Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/248ea861-facc-4167-976d-1e65c556b074.roa
File: 248ea861-facc-4167-976d-1e65c556b074.roa (raw, json)
Hash identifier: zF/qCdFY6oGzeSQ1dE/mDb7sAOAwD0+nQx60/ffOmZs=
Subject key identifier: 15:83:4C:5D:74:B3:CF:84:10:CB:EB:00:D0:22:98:C6:D7:C4:7C:6E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 73F9258DB9C7BCE0BFE6741A445A0A2D5561C53A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/248ea861-facc-4167-976d-1e65c556b074.roa
Signing time: Fri 25 Apr 2025 20:01:29 +0000
ROA not before: Fri 25 Apr 2025 20:01:29 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:f9:25:8d:b9:c7:bc:e0:bf:e6:74:1a:44:5a:0a:2d:55:61:c5:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:01:29 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=b4eb6abd2258d9bca1f2b530b14013eed1a098dfd8ad70965b062a67fa6a2297, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ac:38:51:96:c9:a7:50:05:0d:4c:1f:df:d8:
af:df:70:dd:47:77:49:aa:dc:73:b9:c7:ad:89:61:
52:af:ff:e0:3f:0a:a8:01:1c:8a:71:8f:29:3f:b5:
30:af:72:e5:8d:7f:ed:33:91:5e:ba:e9:a9:5d:cd:
39:a1:84:3f:e3:82:75:ee:68:4f:3c:6a:e7:74:bd:
e7:83:05:2e:ae:b7:a7:fc:2e:99:01:58:9b:16:23:
5d:5d:2d:22:a9:77:6e:b6:4b:4d:49:02:ef:4a:09:
62:05:73:12:fc:3d:06:3b:8d:4d:8c:e7:9b:a5:0f:
47:a2:d8:62:0a:fe:d3:c5:bf:97:5d:39:f4:65:41:
8a:e8:2f:78:94:1d:34:9e:8d:10:75:9d:67:10:8b:
7a:21:8b:5d:ba:33:10:ec:d1:2c:90:0b:63:6c:51:
aa:92:24:52:47:1e:3e:1f:b8:37:67:1a:8b:e1:f5:
68:99:63:a1:9d:7a:60:d9:d8:f2:df:0e:05:88:4a:
fc:06:26:c5:a1:3d:36:a6:a9:9d:e8:a1:e3:a4:6f:
86:87:9a:22:92:63:6b:2a:02:bb:df:b8:47:ef:a7:
ec:ba:45:4f:19:d3:37:90:c1:cd:60:bd:77:41:47:
76:b4:f0:2b:63:25:8d:fe:b8:93:ad:09:1d:61:a2:
24:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:83:4C:5D:74:B3:CF:84:10:CB:EB:00:D0:22:98:C6:D7:C4:7C:6E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/248ea861-facc-4167-976d-1e65c556b074.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:1000::/40
Signature Algorithm: sha256WithRSAEncryption
05:18:fc:e3:6a:c1:a2:2c:33:01:fe:3a:70:58:d1:a6:45:83:
1e:8d:f7:19:29:ff:23:e0:15:95:7b:0e:44:ae:99:88:32:93:
5e:bd:76:52:69:bf:82:3f:78:ca:f5:75:ea:32:30:2c:87:5a:
7e:af:5b:28:b9:a7:09:21:ff:69:6c:3d:b1:4d:87:c6:bf:f9:
6f:5f:50:7c:43:16:8a:9b:74:f6:ac:86:66:fa:fd:e5:bb:f7:
99:cf:d2:f9:18:5b:4c:1c:93:0c:7c:09:d5:42:fc:3f:05:55:
bf:7e:f3:cf:c0:5f:e7:f1:f0:df:aa:0c:2f:1b:67:17:3e:51:
ee:09:58:b3:e8:a7:28:d2:e9:05:08:6e:2d:d3:46:f5:e3:11:
89:e5:38:72:87:71:59:44:8a:ae:50:16:ea:f6:5d:ff:3d:a4:
d0:04:80:5f:a0:89:17:56:e6:2e:93:e8:ea:e4:3d:ff:e8:e4:
af:be:0b:a7:61:d2:a8:7f:5c:d8:50:d3:e0:d0:f3:02:68:58:
0a:92:12:4c:f9:1e:c1:32:35:ed:52:52:d0:09:02:b8:eb:e9:
00:1e:43:e3:b9:ba:65:9a:89:e3:f3:61:b6:87:e5:60:96:a7:
30:72:dd:81:10:99:3c:bc:11:c4:23:4e:2e:e4:e9:17:44:8a:
40:ac:34:f0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUc/kljbnHvOC/5nQaRFoKLVVhxTowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDAxMjlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGI0ZWI2YWJkMjI1OGQ5YmNhMWYyYjUzMGIxNDAxM2VlZDFhMDk4ZGZkOGFk
NzA5NjViMDYyYTY3ZmE2YTIyOTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANasOFGWyadQBQ1MH9/Yr99w3Ud3Sarcc7nHrYlhUq//4D8KqAEcinGPKT+1
MK9y5Y1/7TORXrrpqV3NOaGEP+OCde5oTzxq53S954MFLq63p/wumQFYmxYjXV0t
Iql3brZLTUkC70oJYgVzEvw9BjuNTYznm6UPR6LYYgr+08W/l1059GVBiugveJQd
NJ6NEHWdZxCLeiGLXbozEOzRLJALY2xRqpIkUkcePh+4N2cai+H1aJljoZ16YNnY
8t8OBYhK/AYmxaE9Nqapneih46RvhoeaIpJjayoCu9+4R++n7LpFTxnTN5DBzWC9
d0FHdrTwK2Mljf64k60JHWGiJFMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQVg0xd
dLPPhBDL6wDQIpjG18R8bjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjQ4ZWE4NjEtZmFjYy00MTY3LTk3NmQtMWU2NWM1NTZiMDc0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DYQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAFGPzjasGiLDMB/jpwWNGmRYMejfcZKf8j4BWV
ew5ErpmIMpNevXZSab+CP3jK9XXqMjAsh1p+r1souacJIf9pbD2xTYfGv/lvX1B8
QxaKm3T2rIZm+v3lu/eZz9L5GFtMHJMMfAnVQvw/BVW/fvPPwF/n8fDfqgwvG2cX
PlHuCViz6Kco0ukFCG4t00b14xGJ5Thyh3FZRIquUBbq9l3/PaTQBIBfoIkXVuYu
k+jq5D3/6OSvvgunYdKof1zYUNPg0PMCaFgKkhJM+R7BMjXtUlLQCQK46+kAHkPj
ubplmonj82G2h+Vglqcwct2BEJk8vBHEI04u5OkXRIpArDTw
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:03 2025 by rpki-client