Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1227050a-b689-4008-9742-9fbfc8bc271d.roa
File: 1227050a-b689-4008-9742-9fbfc8bc271d.roa (raw, json)
Hash identifier: USyPJ5ZbMT76QeJGC9C3fE2fLiROo3sch/EWcHt0EHw=
Subject key identifier: C4:22:21:4E:81:06:14:5E:6C:59:C3:15:A3:CF:66:CF:81:AE:13:93
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5ACD04E3291C3C8CA0D187A2B71DD813C24FE1E2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1227050a-b689-4008-9742-9fbfc8bc271d.roa
Signing time: Mon 21 Apr 2025 18:31:04 +0000
ROA not before: Mon 21 Apr 2025 18:31:04 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:cd:04:e3:29:1c:3c:8c:a0:d1:87:a2:b7:1d:d8:13:c2:4f:e1:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 21 18:31:04 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=6f4d0a6f89babf8f07e737ced3e8b86e47fdbd1c8602d4bd4c43650e811c3dec, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a0:c4:62:04:86:2d:69:3e:da:42:e1:3f:e7:
a3:f5:a9:07:45:be:48:31:14:bb:2d:ba:1b:e6:ae:
e3:c3:05:a9:ee:09:6a:9e:05:95:09:1a:b1:a8:9f:
74:64:3d:58:a7:17:29:ac:1e:8e:68:1d:a8:af:93:
ef:a3:14:b1:8c:1a:eb:d2:d5:40:4f:4e:9a:da:e1:
7c:be:95:3d:a5:92:87:38:18:29:d5:b9:ee:3e:c4:
da:f8:5f:7d:ba:85:1f:b9:95:6f:c8:b2:bd:8e:00:
54:0a:f6:5a:4f:c3:01:ea:28:83:ac:15:31:d8:c6:
d7:80:f0:6f:d7:ca:88:e8:37:e4:8f:d8:c2:bb:bf:
b6:67:46:be:80:85:0c:17:05:ed:0e:01:6c:55:21:
b1:75:d2:bc:cd:f2:38:06:3f:87:f7:3f:43:3c:85:
b7:e1:43:4f:20:69:b3:81:b0:0d:18:3b:00:b5:0e:
52:7c:b1:6b:cc:eb:eb:e0:e9:d7:90:2c:09:a9:6d:
4e:d5:b1:42:75:e6:12:58:aa:63:93:09:2f:4d:ad:
13:7b:3d:c1:14:64:0c:28:e3:b0:03:69:c7:3a:63:
c9:b9:b6:37:13:70:f8:45:3d:7a:f1:a3:8c:90:d9:
8d:bf:7c:9d:9c:9f:64:bd:0d:5a:7b:31:2d:f4:15:
54:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:22:21:4E:81:06:14:5E:6C:59:C3:15:A3:CF:66:CF:81:AE:13:93
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1227050a-b689-4008-9742-9fbfc8bc271d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:840::/48
Signature Algorithm: sha256WithRSAEncryption
bc:bb:c9:1b:7b:f7:f5:93:96:97:73:de:f3:d7:fb:82:44:36:
3e:b6:48:8c:cd:c9:61:ab:10:47:7d:9f:cc:c4:14:19:c5:d4:
a8:b1:d8:a8:06:37:5d:c0:8f:19:b3:43:89:b0:ce:75:b0:84:
5e:0e:fc:b7:cb:c9:1f:dd:23:e5:c7:d3:d5:1a:b4:ae:21:22:
bb:6b:28:ea:d6:8d:29:c9:6c:1d:40:3c:4d:87:9f:de:d7:c2:
e6:28:46:9d:6f:50:1c:d8:6e:cd:c2:62:27:3f:04:d0:43:fd:
4b:fe:0b:7f:69:0a:9b:e9:4c:4e:e4:88:ed:74:f3:f6:52:fb:
ab:15:3c:25:19:07:5e:62:1e:d7:75:62:4c:f4:95:bc:6f:45:
08:c3:e9:a8:34:20:9b:04:bd:25:1d:7a:b1:83:eb:a8:61:aa:
1c:71:2c:63:86:47:8e:bd:a5:0c:97:c0:29:9d:6f:e8:fb:30:
11:88:9c:a9:59:33:cf:d7:d4:60:30:29:a4:c5:63:f9:02:72:
7d:fc:dd:13:49:79:62:ec:04:c9:c3:c1:e2:49:53:bf:3a:77:
a2:b6:3b:65:94:a3:5f:f3:d9:46:50:c8:7a:da:57:a6:c0:5f:
f7:b9:48:22:21:a4:17:4c:12:1d:b6:7c:aa:8c:af:b1:92:3c:
a9:7e:51:50
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWs0E4ykcPIyg0Yeitx3YE8JP4eIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjExODMxMDRaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDZmNGQwYTZmODliYWJmOGYwN2U3MzdjZWQzZThiODZlNDdmZGJkMWM4NjAy
ZDRiZDRjNDM2NTBlODExYzNkZWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKigxGIEhi1pPtpC4T/no/WpB0W+SDEUuy26G+au48MFqe4Jap4FlQkasaif
dGQ9WKcXKawejmgdqK+T76MUsYwa69LVQE9OmtrhfL6VPaWShzgYKdW57j7E2vhf
fbqFH7mVb8iyvY4AVAr2Wk/DAeoog6wVMdjG14Dwb9fKiOg35I/Ywru/tmdGvoCF
DBcF7Q4BbFUhsXXSvM3yOAY/h/c/QzyFt+FDTyBps4GwDRg7ALUOUnyxa8zr6+Dp
15AsCaltTtWxQnXmEliqY5MJL02tE3s9wRRkDCjjsANpxzpjybm2NxNw+EU9evGj
jJDZjb98nZyfZL0NWnsxLfQVVEcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTEIiFO
gQYUXmxZwxWjz2bPga4TkzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTIyNzA1MGEtYjY4OS00MDA4LTk3NDItOWZiZmM4YmMyNzFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HQI
QDANBgkqhkiG9w0BAQsFAAOCAQEAvLvJG3v39ZOWl3Pe89f7gkQ2PrZIjM3JYasQ
R32fzMQUGcXUqLHYqAY3XcCPGbNDibDOdbCEXg78t8vJH90j5cfT1Rq0riEiu2so
6taNKclsHUA8TYef3tfC5ihGnW9QHNhuzcJiJz8E0EP9S/4Lf2kKm+lMTuSI7XTz
9lL7qxU8JRkHXmIe13ViTPSVvG9FCMPpqDQgmwS9JR16sYPrqGGqHHEsY4ZHjr2l
DJfAKZ1v6PswEYicqVkzz9fUYDAppMVj+QJyffzdE0l5YuwEycPB4klTvzp3orY7
ZZSjX/PZRlDIetpXpsBf97lIIiGkF0wSHbZ8qoyvsZI8qX5RUA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:28:12 2025 by rpki-client