Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2cee858e-c572-427b-8123-23b2e05abc40.roa
File: 2cee858e-c572-427b-8123-23b2e05abc40.roa (raw, json)
Hash identifier: xemy3aVDPGxF38kOz/E97CCkAaGvi9tEv0RJO/q1RD0=
Subject key identifier: 38:EA:8F:81:56:83:5F:0F:44:37:BA:C8:46:70:33:46:60:A0:02:0B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4EA4083C163F635B6E9EA9C6978DCF50CDA64CC7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2cee858e-c572-427b-8123-23b2e05abc40.roa
Signing time: Fri 25 Apr 2025 18:11:08 +0000
ROA not before: Fri 25 Apr 2025 18:11:08 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:c080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:a4:08:3c:16:3f:63:5b:6e:9e:a9:c6:97:8d:cf:50:cd:a6:4c:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:11:08 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=b81d41ba48ec4f6b12179cdb66cf589fc47c5092abfc6d47b9102495865a8c4f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:17:9d:9b:89:7f:c6:d1:4b:c0:82:50:44:37:
f1:ee:0a:49:6a:7e:f1:de:e3:62:64:91:06:7b:d4:
8d:83:75:97:6e:ef:c3:be:a6:84:fd:3c:be:86:c2:
e3:20:85:2c:26:9d:6c:42:dc:cc:83:05:cd:d0:70:
76:6c:00:be:07:09:89:0f:af:1c:58:7d:b2:eb:d5:
36:c9:8c:2e:2f:cf:f1:2d:6e:16:e8:91:dd:ad:3d:
2b:d2:b2:5b:c7:3f:62:dd:76:4b:4b:9e:7f:0a:19:
56:62:45:f5:ef:8b:cd:f1:0a:71:20:9a:57:5b:a8:
07:d8:c9:3e:48:0d:65:d9:c6:ab:0e:8f:5e:13:58:
67:89:8f:3f:10:77:b8:13:cf:57:f3:36:dc:b1:ee:
1a:e9:b1:9b:f9:de:91:8e:c6:85:5b:14:47:3d:b7:
fa:5c:7e:7c:5f:c8:39:f6:71:53:4b:bb:10:5d:75:
a8:58:7a:36:df:93:94:bc:49:54:20:fb:30:88:4f:
4f:17:96:74:53:49:d0:3f:3a:62:a1:ef:cd:dd:56:
18:e0:63:7d:69:cc:56:69:ff:ea:de:8d:31:2d:1b:
4d:0d:4f:2b:5e:37:f5:e7:15:c7:cd:0f:09:cd:34:
d2:7a:07:f9:67:35:d4:86:ae:33:83:ba:fb:75:c4:
0f:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:EA:8F:81:56:83:5F:0F:44:37:BA:C8:46:70:33:46:60:A0:02:0B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2cee858e-c572-427b-8123-23b2e05abc40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:c080::/48
Signature Algorithm: sha256WithRSAEncryption
6a:0b:fe:b6:be:43:a8:04:b0:d8:9e:24:cc:de:ad:50:da:e7:
bf:2d:82:8a:b0:d8:4b:6a:00:86:e5:ed:44:d4:31:e1:d3:fb:
77:f9:5a:33:59:f3:8b:fc:4d:4e:2d:2a:33:3d:d7:28:15:97:
2c:8d:4d:83:68:fa:52:cc:37:a2:d7:cf:83:9a:57:23:ab:98:
4e:72:a7:89:02:bf:3d:1c:14:91:e5:e2:1a:94:99:3b:16:51:
25:b8:09:96:d0:6d:6b:b2:7f:c2:30:95:c7:2e:e7:f0:ef:d3:
0f:75:2d:f1:63:97:6b:86:51:6c:96:8f:1e:c0:35:e1:47:ab:
8c:05:4c:59:13:e0:88:ff:af:0c:26:0e:c1:88:66:2f:36:4d:
38:59:f5:f8:68:e0:71:5b:69:f3:1c:c3:4f:7c:9c:68:08:d4:
fd:24:2c:fc:ef:09:55:91:c1:29:7c:74:14:2c:d5:50:61:73:
50:b3:0f:ac:31:97:f8:f6:11:dd:49:56:99:f0:3b:3c:1a:13:
df:9a:d4:2e:e7:2e:97:73:e8:84:04:33:8b:fe:7b:00:3f:21:
21:a2:80:ce:01:19:a5:95:7a:96:07:11:c3:1a:7e:aa:69:eb:
25:d0:51:3a:5a:e1:7c:23:40:d7:80:78:3c:c5:7f:43:61:fb:
b0:55:5e:0f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTqQIPBY/Y1tunqnGl43PUM2mTMcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODExMDhaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4MWQ0MWJhNDhlYzRmNmIxMjE3OWNkYjY2Y2Y1ODlmYzQ3YzUwOTJhYmZj
NmQ0N2I5MTAyNDk1ODY1YThjNGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOIXnZuJf8bRS8CCUEQ38e4KSWp+8d7jYmSRBnvUjYN1l27vw76mhP08vobC
4yCFLCadbELczIMFzdBwdmwAvgcJiQ+vHFh9suvVNsmMLi/P8S1uFuiR3a09K9Ky
W8c/Yt12S0uefwoZVmJF9e+LzfEKcSCaV1uoB9jJPkgNZdnGqw6PXhNYZ4mPPxB3
uBPPV/M23LHuGumxm/nekY7GhVsURz23+lx+fF/IOfZxU0u7EF11qFh6Nt+TlLxJ
VCD7MIhPTxeWdFNJ0D86YqHvzd1WGOBjfWnMVmn/6t6NMS0bTQ1PK1439ecVx80P
Cc000noH+Wc11IauM4O6+3XED/0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ46o+B
VoNfD0Q3ushGcDNGYKACCzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmNlZTg1OGUtYzU3Mi00MjdiLTgxMjMtMjNiMmUwNWFiYzQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLA
gDANBgkqhkiG9w0BAQsFAAOCAQEAagv+tr5DqASw2J4kzN6tUNrnvy2CirDYS2oA
huXtRNQx4dP7d/laM1nzi/xNTi0qMz3XKBWXLI1Ng2j6Usw3otfPg5pXI6uYTnKn
iQK/PRwUkeXiGpSZOxZRJbgJltBta7J/wjCVxy7n8O/TD3Ut8WOXa4ZRbJaPHsA1
4UerjAVMWRPgiP+vDCYOwYhmLzZNOFn1+GjgcVtp8xzDT3ycaAjU/SQs/O8JVZHB
KXx0FCzVUGFzULMPrDGX+PYR3UlWmfA7PBoT35rULucul3PohAQzi/57AD8hIaKA
zgEZpZV6lgcRwxp+qmnrJdBROlrhfCNA14B4PMV/Q2H7sFVeDw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:35:41 2025 by rpki-client