRd8E3m87St0360OmE
j2cYrwhH8gsbwzEewdduZhjxfH+4lYFjdPSMZv75BlzTB2JHDVHOiZss/xR+EYoR
fMcFzbSPXgiq6V2kNeBqqXQEMPleSJNhGsfSqwaMnDCJh8tS5gEFLgkbTqquGlde
THJFKEAW2pCZm+LNu12QYKfASoCkn85AnyHLD8Sa/9bOqNzy6x7IlfjWjPCPkgTc
g/7/GprcXpsDSGi7hOefnWiuJsGrtkkrfIavqvqtqzYfQceLKE1xzbDdLupwcEY3
ubEi5+hkbtbU9H4ivgKQpYMXL4cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQj2fux
kiijXuCCeQvnoZMDqSXiFzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDZhNGIwZWUtYjc0MC00NWE4LTk1NzQtNzkyMDc4MzdkYjViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DWg
wDANBgkqhkiG9w0BAQsFAAOCAQEAXIFdNXTTzfClilsQlv8xGy2tH/b7bPaOzrdL
TqBtdQ3DpgPNL04Ocvj9Lv6BqwTnACSHkyGgHk9TsZlZ4apzThvkftB7P9Yuuhf/
ANk1yW/SQv+sMsMmgFZEnxTzAVcSUQ5ud0sZtNMXoVBrrNzQqdAXrGMeDz2bql58
SGmY3JbvxP5zVX+7p+LwX0sCpu85TyuIVfF9Qw4GFzZPeRbSvwTzVR5vB1UnkXXC
LewHfDgar4L4Uec3W4ix0/gk/xZ6XARrdYQGeo1vF4ytbtx0eauzd3nZYZtJ8YEV
zOzlLBQn1Is22faku2FDVu9vTz0dj0Ai4AMbVrlH4Ru5gkTYdQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:20 2025 by rpki-client