Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0849241f-abaf-4c57-aadb-d881485a0aac.roa
File: 0849241f-abaf-4c57-aadb-d881485a0aac.roa (raw, json)
Hash identifier: iyh/FK0GhCPAFP/XHYIp3Dol+8zlY915phJEkFlUbOQ=
Subject key identifier: 66:CB:1B:10:99:0A:62:E1:E7:03:23:21:85:BF:79:2F:1A:7A:D6:DA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 027A658D3989D18046F0EF5F867F7A29CA4CE676
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0849241f-abaf-4c57-aadb-d881485a0aac.roa
Signing time: Fri 25 Apr 2025 20:11:15 +0000
ROA not before: Fri 25 Apr 2025 20:11:15 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:7a:65:8d:39:89:d1:80:46:f0:ef:5f:86:7f:7a:29:ca:4c:e6:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:11:15 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=5b82af2cd43fc4c3d70e33cd934f296a2b19a4ad334c47e500e5304a13bae25f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f3:e5:e6:4f:6d:01:e9:e3:5b:21:29:51:d2:
28:4a:2f:f1:fc:6c:dd:38:a4:2a:f6:ca:3a:51:f7:
dc:3b:6f:b7:68:dd:96:ca:da:f2:0b:13:12:16:4a:
17:53:2b:be:ae:43:c1:80:59:2c:a5:57:d1:07:6f:
aa:4e:9b:b7:9d:88:a3:76:e6:21:32:d4:39:b2:27:
e0:b1:19:29:a1:0a:39:4c:f0:16:32:f2:83:cd:20:
34:95:a3:91:3d:d7:5c:ea:c4:4a:00:c8:d0:20:7a:
c5:1b:59:14:bb:2e:5e:96:a6:f2:79:8b:f2:99:7d:
e5:fc:cd:7e:f8:a5:02:4a:cd:af:40:96:3a:5e:b2:
0c:14:71:90:75:84:6b:4a:20:05:3a:3c:ae:15:cd:
0c:9a:a2:b2:83:37:b3:81:02:49:0b:da:fc:26:4d:
cf:29:05:61:f5:48:8f:e4:3b:88:1e:9e:09:52:d2:
0a:48:97:6d:39:c9:7a:16:bd:f2:31:d9:64:18:db:
fa:e7:d0:0e:b2:cc:00:01:22:13:c6:96:3e:cf:a4:
3f:eb:83:39:b0:fa:91:7e:8c:54:f1:6d:0b:3c:ba:
50:5e:09:63:6e:28:80:4c:70:ed:47:f0:a9:bc:8b:
e2:09:e5:fd:a3:e6:69:7d:2c:b6:ef:cc:12:d3:80:
95:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:CB:1B:10:99:0A:62:E1:E7:03:23:21:85:BF:79:2F:1A:7A:D6:DA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0849241f-abaf-4c57-aadb-d881485a0aac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012::/38
Signature Algorithm: sha256WithRSAEncryption
74:dc:15:1b:1b:6e:34:8f:d2:d3:9a:0a:7d:87:ab:9b:b2:2e:
7b:f3:85:81:04:d0:f3:d3:2f:af:dd:2f:44:78:3e:a9:b6:84:
a1:dd:5e:bb:6a:eb:36:44:15:06:a5:73:5d:95:b3:84:02:b3:
22:a3:04:8b:33:39:17:98:fd:d7:9b:68:19:ac:15:c4:11:25:
a7:f8:cb:92:0a:0d:d5:d7:de:2f:e7:40:e0:ea:40:23:99:dd:
ba:1f:d6:d7:d6:61:43:ac:b6:d8:40:c7:a1:73:70:60:8b:4e:
ea:42:52:01:a5:82:3e:22:6b:91:a7:f3:1c:5d:8d:ec:3a:87:
55:13:3f:b1:9c:5e:6f:bb:52:20:fb:6c:b1:87:f8:63:76:47:
ea:b5:20:1b:cf:c5:cc:e8:94:3b:50:e3:78:71:c1:6d:ed:6c:
b3:b1:48:eb:f4:41:8c:31:02:02:d3:58:66:2f:5c:0f:a7:74:
cd:14:5e:57:e9:41:1b:4b:6b:76:db:52:ed:ea:ac:88:7b:56:
d7:fe:86:d6:56:6d:bb:86:3e:31:90:4c:2e:fd:ed:4f:9a:73:
66:9d:79:65:06:9d:f2:7c:d4:99:94:11:78:19:2b:ea:15:24:
3f:1c:43:46:f7:02:0c:89:e9:c3:68:ac:58:7d:ae:8f:c3:af:
8a:1d:fe:27
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAnpljTmJ0YBG8O9fhn96KcpM5nYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDExMTVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDViODJhZjJjZDQzZmM0YzNkNzBlMzNjZDkzNGYyOTZhMmIxOWE0YWQzMzRj
NDdlNTAwZTUzMDRhMTNiYWUyNWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMPz5eZPbQHp41shKVHSKEov8fxs3TikKvbKOlH33Dtvt2jdlsra8gsTEhZK
F1Mrvq5DwYBZLKVX0Qdvqk6bt52Io3bmITLUObIn4LEZKaEKOUzwFjLyg80gNJWj
kT3XXOrESgDI0CB6xRtZFLsuXpam8nmL8pl95fzNfvilAkrNr0CWOl6yDBRxkHWE
a0ogBTo8rhXNDJqisoM3s4ECSQva/CZNzykFYfVIj+Q7iB6eCVLSCkiXbTnJeha9
8jHZZBjb+ufQDrLMAAEiE8aWPs+kP+uDObD6kX6MVPFtCzy6UF4JY24ogExw7Ufw
qbyL4gnl/aPmaX0stu/MEtOAlRkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRmyxsQ
mQpi4ecDIyGFv3kvGnrW2jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDg0OTI0MWYtYWJhZi00YzU3LWFhZGItZDg4MTQ4NWEwYWFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BIA
MA0GCSqGSIb3DQEBCwUAA4IBAQB03BUbG240j9LTmgp9h6ubsi5784WBBNDz0y+v
3S9EeD6ptoSh3V67aus2RBUGpXNdlbOEArMiowSLMzkXmP3Xm2gZrBXEESWn+MuS
Cg3V194v50Dg6kAjmd26H9bX1mFDrLbYQMehc3Bgi07qQlIBpYI+ImuRp/McXY3s
OodVEz+xnF5vu1Ig+2yxh/hjdkfqtSAbz8XM6JQ7UON4ccFt7WyzsUjr9EGMMQIC
01hmL1wPp3TNFF5X6UEbS2t221Lt6qyIe1bX/obWVm27hj4xkEwu/e1PmnNmnXll
Bp3yfNSZlBF4GSvqFSQ/HENG9wIMienDaKxYfa6Pw6+KHf4n
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:51 2025 by rpki-client