Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2133a9e1-9f3c-4662-b3c3-5cea0c9406cc.roa
File: 2133a9e1-9f3c-4662-b3c3-5cea0c9406cc.roa (raw, json)
Hash identifier: rzJ7Lrjh3/uncjtxVVwbFBgv5himGR+YW0D+r7tTfSY=
Subject key identifier: EE:F0:42:A8:2A:0E:A1:BC:8B:C0:F1:81:E4:82:75:E7:E9:08:2A:1E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 193FECC6CEFEB779CE871F7E2601984F9CF04C35
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2133a9e1-9f3c-4662-b3c3-5cea0c9406cc.roa
Signing time: Fri 25 Apr 2025 19:10:13 +0000
ROA not before: Fri 25 Apr 2025 19:10:13 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:9080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:3f:ec:c6:ce:fe:b7:79:ce:87:1f:7e:26:01:98:4f:9c:f0:4c:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:10:13 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=90c73fb4edcf62839cbaaab864d3ec08de25a71e18ee9f26dc638705a640c1b2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d5:ec:1e:d4:fd:d7:c3:98:cb:29:2a:cf:69:
28:d3:bd:36:9d:7c:47:9b:b2:57:3f:d1:e3:d6:06:
5b:44:81:ae:d1:ff:b5:b7:1f:d1:94:a8:cd:ae:df:
94:16:15:8c:5c:46:7f:f5:1c:53:26:62:e9:8b:d0:
0c:bf:13:e9:60:d0:72:31:7c:a9:d6:eb:ba:85:9a:
79:f1:8e:9d:8f:b2:75:53:05:61:8f:68:0f:e3:85:
b0:d8:cc:c5:08:55:e9:d0:40:86:07:00:41:30:da:
8a:c8:be:81:2c:98:19:e4:b9:9c:b4:be:36:5b:fa:
3b:d3:a2:41:43:8a:67:f5:f9:ba:7a:70:02:17:bd:
c0:14:06:fe:9a:b5:da:2d:c5:a4:c2:cc:26:ff:ad:
d2:9d:0b:20:2a:2a:91:f9:1f:32:9c:09:d0:b0:fb:
cd:17:86:00:7c:56:29:a9:4e:d5:0b:9f:cb:ba:e9:
08:0e:45:3f:32:c2:09:f0:22:90:92:e4:50:54:43:
8d:fc:3b:34:7d:61:7d:56:7b:df:1f:cd:cd:d8:cb:
99:b0:59:34:d5:f0:8a:55:58:01:c0:82:f9:e3:6d:
11:fb:e4:b7:18:36:a8:42:4d:23:88:d5:9d:6f:cb:
e3:b5:ec:06:b1:c1:cd:b4:17:3d:4d:fd:e3:34:9f:
a9:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:F0:42:A8:2A:0E:A1:BC:8B:C0:F1:81:E4:82:75:E7:E9:08:2A:1E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2133a9e1-9f3c-4662-b3c3-5cea0c9406cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:9080::/46
Signature Algorithm: sha256WithRSAEncryption
a3:0b:dc:4d:1d:62:ff:9c:11:2a:5f:07:31:69:40:53:73:6a:
da:d8:70:67:b9:c5:72:4c:00:4e:5f:89:d7:bb:db:ff:c2:b1:
39:c8:ca:ab:5c:57:57:4e:27:13:b8:3c:a4:4c:8a:05:41:dd:
df:44:32:cc:7d:26:a2:02:67:69:e4:d1:19:0f:ad:93:46:27:
f6:90:8a:5d:e3:8b:d2:60:cc:58:06:c4:49:4b:89:10:40:e0:
7e:dc:24:3d:ed:3b:d9:e4:de:3d:79:0a:32:30:cd:b9:ec:85:
6d:6f:0e:94:f6:dc:1d:f2:ca:3e:cf:b4:ed:9e:b6:a5:c9:43:
fb:9f:46:0b:62:c1:6e:90:4d:52:2d:1d:4d:76:33:28:08:c7:
c4:0e:fe:f5:36:dd:a3:54:c1:df:ec:6d:f8:51:19:26:29:cd:
47:76:4f:7f:b7:fa:f6:66:56:7d:76:ac:13:7e:88:44:99:8e:
14:88:19:08:13:c4:ef:9c:8c:47:ea:0a:1e:b5:f4:92:7d:d9:
24:26:cf:ef:67:43:64:db:83:5e:25:e6:55:42:8c:83:f7:e1:
e7:69:76:5b:b2:7e:5b:d5:43:7b:ad:db:51:1d:50:65:3d:06:
a5:54:06:85:71:2d:db:42:97:c4:2d:a0:15:dd:90:46:48:70:
06:ad:e0:cd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGT/sxs7+t3nOhx9+JgGYT5zwTDUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTEwMTNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDkwYzczZmI0ZWRjZjYyODM5Y2JhYWFiODY0ZDNlYzA4ZGUyNWE3MWUxOGVl
OWYyNmRjNjM4NzA1YTY0MGMxYjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKfV7B7U/dfDmMspKs9pKNO9Np18R5uyVz/R49YGW0SBrtH/tbcf0ZSoza7f
lBYVjFxGf/UcUyZi6YvQDL8T6WDQcjF8qdbruoWaefGOnY+ydVMFYY9oD+OFsNjM
xQhV6dBAhgcAQTDaisi+gSyYGeS5nLS+Nlv6O9OiQUOKZ/X5unpwAhe9wBQG/pq1
2i3FpMLMJv+t0p0LICoqkfkfMpwJ0LD7zReGAHxWKalO1Qufy7rpCA5FPzLCCfAi
kJLkUFRDjfw7NH1hfVZ73x/NzdjLmbBZNNXwilVYAcCC+eNtEfvktxg2qEJNI4jV
nW/L47XsBrHBzbQXPU394zSfqWUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTu8EKo
Kg6hvIvA8YHkgnXn6QgqHjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjEzM2E5ZTEtOWYzYy00NjYyLWIzYzMtNWNlYTBjOTQwNmNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DWQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAowvcTR1i/5wRKl8HMWlAU3Nq2thwZ7nFckwA
Tl+J17vb/8KxOcjKq1xXV04nE7g8pEyKBUHd30QyzH0mogJnaeTRGQ+tk0Yn9pCK
XeOL0mDMWAbESUuJEEDgftwkPe072eTePXkKMjDNueyFbW8OlPbcHfLKPs+07Z62
pclD+59GC2LBbpBNUi0dTXYzKAjHxA7+9Tbdo1TB3+xt+FEZJinNR3ZPf7f69mZW
fXasE36IRJmOFIgZCBPE75yMR+oKHrX0kn3ZJCbP72dDZNuDXiXmVUKMg/fh52l2
W7J+W9VDe63bUR1QZT0GpVQGhXEt20KXxC2gFd2QRkhwBq3gzQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:35:43 2025 by rpki-client