Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa
File: 09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa (raw, json)
Hash identifier: hFNWYHOeCNBloi/Cxp6pWvtOTHlwmG197Fds0g4FWXU=
Subject key identifier: 67:DC:07:19:78:2C:21:5F:B0:55:CD:8E:F9:30:A6:80:DC:EF:69:30
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 55B89B2573CA3ADE9CC025EACA78A67101A2FCDD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa
Signing time: Fri 25 Apr 2025 18:41:38 +0000
ROA not before: Fri 25 Apr 2025 18:41:38 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:b8:9b:25:73:ca:3a:de:9c:c0:25:ea:ca:78:a6:71:01:a2:fc:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:41:38 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=dbaac34af7725f0170487bf2606ef01313253b968f22b3f1e34cb9c09034bd79, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a3:c6:1f:8f:6c:0d:d3:b1:ee:aa:c9:63:67:
5f:1d:26:e7:b9:5d:a3:a0:70:7b:50:c8:74:ef:81:
d8:35:07:cc:0f:af:96:36:bd:a3:0e:87:8d:6a:e4:
fe:ec:46:2b:af:a8:ef:6f:56:8f:9c:3b:40:6c:d9:
fd:16:58:3c:21:cb:35:f7:0d:77:bc:a3:ba:bd:66:
e4:f1:e9:94:17:d2:a3:7e:0a:76:3f:e1:77:7d:a2:
f3:8b:12:9d:73:03:31:00:4a:91:18:22:33:19:32:
54:c7:66:8c:10:d3:fc:11:e5:ca:48:3b:11:6f:af:
77:b1:72:02:c3:09:ad:bf:73:96:6b:7b:17:e0:5c:
d2:2a:7a:b0:b5:0b:7c:1a:21:93:f4:38:7a:ce:11:
7b:95:85:cd:68:35:a8:5f:32:77:2c:0c:30:de:64:
79:9f:87:b2:9d:9e:79:ee:50:60:6c:a8:2a:f3:fb:
e9:25:a5:61:9b:ee:ca:fe:62:4b:5c:d4:55:07:a0:
0c:4f:46:19:46:97:97:69:b8:9d:6f:69:93:4d:52:
46:d2:99:87:10:2d:2a:ce:95:93:59:6a:a3:34:3a:
47:11:ef:11:2a:bb:ca:21:d3:e4:b7:0b:08:52:08:
cc:79:9c:60:02:4d:35:ad:6e:72:38:16:09:7e:8f:
7f:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:DC:07:19:78:2C:21:5F:B0:55:CD:8E:F9:30:A6:80:DC:EF:69:30
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8020::/48
Signature Algorithm: sha256WithRSAEncryption
2f:6e:17:89:09:19:41:00:2e:0b:34:c4:9a:46:5a:8c:4d:ea:
ae:4f:b4:97:cc:ce:39:61:c0:d7:15:a1:f7:73:74:66:26:eb:
91:75:ad:bb:67:08:6d:21:1c:a7:b5:e3:14:dc:83:43:18:d6:
cf:da:d8:bc:dd:f2:b5:72:a4:fb:e2:fe:5a:e3:db:66:1f:7d:
7b:e0:e5:20:63:11:8e:4b:dc:a1:41:02:e3:ac:f8:3f:23:60:
69:f2:df:0e:06:72:f4:0d:1e:c0:c5:19:d9:82:20:13:de:ac:
63:7c:9b:c1:51:28:db:a8:0a:9d:05:9f:a7:58:c3:95:ed:c9:
3e:be:05:d0:02:a2:37:dd:e4:7b:74:9f:47:1c:99:ff:b5:5e:
c0:50:ec:27:b8:9c:32:0f:3e:86:9c:ed:88:92:cc:e3:e6:f0:
55:95:1a:16:d9:ce:0f:ff:64:fd:8a:66:eb:c2:f1:07:81:57:
8c:a7:05:ac:31:e3:f4:6d:55:89:66:00:18:57:e4:40:23:d5:
a6:8e:e7:c0:ea:1d:71:5c:b1:b7:c6:fd:5e:bc:59:d1:a5:64:
13:75:00:7f:1d:ba:33:74:6d:4c:42:53:b8:db:26:ee:45:97:
d9:88:87:a4:b1:e4:a2:0b:22:33:cd:af:e2:8a:81:bb:96:43:
c3:fd:72:2d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVbibJXPKOt6cwCXqynimcQGi/N0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODQxMzhaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiYWFjMzRhZjc3MjVmMDE3MDQ4N2JmMjYwNmVmMDEzMTMyNTNiOTY4ZjIy
YjNmMWUzNGNiOWMwOTAzNGJkNzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJSjxh+PbA3Tse6qyWNnXx0m57ldo6Bwe1DIdO+B2DUHzA+vlja9ow6HjWrk
/uxGK6+o729Wj5w7QGzZ/RZYPCHLNfcNd7yjur1m5PHplBfSo34Kdj/hd32i84sS
nXMDMQBKkRgiMxkyVMdmjBDT/BHlykg7EW+vd7FyAsMJrb9zlmt7F+Bc0ip6sLUL
fBohk/Q4es4Re5WFzWg1qF8ydywMMN5keZ+Hsp2eee5QYGyoKvP76SWlYZvuyv5i
S1zUVQegDE9GGUaXl2m4nW9pk01SRtKZhxAtKs6Vk1lqozQ6RxHvESq7yiHT5LcL
CFIIzHmcYAJNNa1ucjgWCX6Pf1ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRn3AcZ
eCwhX7BVzY75MKaA3O9pMDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDlmNjRlZGEtMmI5Yy00Yzg5LThlYjQtN2NmYjA4YjJiYTA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA
IDANBgkqhkiG9w0BAQsFAAOCAQEAL24XiQkZQQAuCzTEmkZajE3qrk+0l8zOOWHA
1xWh93N0ZibrkXWtu2cIbSEcp7XjFNyDQxjWz9rYvN3ytXKk++L+WuPbZh99e+Dl
IGMRjkvcoUEC46z4PyNgafLfDgZy9A0ewMUZ2YIgE96sY3ybwVEo26gKnQWfp1jD
le3JPr4F0AKiN93ke3SfRxyZ/7VewFDsJ7icMg8+hpztiJLM4+bwVZUaFtnOD/9k
/Ypm68LxB4FXjKcFrDHj9G1ViWYAGFfkQCPVpo7nwOodcVyxt8b9XrxZ0aVkE3UA
fx26M3RtTEJTuNsm7kWX2YiHpLHkogsiM82v4oqBu5ZDw/1yLQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:21 2025 by rpki-client