Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09a66d07-54a4-4c26-8a49-e43710070e4d.roa
File: 09a66d07-54a4-4c26-8a49-e43710070e4d.roa (raw, json)
Hash identifier: ukzIR1+3f9eP0E0gE6LQWYyXGbGvgZwwVmaTOsf0P98=
Subject key identifier: EF:42:9A:48:00:A4:5D:07:C7:D9:55:34:CB:ED:9C:57:52:A4:68:28
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 171D15851AC4765137F38870F1593A1F5DD2C131
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09a66d07-54a4-4c26-8a49-e43710070e4d.roa
Signing time: Fri 25 Apr 2025 18:50:38 +0000
ROA not before: Fri 25 Apr 2025 18:50:38 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:1080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:1d:15:85:1a:c4:76:51:37:f3:88:70:f1:59:3a:1f:5d:d2:c1:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:50:38 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=669d047431399fdbd973ec7d255018af33304f4d4e4222429e9db18c43b99594, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:96:7d:e5:53:33:1c:ea:c4:ba:45:96:27:6f:
f8:3d:82:c6:ff:aa:4a:c8:b4:ec:48:32:5c:ea:a9:
5f:dc:54:26:87:12:21:6a:a4:45:8e:a0:47:bf:9b:
42:91:20:86:07:14:7d:b8:8a:fb:8f:cf:af:e0:a9:
b6:19:10:01:d4:41:c2:f3:47:3e:36:76:7e:41:bd:
8e:1a:4c:2b:e7:4b:b8:da:85:c0:93:54:0f:6a:d7:
e9:a1:44:d3:64:ba:a1:72:8b:10:e8:d1:77:e0:f4:
fa:56:35:41:66:ec:f3:a4:f7:cd:23:c9:88:c2:b3:
4e:3f:53:27:f4:54:30:58:30:93:0e:d0:55:cc:77:
83:11:05:0e:1e:b9:4a:9e:c7:7f:d2:62:55:f6:61:
ed:8a:77:0b:6f:2e:6f:2f:46:d4:fd:fc:ce:8e:f5:
48:37:8b:43:62:af:87:14:56:2e:f2:ff:25:6d:d6:
74:b6:16:9f:04:9e:0a:f8:76:ec:99:2d:70:28:a6:
a0:09:b5:34:cd:5d:42:e0:81:64:7d:a0:a3:73:a4:
42:2f:11:40:aa:33:46:aa:1d:7e:1e:7b:4d:1e:06:
a0:c8:ef:46:96:e3:54:03:8c:ca:c1:cc:51:28:ef:
31:a4:05:93:41:41:b1:7d:83:04:f0:bc:f9:c5:d0:
0b:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:42:9A:48:00:A4:5D:07:C7:D9:55:34:CB:ED:9C:57:52:A4:68:28
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09a66d07-54a4-4c26-8a49-e43710070e4d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:1080::/48
Signature Algorithm: sha256WithRSAEncryption
c0:3d:e9:dc:98:99:b1:65:4e:77:4d:32:a0:3b:f3:32:e9:f3:
56:c0:52:f2:2b:6d:4e:5c:ad:74:96:d1:d2:75:7f:0f:c4:3d:
a1:b8:9f:49:fe:0c:bc:db:4e:e6:4f:dc:4e:e2:c4:47:18:f9:
4c:5b:62:7e:4c:9b:99:4e:81:be:ec:e1:8b:ba:88:12:4c:13:
e7:95:bc:e3:1a:e6:fa:d3:19:8c:5a:92:8c:60:90:87:99:0d:
c9:e5:26:bb:8c:92:d8:15:5a:4c:1b:7e:6a:78:fc:d0:f9:72:
eb:f2:55:ad:c2:e2:ab:9e:5a:25:ec:5c:54:79:1d:b4:2f:87:
ec:2c:09:8b:14:78:49:05:d9:7e:16:15:07:8e:56:b5:52:4e:
29:89:d9:fd:cf:49:55:80:2e:9f:b2:a9:33:7e:eb:bf:42:58:
de:a2:d0:ad:02:72:05:79:62:95:a4:f3:39:5c:91:db:a4:da:
31:e6:a6:51:45:7f:8b:6d:7c:ea:e6:9f:d8:eb:87:56:22:c1:
e7:06:d8:55:ec:3c:10:26:b4:8a:77:76:b9:10:f2:fd:b8:3a:
57:07:4a:95:2e:53:38:ed:c7:29:db:6d:7e:35:2b:29:68:2f:
be:88:db:f3:fa:e7:21:1d:b7:2d:a0:d4:10:ca:01:93:be:3b:
33:4b:05:69
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFx0VhRrEdlE384hw8Vk6H13SwTEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODUwMzhaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDY2OWQwNDc0MzEzOTlmZGJkOTczZWM3ZDI1NTAxOGFmMzMzMDRmNGQ0ZTQy
MjI0MjllOWRiMThjNDNiOTk1OTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKCWfeVTMxzqxLpFlidv+D2Cxv+qSsi07EgyXOqpX9xUJocSIWqkRY6gR7+b
QpEghgcUfbiK+4/Pr+CpthkQAdRBwvNHPjZ2fkG9jhpMK+dLuNqFwJNUD2rX6aFE
02S6oXKLEOjRd+D0+lY1QWbs86T3zSPJiMKzTj9TJ/RUMFgwkw7QVcx3gxEFDh65
Sp7Hf9JiVfZh7Yp3C28uby9G1P38zo71SDeLQ2KvhxRWLvL/JW3WdLYWnwSeCvh2
7JktcCimoAm1NM1dQuCBZH2go3OkQi8RQKozRqodfh57TR4GoMjvRpbjVAOMysHM
USjvMaQFk0FBsX2DBPC8+cXQC90CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTvQppI
AKRdB8fZVTTL7ZxXUqRoKDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDlhNjZkMDctNTRhNC00YzI2LThhNDktZTQzNzEwMDcwZTRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8Q
gDANBgkqhkiG9w0BAQsFAAOCAQEAwD3p3JiZsWVOd00yoDvzMunzVsBS8ittTlyt
dJbR0nV/D8Q9obifSf4MvNtO5k/cTuLERxj5TFtifkybmU6Bvuzhi7qIEkwT55W8
4xrm+tMZjFqSjGCQh5kNyeUmu4yS2BVaTBt+anj80Ply6/JVrcLiq55aJexcVHkd
tC+H7CwJixR4SQXZfhYVB45WtVJOKYnZ/c9JVYAun7KpM37rv0JY3qLQrQJyBXli
laTzOVyR26TaMeamUUV/i2186uaf2OuHViLB5wbYVew8ECa0ind2uRDy/bg6VwdK
lS5TOO3HKdttfjUrKWgvvojb8/rnIR23LaDUEMoBk747M0sFaQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:57 2025 by rpki-client