Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
File: 11f67075-d744-49be-809b-fca0d72c41e0.roa (raw, json)
Hash identifier: zCES+mTllbSC2gJXwXjgJ+Whgl+1hZxt9JPG6v8+93w=
Subject key identifier: EC:0F:5D:06:C1:47:FB:8D:6D:93:57:0F:F6:55:22:D4:14:AF:2F:5E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 437340158848F768F5D0B6E6E7ABCA0CB393A20E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
Signing time: Fri 25 Apr 2025 19:50:08 +0000
ROA not before: Fri 25 Apr 2025 19:50:08 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:73:40:15:88:48:f7:68:f5:d0:b6:e6:e7:ab:ca:0c:b3:93:a2:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:50:08 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=66f2d28975fc03eda1696997b853a3fa8e1a77aa81dc84366ea340c0bcf3ef0f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ec:93:25:9b:ec:8b:32:31:6c:ac:57:7c:a8:
a7:44:76:0d:ab:e8:87:77:92:e0:d2:07:20:3d:0f:
ca:2c:87:db:ce:38:de:fb:a3:3c:8a:16:18:6b:20:
42:37:6f:7b:6a:f1:66:17:25:c5:c3:e9:fb:17:0b:
38:b2:d0:63:76:da:28:77:f8:9e:ad:d7:ff:ce:ed:
b6:97:cf:25:94:9f:3c:cf:1f:2f:b9:3e:0b:69:75:
0c:7f:1d:1d:b8:d7:08:36:af:bd:ec:7e:30:a9:2d:
e4:5a:87:21:25:dd:23:1d:1c:54:05:e3:89:ae:85:
40:da:a1:ba:cb:f1:f8:ed:c7:1f:d9:6c:5b:65:30:
d8:d4:cd:65:75:2a:e4:08:ea:d5:39:63:b6:e4:7f:
6e:cf:97:b2:9c:7a:3a:df:c5:1d:93:57:af:80:bf:
ea:8a:83:f5:77:6e:29:68:fe:62:8e:fd:6d:47:2c:
d1:75:33:db:74:74:bf:95:f1:b4:79:36:cc:8a:34:
cf:c6:d5:fc:1d:4f:5e:24:62:2f:19:d1:21:32:86:
26:1f:0a:49:29:28:e5:54:05:fb:6a:c6:db:c9:92:
03:50:8f:f8:12:2c:9e:e6:d5:f7:0b:41:04:d6:80:
13:9a:a5:49:a0:03:81:2f:27:8c:b2:4f:6f:ac:24:
ed:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:0F:5D:06:C1:47:FB:8D:6D:93:57:0F:F6:55:22:D4:14:AF:2F:5E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:2000::/40
Signature Algorithm: sha256WithRSAEncryption
c0:a0:b0:6a:f8:70:6a:10:41:16:9c:7d:8f:72:df:91:3e:3f:
63:02:f9:19:b8:fe:5a:11:a4:48:0d:56:2c:33:77:c7:e5:69:
ed:d8:dc:6c:57:26:50:56:4c:0e:2f:2e:d2:7e:25:1a:1b:6d:
96:a0:8a:5c:22:86:8f:8f:70:eb:83:cf:4a:99:2e:55:db:a5:
d4:4e:18:95:a8:ad:7c:c5:f9:b4:ab:e8:e0:63:62:8f:1e:57:
75:6d:22:e9:6f:72:bf:b1:12:ea:19:0e:2c:a3:4e:1e:57:4c:
ac:67:9e:d7:67:89:83:31:8e:f9:ae:80:46:47:22:d0:83:7c:
30:f1:6b:7e:9d:5b:87:98:11:a8:77:fb:58:41:b4:aa:24:a8:
64:d9:68:34:94:11:44:4f:1f:a6:94:cc:14:05:ca:97:8c:2a:
be:9c:01:6e:40:9a:e8:d8:38:5e:89:ef:3d:8f:98:79:13:3a:
d9:7b:8c:b6:a9:2a:87:e8:25:e2:ae:4f:d1:8c:8b:ca:96:be:
7a:9d:d2:c1:76:af:cd:22:09:cb:96:63:e8:55:ad:3d:24:25:
4a:a0:e7:7e:e2:f5:57:42:8d:cd:e6:a7:fa:a2:bf:45:70:67:
8d:09:73:f9:66:cb:da:77:4f:66:97:38:9e:03:a9:0a:5d:af:
45:14:da:04
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQ3NAFYhI92j10Lbm56vKDLOTog4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTUwMDhaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDY2ZjJkMjg5NzVmYzAzZWRhMTY5Njk5N2I4NTNhM2ZhOGUxYTc3YWE4MWRj
ODQzNjZlYTM0MGMwYmNmM2VmMGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7skyWb7IsyMWysV3yop0R2Davoh3eS4NIHID0PyiyH28443vujPIoWGGsg
Qjdve2rxZhclxcPp+xcLOLLQY3baKHf4nq3X/87ttpfPJZSfPM8fL7k+C2l1DH8d
HbjXCDavvex+MKkt5FqHISXdIx0cVAXjia6FQNqhusvx+O3HH9lsW2Uw2NTNZXUq
5Ajq1TljtuR/bs+Xspx6Ot/FHZNXr4C/6oqD9XduKWj+Yo79bUcs0XUz23R0v5Xx
tHk2zIo0z8bV/B1PXiRiLxnRITKGJh8KSSko5VQF+2rG28mSA1CP+BIsnubV9wtB
BNaAE5qlSaADgS8njLJPb6wk7T0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTsD10G
wUf7jW2TVw/2VSLUFK8vXjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTFmNjcwNzUtZDc0NC00OWJlLTgwOWItZmNhMGQ3MmM0MWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hgg
MA0GCSqGSIb3DQEBCwUAA4IBAQDAoLBq+HBqEEEWnH2Pct+RPj9jAvkZuP5aEaRI
DVYsM3fH5Wnt2NxsVyZQVkwOLy7SfiUaG22WoIpcIoaPj3Drg89KmS5V26XUThiV
qK18xfm0q+jgY2KPHld1bSLpb3K/sRLqGQ4so04eV0ysZ57XZ4mDMY75roBGRyLQ
g3ww8Wt+nVuHmBGod/tYQbSqJKhk2Wg0lBFETx+mlMwUBcqXjCq+nAFuQJro2Dhe
ie89j5h5EzrZe4y2qSqH6CXirk/RjIvKlr56ndLBdq/NIgnLlmPoVa09JCVKoOd+
4vVXQo3N5qf6or9FcGeNCXP5Zsvad09mlzieA6kKXa9FFNoE
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:35:26 2025 by rpki-client