Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e68fbde-eead-4e29-b902-4eed053693ac.roa
File: 0e68fbde-eead-4e29-b902-4eed053693ac.roa (raw, json)
Hash identifier: PM+WOrEks/MwrUUpjb/8rRLszJfssnzrNP3K3XKnPrg=
Subject key identifier: 1D:A9:DE:E4:F5:EF:1F:7A:B8:54:28:62:ED:C8:86:3A:27:63:58:B5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7D24201EEF4089BA1390AE395C478FC7C29245CC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e68fbde-eead-4e29-b902-4eed053693ac.roa
Signing time: Fri 25 Apr 2025 20:20:12 +0000
ROA not before: Fri 25 Apr 2025 20:20:12 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01b::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:24:20:1e:ef:40:89:ba:13:90:ae:39:5c:47:8f:c7:c2:92:45:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:20:12 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=fea7434167edbeaa749fa9761b531851ce3afc0821f8680b83806d3fc70c4058, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:80:e9:24:89:4e:de:26:05:d8:a7:16:e4:ff:
d7:f6:36:1f:5b:00:69:9b:16:61:4a:03:e1:63:f1:
a2:8e:fe:b7:1c:60:f3:b8:ef:18:46:fe:4d:2b:b2:
ae:80:44:5b:ca:36:1e:d9:1d:19:41:a2:6f:f1:d1:
3b:94:3d:6d:7d:cf:df:b0:57:09:f0:fe:49:7d:80:
31:9d:89:d6:9e:55:be:82:ba:e0:4d:ee:44:73:63:
06:45:e6:4c:ce:4b:9e:7b:36:8b:ae:28:ec:8d:5b:
71:53:c4:68:d9:cc:61:98:bc:02:3b:b7:bb:7e:6e:
e1:3b:f1:c9:ba:29:0a:ee:e8:4f:fd:ff:49:3a:0a:
a4:7e:87:d0:49:ef:76:c3:6d:80:e0:bc:3b:94:de:
ee:d6:3f:9f:3b:1e:25:07:67:ae:b2:c2:19:99:5e:
a7:d7:4e:3d:52:a8:14:95:ba:cf:47:2f:d2:3f:f0:
fd:71:92:98:6a:00:65:92:b6:d4:00:65:6d:3a:27:
95:a7:9e:9d:bc:da:c4:2b:98:1c:22:94:d3:13:73:
48:68:cb:29:13:d6:cc:6e:80:22:84:b9:e7:0a:6c:
a5:f4:77:c0:3b:67:ad:aa:05:bc:21:07:9e:02:34:
76:90:a4:46:c6:38:05:bb:b6:1c:d5:af:1b:d9:9f:
2b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:A9:DE:E4:F5:EF:1F:7A:B8:54:28:62:ED:C8:86:3A:27:63:58:B5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e68fbde-eead-4e29-b902-4eed053693ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01b::/36
Signature Algorithm: sha256WithRSAEncryption
56:a9:c8:47:4b:14:78:be:99:8b:4e:c1:40:93:67:1a:e3:52:
98:9d:47:99:34:ca:af:72:13:69:d0:66:60:56:3b:c9:f7:9d:
4c:dd:cf:fb:df:ed:e0:2c:48:ee:49:5f:ea:f8:67:a6:89:09:
42:1c:35:c3:d8:86:b3:92:c2:07:b3:d3:e2:20:af:25:dd:f5:
9d:33:f2:22:f7:4c:42:f4:09:7e:9f:5a:bd:ae:f6:60:4a:73:
21:d2:ee:5d:b6:d9:c2:73:7a:63:13:a1:be:58:5d:8f:51:f2:
03:59:3e:f3:98:7e:99:7d:85:77:4b:e1:13:e6:2b:56:99:45:
a2:f2:f9:94:71:c6:6b:e5:e9:8b:3c:68:87:0a:8d:7c:dc:24:
4e:ee:65:be:a3:b6:f5:6a:2d:18:21:67:48:96:35:b8:e3:1c:
de:31:40:89:14:66:e8:96:68:bb:f1:14:1f:41:32:92:ea:9a:
21:09:87:0b:23:d2:96:03:25:b2:ff:2e:d3:aa:e9:18:d7:15:
08:10:08:64:95:5c:00:ac:37:af:01:18:ed:23:7b:be:bc:91:
37:37:9a:f9:f4:70:36:6e:fb:c1:c6:fd:6e:e7:7a:cf:14:21:
ac:f8:c1:56:5c:3e:d7:9c:c9:5e:94:33:e8:20:d5:76:0a:7a:
65:b5:b0:2d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfSQgHu9AiboTkK45XEePx8KSRcwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDIwMTJaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGZlYTc0MzQxNjdlZGJlYWE3NDlmYTk3NjFiNTMxODUxY2UzYWZjMDgyMWY4
NjgwYjgzODA2ZDNmYzcwYzQwNTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALiA6SSJTt4mBdinFuT/1/Y2H1sAaZsWYUoD4WPxoo7+txxg87jvGEb+TSuy
roBEW8o2HtkdGUGib/HRO5Q9bX3P37BXCfD+SX2AMZ2J1p5VvoK64E3uRHNjBkXm
TM5Lnns2i64o7I1bcVPEaNnMYZi8Aju3u35u4TvxybopCu7oT/3/SToKpH6H0Env
dsNtgOC8O5Te7tY/nzseJQdnrrLCGZlep9dOPVKoFJW6z0cv0j/w/XGSmGoAZZK2
1ABlbTonlaeenbzaxCuYHCKU0xNzSGjLKRPWzG6AIoS55wpspfR3wDtnraoFvCEH
ngI0dpCkRsY4Bbu2HNWvG9mfK/8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQdqd7k
9e8ferhUKGLtyIY6J2NYtTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGU2OGZiZGUtZWVhZC00ZTI5LWI5MDItNGVlZDA1MzY5M2FjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BsA
MA0GCSqGSIb3DQEBCwUAA4IBAQBWqchHSxR4vpmLTsFAk2ca41KYnUeZNMqvchNp
0GZgVjvJ951M3c/73+3gLEjuSV/q+GemiQlCHDXD2IazksIHs9PiIK8l3fWdM/Ii
90xC9Al+n1q9rvZgSnMh0u5dttnCc3pjE6G+WF2PUfIDWT7zmH6ZfYV3S+ET5itW
mUWi8vmUccZr5emLPGiHCo183CRO7mW+o7b1ai0YIWdIljW44xzeMUCJFGbolmi7
8RQfQTKS6pohCYcLI9KWAyWy/y7TqukY1xUIEAhklVwArDevARjtI3u+vJE3N5r5
9HA2bvvBxv1u53rPFCGs+MFWXD7XnMlelDPoINV2CnpltbAt
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:16 2025 by rpki-client