Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3d4529a1-3c28-42b4-b071-aa7474560d24.roa
File: 3d4529a1-3c28-42b4-b071-aa7474560d24.roa (raw, json)
Hash identifier: Q0OKvOCWqWxarIWJMxkuy7qFjLFHoNMFSJXtAtsAZb0=
Subject key identifier: FF:05:B8:43:60:6A:EB:CC:E3:47:8E:79:84:F1:A0:8F:96:8F:A6:40
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6C5625190430453C6A595919AE68CB9FC58AB7B6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3d4529a1-3c28-42b4-b071-aa7474560d24.roa
Signing time: Mon 21 Apr 2025 18:40:26 +0000
ROA not before: Mon 21 Apr 2025 18:40:26 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:840::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:56:25:19:04:30:45:3c:6a:59:59:19:ae:68:cb:9f:c5:8a:b7:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 21 18:40:26 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=b80abbce2213fadc1970554deaa3125e2717c5f3428f4fc3adf8725fac563c57, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:44:54:2a:47:3b:1f:42:fd:ca:3e:8c:19:ed:
8f:89:c5:2a:0c:ab:81:cf:94:77:02:24:c3:c6:4b:
2c:97:48:1b:2c:83:fd:fc:e8:41:42:5d:1b:59:df:
f3:a8:b2:65:11:ce:e2:49:35:51:6c:d4:9e:87:8b:
0b:6c:4a:05:d1:5d:5a:38:39:90:d6:e8:29:1d:30:
3b:6b:0b:67:0b:95:4d:ef:78:97:4c:43:4d:b7:b3:
cc:15:1c:ec:82:75:d1:e9:83:5e:c8:90:30:f3:db:
43:55:fc:55:6e:ed:a0:f9:85:a7:ca:dd:48:3c:da:
16:74:cc:15:50:0e:59:f9:3e:07:4a:d5:d9:12:62:
e4:a2:21:16:f4:68:83:77:17:c6:40:82:fc:3b:6a:
95:69:d5:65:eb:cf:7d:2e:5f:1c:82:96:ba:51:d6:
c9:19:01:7f:e5:a5:71:8d:95:75:b0:27:e8:41:68:
57:a6:bd:c7:3a:65:30:75:6b:eb:52:f3:13:df:b9:
a5:73:1f:1f:97:cc:7d:d7:91:52:81:3a:7b:34:35:
e7:20:ee:03:c2:af:da:8f:b6:25:ce:b1:f7:36:24:
d3:1f:8c:fd:64:fe:07:2a:a2:f0:ca:47:29:c3:36:
11:3a:a7:47:fc:20:8e:cc:61:db:22:d2:15:d5:11:
04:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:05:B8:43:60:6A:EB:CC:E3:47:8E:79:84:F1:A0:8F:96:8F:A6:40
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3d4529a1-3c28-42b4-b071-aa7474560d24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:840::/46
Signature Algorithm: sha256WithRSAEncryption
b8:c7:7f:29:62:61:0d:94:b9:26:01:11:e9:fb:9a:09:56:bf:
5b:a7:e4:d7:a0:b5:4d:bf:aa:d5:e3:18:cf:8c:0c:1e:47:d5:
1a:74:11:a0:77:ed:e0:2b:bc:94:5e:6d:20:be:8c:58:3f:15:
df:97:68:d9:d9:32:56:9b:6c:46:bd:40:d2:c9:8f:b7:c6:e5:
8a:df:07:de:1a:a5:56:b7:f3:40:92:52:68:46:2f:10:35:5c:
d9:2e:1a:e2:e4:4d:7e:25:2c:6a:a4:72:e5:1d:64:72:03:4e:
29:ff:2f:ee:ec:17:73:a6:03:3b:62:62:e1:b4:3e:df:cf:28:
2a:9b:76:78:60:ef:25:03:b5:fa:5e:37:1e:7a:95:c2:1d:ab:
55:f8:82:47:63:f4:61:e7:bb:45:fb:2b:7b:40:e4:cd:ff:70:
60:4a:3c:60:8b:a7:29:f2:c7:22:6a:f3:5e:57:6c:04:2e:db:
0a:8e:75:9f:b6:b3:cf:6c:06:59:3f:59:a5:4d:2c:1a:cb:82:
ba:67:f3:13:f4:48:64:d1:cc:70:2d:91:9c:65:3a:c0:43:6a:
16:da:8d:e6:dd:09:69:c1:46:f6:76:69:29:3e:ca:95:0e:3d:
41:c9:34:3d:1a:bd:ad:ac:d5:2a:c1:86:c0:c2:4f:d4:fa:c8:
f5:e0:0a:34
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbFYlGQQwRTxqWVkZrmjLn8WKt7YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjExODQwMjZaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4MGFiYmNlMjIxM2ZhZGMxOTcwNTU0ZGVhYTMxMjVlMjcxN2M1ZjM0Mjhm
NGZjM2FkZjg3MjVmYWM1NjNjNTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKpEVCpHOx9C/co+jBntj4nFKgyrgc+UdwIkw8ZLLJdIGyyD/fzoQUJdG1nf
86iyZRHO4kk1UWzUnoeLC2xKBdFdWjg5kNboKR0wO2sLZwuVTe94l0xDTbezzBUc
7IJ10emDXsiQMPPbQ1X8VW7toPmFp8rdSDzaFnTMFVAOWfk+B0rV2RJi5KIhFvRo
g3cXxkCC/DtqlWnVZevPfS5fHIKWulHWyRkBf+WlcY2VdbAn6EFoV6a9xzplMHVr
61LzE9+5pXMfH5fMfdeRUoE6ezQ15yDuA8Kv2o+2Jc6x9zYk0x+M/WT+Byqi8MpH
KcM2ETqnR/wgjsxh2yLSFdURBBUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT/BbhD
YGrrzONHjnmE8aCPlo+mQDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2Q0NTI5YTEtM2MyOC00MmI0LWIwNzEtYWE3NDc0NTYwZDI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HcI
QDANBgkqhkiG9w0BAQsFAAOCAQEAuMd/KWJhDZS5JgER6fuaCVa/W6fk16C1Tb+q
1eMYz4wMHkfVGnQRoHft4Cu8lF5tIL6MWD8V35do2dkyVptsRr1A0smPt8blit8H
3hqlVrfzQJJSaEYvEDVc2S4a4uRNfiUsaqRy5R1kcgNOKf8v7uwXc6YDO2Ji4bQ+
388oKpt2eGDvJQO1+l43HnqVwh2rVfiCR2P0Yee7Rfsre0Dkzf9wYEo8YIunKfLH
ImrzXldsBC7bCo51n7azz2wGWT9ZpU0sGsuCumfzE/RIZNHMcC2RnGU6wENqFtqN
5t0JacFG9nZpKT7KlQ49Qck0PRq9razVKsGGwMJP1PrI9eAKNA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:09 2025 by rpki-client