Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa
File: 3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa (raw, json)
Hash identifier: LmCSFKgTyxia+u+PFAl/SfPqb4fgsP2HEOBVMFV9ZW8=
Subject key identifier: FC:70:E6:4A:27:0E:73:02:03:CA:F6:0C:50:CF:05:69:36:34:7F:B3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1244D9CAB1D4FA648E8D58ADEBB454C6F0DEE8D5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa
Signing time: Fri 25 Apr 2025 20:20:51 +0000
ROA not before: Fri 25 Apr 2025 20:20:51 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d016::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:44:d9:ca:b1:d4:fa:64:8e:8d:58:ad:eb:b4:54:c6:f0:de:e8:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:20:51 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=53bb63b52af317a252eaf14510db018b1026ca382106b4a483952f41893b04e3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fa:2d:63:bb:42:d5:2f:a3:95:f3:06:af:a2:
96:27:40:ba:53:7c:b9:de:16:3f:93:a9:22:6d:19:
f8:b5:2c:d9:f1:ac:49:da:0b:3a:4c:cf:03:56:eb:
67:a6:85:a9:e8:39:49:42:80:71:29:9b:1e:9b:52:
f4:89:c1:4b:86:6f:8a:3f:eb:8c:35:82:29:ad:57:
d4:12:ca:75:85:f7:e5:5f:78:be:67:21:c4:d8:bd:
72:db:74:69:f8:22:a7:81:0c:b6:21:53:66:06:c5:
4a:b5:92:01:66:ff:2b:f9:08:a5:9e:25:59:06:a0:
80:20:41:2f:ad:a2:3d:f1:88:8e:30:ea:d7:ad:f0:
d2:4f:cd:d8:82:92:1e:13:53:2e:0e:4b:6f:e8:bb:
5d:91:19:15:6f:db:2e:1b:a8:35:73:5e:5c:e4:3d:
3b:45:df:97:0c:4b:5d:24:c6:e6:93:37:54:e8:32:
9c:a5:56:85:91:96:61:f9:d9:ae:da:81:73:26:6c:
fb:bd:98:e4:57:a0:e1:05:51:02:53:03:42:7b:a2:
1e:30:b6:47:65:23:64:43:bb:e8:13:24:04:96:a6:
02:f2:f6:75:63:e0:da:7f:8e:a9:4f:c9:91:ac:b3:
7f:cf:4b:87:1a:05:c5:bb:a2:30:1d:03:c7:3c:9c:
fc:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:70:E6:4A:27:0E:73:02:03:CA:F6:0C:50:CF:05:69:36:34:7F:B3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d016::/38
Signature Algorithm: sha256WithRSAEncryption
1c:7a:ed:f0:16:0f:f2:d0:81:24:19:24:8f:91:b7:04:b5:45:
52:a7:3c:69:ce:bb:e7:36:19:b5:4b:da:74:4d:92:dd:f9:b7:
ea:ef:23:d7:4e:57:7d:18:4b:7c:86:00:cc:a9:9b:b6:58:1d:
37:b2:cc:11:88:76:f4:6e:33:88:81:db:22:9a:37:c4:5a:1d:
26:1e:6d:d4:0f:94:73:f1:6e:08:68:14:e3:27:ab:e2:29:23:
ed:88:6e:99:0b:cd:f0:c6:65:76:16:2e:f1:02:f2:c9:1c:ce:
0b:24:ef:9b:ab:5e:cb:04:cb:aa:8a:69:92:2d:af:87:90:16:
c4:78:f6:56:35:3c:35:64:f3:bf:fa:f5:45:07:ce:b5:54:cc:
28:52:e1:29:37:8d:19:1b:d7:82:bb:6e:8b:72:93:55:69:03:
f7:a1:ba:48:18:03:02:df:9f:82:4d:c5:4a:d4:1f:9e:a2:16:
9d:2c:d7:5a:d4:84:06:b0:1e:32:8a:76:e9:e5:30:36:8f:e9:
1b:82:e5:60:c4:76:7f:e4:4b:b8:5f:4b:c2:99:75:f8:60:91:
0b:eb:cc:c3:05:98:43:8d:32:dc:05:4e:fd:90:3f:b3:8a:f3:
d1:bf:bc:9c:ed:38:c5:b0:3a:9a:c1:b6:a7:04:df:f6:e4:7c:
d5:e6:26:6e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEkTZyrHU+mSOjVit67RUxvDe6NUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDIwNTFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzYmI2M2I1MmFmMzE3YTI1MmVhZjE0NTEwZGIwMThiMTAyNmNhMzgyMTA2
YjRhNDgzOTUyZjQxODkzYjA0ZTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALf6LWO7QtUvo5XzBq+ilidAulN8ud4WP5OpIm0Z+LUs2fGsSdoLOkzPA1br
Z6aFqeg5SUKAcSmbHptS9InBS4Zvij/rjDWCKa1X1BLKdYX35V94vmchxNi9ctt0
afgip4EMtiFTZgbFSrWSAWb/K/kIpZ4lWQaggCBBL62iPfGIjjDq163w0k/N2IKS
HhNTLg5Lb+i7XZEZFW/bLhuoNXNeXOQ9O0XflwxLXSTG5pM3VOgynKVWhZGWYfnZ
rtqBcyZs+72Y5Feg4QVRAlMDQnuiHjC2R2UjZEO76BMkBJamAvL2dWPg2n+OqU/J
kayzf89LhxoFxbuiMB0Dxzyc/K0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT8cOZK
Jw5zAgPK9gxQzwVpNjR/szAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2NmN2FlOWQtZDg2My00ZGIyLTk2MzUtZmI4NjQ3OWNmMDlhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BYA
MA0GCSqGSIb3DQEBCwUAA4IBAQAceu3wFg/y0IEkGSSPkbcEtUVSpzxpzrvnNhm1
S9p0TZLd+bfq7yPXTld9GEt8hgDMqZu2WB03sswRiHb0bjOIgdsimjfEWh0mHm3U
D5Rz8W4IaBTjJ6viKSPtiG6ZC83wxmV2Fi7xAvLJHM4LJO+bq17LBMuqimmSLa+H
kBbEePZWNTw1ZPO/+vVFB861VMwoUuEpN40ZG9eCu26LcpNVaQP3obpIGAMC35+C
TcVK1B+eohadLNda1IQGsB4yinbp5TA2j+kbguVgxHZ/5Eu4X0vCmXX4YJEL68zD
BZhDjTLcBU79kD+zivPRv7yc7TjFsDqawbanBN/25HzV5iZu
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:04 2025 by rpki-client