Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ecc8db5-41b6-42fc-9e2e-98540aadd80f.roa
File: 1ecc8db5-41b6-42fc-9e2e-98540aadd80f.roa (raw, json)
Hash identifier: /M6V/CctSicpbWT2m4EBHQdcOx2EgoE3CmT4icd83Qc=
Subject key identifier: 19:94:D8:A7:31:EA:4F:F8:16:7D:2F:A9:F5:E1:C6:DB:82:B2:81:8B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 75F78CA0397BAEA4F4476399B621ECE3EF45F4E4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ecc8db5-41b6-42fc-9e2e-98540aadd80f.roa
Signing time: Fri 25 Apr 2025 18:10:13 +0000
ROA not before: Fri 25 Apr 2025 18:10:13 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:c080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:f7:8c:a0:39:7b:ae:a4:f4:47:63:99:b6:21:ec:e3:ef:45:f4:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:10:13 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=e705f7d6e0dcfac2d6c8de9bfe759d00afc3ddbb882adf441cdc364abe113476, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:6f:38:ce:40:36:20:b6:fb:d7:9b:21:d4:c8:
5e:1c:0e:c4:c7:8a:2a:0f:2d:fb:bb:02:68:d9:a5:
0b:36:fb:be:dd:18:8b:c6:8a:76:d5:5c:aa:4e:b6:
ba:93:09:3f:a5:42:40:80:fe:13:b7:99:7e:88:02:
cf:ab:83:98:ed:cc:1c:15:56:ed:3a:56:c1:7d:eb:
c0:1a:13:c4:d8:f5:5d:80:93:c8:6b:29:8c:fe:a9:
32:be:f2:eb:1d:2d:10:c3:de:df:71:23:ed:af:de:
93:44:3a:50:f1:0c:99:3a:5d:78:1e:ac:5c:92:57:
95:d1:9b:2e:20:1b:19:d8:b1:ba:83:21:39:b7:35:
79:8b:e0:53:4f:9e:27:23:ac:5a:cf:fc:75:b0:d6:
40:68:64:ab:6c:5f:8b:32:8f:4f:c9:31:84:e6:7b:
e7:4a:22:0e:ee:12:69:d5:2b:34:eb:9f:42:26:e6:
2f:c9:82:5d:8d:b1:c8:65:fd:a0:52:04:91:a7:c3:
e4:91:18:62:13:b2:12:41:72:08:b5:7d:ac:96:00:
2e:88:fd:e4:00:65:fd:1e:e1:88:e7:fb:cd:a3:2a:
8e:54:a9:de:6e:a6:06:17:16:4f:47:98:a0:d8:52:
aa:01:f9:bb:66:53:f6:fb:e9:d7:d1:09:c5:ba:fb:
39:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:94:D8:A7:31:EA:4F:F8:16:7D:2F:A9:F5:E1:C6:DB:82:B2:81:8B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ecc8db5-41b6-42fc-9e2e-98540aadd80f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:c080::/48
Signature Algorithm: sha256WithRSAEncryption
92:a8:54:d5:3a:8a:c4:c8:04:af:35:60:c6:ad:b2:f9:e2:9c:
1b:49:3b:ec:ac:15:fb:d8:16:fe:74:b5:5d:43:00:c6:87:47:
e3:7c:78:f9:3e:c3:3c:90:b9:bc:19:bf:ca:d6:e3:c3:7c:8b:
d9:a7:ae:fa:3d:19:a4:8a:01:13:84:ce:36:a3:ad:92:56:04:
5d:1f:44:fc:77:88:d6:a8:93:45:0a:00:6f:f6:44:a7:31:93:
fd:81:86:57:45:07:ee:67:cf:c5:03:13:b6:33:78:01:40:6d:
4f:a2:34:a6:f9:98:66:81:8f:33:67:d6:43:54:e3:85:3e:22:
62:78:49:d1:4a:9d:cd:b4:fb:82:60:52:6f:1d:e7:30:01:e5:
55:f7:a3:00:f9:aa:cb:ff:e4:53:fc:e7:74:b2:08:4e:8d:86:
45:67:96:a8:ac:60:cc:32:ff:7c:6f:2d:96:15:69:e8:f1:a5:
ab:6f:24:a8:28:62:ef:04:0c:bf:94:e2:df:ba:81:64:0c:8d:
75:5f:a1:48:87:44:ea:cf:0c:c9:41:50:34:26:33:43:49:2f:
48:85:a2:41:30:df:6b:ab:eb:17:e1:c3:7e:bb:c5:66:1f:32:
33:da:bc:df:05:48:d1:93:27:77:76:3b:c0:68:7c:70:62:c3:
36:f4:cb:56
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdfeMoDl7rqT0R2OZtiHs4+9F9OQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODEwMTNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3MDVmN2Q2ZTBkY2ZhYzJkNmM4ZGU5YmZlNzU5ZDAwYWZjM2RkYmI4ODJh
ZGY0NDFjZGMzNjRhYmUxMTM0NzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMNvOM5ANiC2+9ebIdTIXhwOxMeKKg8t+7sCaNmlCzb7vt0Yi8aKdtVcqk62
upMJP6VCQID+E7eZfogCz6uDmO3MHBVW7TpWwX3rwBoTxNj1XYCTyGspjP6pMr7y
6x0tEMPe33Ej7a/ek0Q6UPEMmTpdeB6sXJJXldGbLiAbGdixuoMhObc1eYvgU0+e
JyOsWs/8dbDWQGhkq2xfizKPT8kxhOZ750oiDu4SadUrNOufQibmL8mCXY2xyGX9
oFIEkafD5JEYYhOyEkFyCLV9rJYALoj95ABl/R7hiOf7zaMqjlSp3m6mBhcWT0eY
oNhSqgH5u2ZT9vvp19EJxbr7Ob0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQZlNin
MepP+BZ9L6n14cbbgrKBizAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWVjYzhkYjUtNDFiNi00MmZjLTllMmUtOTg1NDBhYWRkODBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HTA
gDANBgkqhkiG9w0BAQsFAAOCAQEAkqhU1TqKxMgErzVgxq2y+eKcG0k77KwV+9gW
/nS1XUMAxodH43x4+T7DPJC5vBm/ytbjw3yL2aeu+j0ZpIoBE4TONqOtklYEXR9E
/HeI1qiTRQoAb/ZEpzGT/YGGV0UH7mfPxQMTtjN4AUBtT6I0pvmYZoGPM2fWQ1Tj
hT4iYnhJ0UqdzbT7gmBSbx3nMAHlVfejAPmqy//kU/zndLIITo2GRWeWqKxgzDL/
fG8tlhVp6PGlq28kqChi7wQMv5Ti37qBZAyNdV+hSIdE6s8MyUFQNCYzQ0kvSIWi
QTDfa6vrF+HDfrvFZh8yM9q83wVI0ZMnd3Y7wGh8cGLDNvTLVg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:42 2025 by rpki-client