Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e2b690d-f31c-40a8-ab0c-dce5cc8dd858.roa
File: 0e2b690d-f31c-40a8-ab0c-dce5cc8dd858.roa (raw, json)
Hash identifier: cQkGHNhmp/KEWvnM90tSNhtT6QL49koPFlUxptNuRzM=
Subject key identifier: B2:FF:46:48:83:C0:80:D0:F4:31:87:38:BC:E2:24:2B:93:74:D9:60
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0A962DCDD8477113905BC1AECAACC3CBEA93F118
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e2b690d-f31c-40a8-ab0c-dce5cc8dd858.roa
Signing time: Thu 17 Apr 2025 20:36:48 +0000
ROA not before: Thu 17 Apr 2025 20:36:48 +0000
ROA not after: Thu 22 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05b:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:96:2d:cd:d8:47:71:13:90:5b:c1:ae:ca:ac:c3:cb:ea:93:f1:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 20:36:48 2025 GMT
Not After : May 22 23:59:59 2025 GMT
Subject: serialNumber=c7115ba9bdd43e974c59e1eceee907015c72bb1349cfc570b326829b6eaea2e9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6a:05:0e:b6:53:74:fa:8a:8a:69:bb:85:ca:
66:2b:da:8f:be:35:93:3d:77:d6:19:a7:ca:91:55:
b7:75:07:a6:aa:59:8d:b3:01:f3:ac:91:2c:04:dc:
7b:5c:7a:6d:de:6c:55:cb:9d:96:3b:eb:ae:c2:d5:
6b:1a:82:67:78:46:1f:e5:8e:54:1a:5a:9b:91:ed:
c8:67:62:0c:75:45:0d:95:b3:63:29:2f:e8:b3:70:
40:02:c0:e1:a8:92:1f:66:97:fc:0f:20:e8:e0:75:
bc:ce:64:6d:6d:fc:52:3f:6b:82:33:cf:ef:73:ae:
1b:9b:3e:cd:d3:69:39:fe:22:0b:dc:cf:d4:05:af:
1f:c3:fd:09:43:6f:61:be:ab:e0:68:5b:7a:ee:92:
9a:d9:08:29:a3:b0:8a:29:a3:a3:4a:8d:e5:b3:2e:
ab:69:03:2d:3e:df:55:9a:98:25:bd:a3:af:dc:be:
ac:bb:6e:a8:af:f8:b4:51:47:1e:6e:44:3e:b2:07:
77:af:e8:05:e9:9e:b8:81:77:14:03:21:29:5d:ff:
8e:e2:37:19:30:c7:55:19:7a:7c:c0:3e:de:2d:7e:
7d:74:45:bd:ee:e5:cd:ae:e1:22:58:92:95:fa:03:
30:87:65:0d:11:8d:77:f0:d5:9b:4a:11:1f:22:3a:
79:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:FF:46:48:83:C0:80:D0:F4:31:87:38:BC:E2:24:2B:93:74:D9:60
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e2b690d-f31c-40a8-ab0c-dce5cc8dd858.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05b:2000::/40
Signature Algorithm: sha256WithRSAEncryption
2b:50:49:1a:92:aa:65:4a:46:a8:10:29:e8:54:5e:21:31:a5:
b8:1b:09:08:74:04:c7:a8:e8:3c:c0:30:c1:5d:8f:d6:08:a1:
aa:a4:8f:9d:b3:5b:8c:27:65:5c:f6:b7:66:05:e7:d1:88:0b:
1d:0c:fb:fd:a1:70:77:59:e1:2f:77:ab:47:eb:a1:6b:76:22:
f6:72:c8:5a:12:3e:0a:a6:57:eb:98:c7:af:ef:d1:79:e0:66:
3a:bb:2c:22:a7:02:02:06:bb:0e:7f:e9:89:a3:69:f9:19:1b:
44:ca:a3:e5:07:b3:17:bd:53:ad:73:ac:bf:cf:f9:1f:0d:18:
8c:96:6a:52:56:fe:66:b0:b7:29:a8:19:b0:fe:d5:7f:3e:2e:
3c:f1:14:93:23:ec:eb:f5:29:74:f8:7e:93:c8:d9:44:9f:18:
a1:09:c8:c0:05:18:05:5c:2d:79:93:e4:05:63:6b:db:44:f7:
77:ab:1e:94:92:9c:c0:fd:c9:90:a5:f9:ec:32:bf:94:36:7f:
3d:36:c5:03:81:eb:dc:fb:1b:75:41:d3:b9:27:ea:66:30:93:
8f:ad:f6:35:b1:dd:c1:38:2a:c6:78:f5:f2:1d:f7:a3:ff:a2:
12:ad:98:2c:2d:a6:ec:94:59:32:25:6c:e2:74:cf:49:da:1b:
52:50:46:4c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCpYtzdhHcROQW8GuyqzDy+qT8RgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTcyMDM2NDhaFw0yNTA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGM3MTE1YmE5YmRkNDNlOTc0YzU5ZTFlY2VlZTkwNzAxNWM3MmJiMTM0OWNm
YzU3MGIzMjY4MjliNmVhZWEyZTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALtqBQ62U3T6ioppu4XKZivaj741kz131hmnypFVt3UHpqpZjbMB86yRLATc
e1x6bd5sVcudljvrrsLVaxqCZ3hGH+WOVBpam5HtyGdiDHVFDZWzYykv6LNwQALA
4aiSH2aX/A8g6OB1vM5kbW38Uj9rgjPP73OuG5s+zdNpOf4iC9zP1AWvH8P9CUNv
Yb6r4Ghbeu6SmtkIKaOwiimjo0qN5bMuq2kDLT7fVZqYJb2jr9y+rLtuqK/4tFFH
Hm5EPrIHd6/oBemeuIF3FAMhKV3/juI3GTDHVRl6fMA+3i1+fXRFve7lza7hIliS
lfoDMIdlDRGNd/DVm0oRHyI6ecECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSy/0ZI
g8CA0PQxhzi84iQrk3TZYDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGUyYjY5MGQtZjMxYy00MGE4LWFiMGMtZGNlNWNjOGRkODU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fsg
MA0GCSqGSIb3DQEBCwUAA4IBAQArUEkakqplSkaoECnoVF4hMaW4GwkIdATHqOg8
wDDBXY/WCKGqpI+ds1uMJ2Vc9rdmBefRiAsdDPv9oXB3WeEvd6tH66FrdiL2csha
Ej4KplfrmMev79F54GY6uywipwICBrsOf+mJo2n5GRtEyqPlB7MXvVOtc6y/z/kf
DRiMlmpSVv5msLcpqBmw/tV/Pi488RSTI+zr9Sl0+H6TyNlEnxihCcjABRgFXC15
k+QFY2vbRPd3qx6UkpzA/cmQpfnsMr+UNn89NsUDgevc+xt1QdO5J+pmMJOPrfY1
sd3BOCrGePXyHfej/6ISrZgsLabslFkyJWzidM9J2htSUEZM
-----END CERTIFICATE-----
Generated at Mon Apr 28 13:15:54 2025 by rpki-client