Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3dfc02bb-5baf-420b-af1f-f4b8acdce23b.roa
File: 3dfc02bb-5baf-420b-af1f-f4b8acdce23b.roa (raw, json)
Hash identifier: WKh3F2BnftUWeOyASsWDkwuq3RFtiqhJtx19ti1ZGOs=
Subject key identifier: 6D:0A:7A:85:67:39:87:66:D1:05:86:E8:A9:71:59:F6:2D:00:86:6A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 63C13560317792560274877F77B51AD8EA552ABC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3dfc02bb-5baf-420b-af1f-f4b8acdce23b.roa
Signing time: Fri 25 Apr 2025 19:31:35 +0000
ROA not before: Fri 25 Apr 2025 19:31:35 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:b080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:c1:35:60:31:77:92:56:02:74:87:7f:77:b5:1a:d8:ea:55:2a:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:31:35 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=ddedf4e288aaff74b22b4b5378b4c5f42730b2e6a4a2412c6d6714f56cb0a134, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:05:45:1b:a8:e7:18:8a:ff:75:bb:95:18:98:
f1:35:14:4e:dc:f4:0f:93:5b:d8:21:87:7b:63:db:
38:58:72:98:4a:84:d7:38:70:89:c6:00:b2:d8:c6:
ee:6e:16:d2:56:b2:e3:09:cb:bb:2d:db:6b:59:61:
d5:dc:6e:c6:a3:a9:4b:b1:4b:f4:dc:0d:20:4c:60:
55:0d:e8:cb:d0:d3:9d:06:6c:70:9d:ad:4c:3e:6a:
34:92:bd:01:80:d8:37:c4:5b:7e:30:c0:8a:34:51:
da:c7:df:fd:e6:d3:93:a2:ec:cc:7d:1d:54:0a:49:
19:bb:13:24:1f:c8:eb:02:a1:0b:e8:a5:d5:ca:0b:
73:04:63:6a:ba:cf:db:0b:23:4a:d9:2b:68:e0:78:
a1:d6:a0:15:77:10:5d:a6:ea:17:25:fb:26:e2:8c:
c1:a6:2c:9c:97:f1:d9:b9:1e:85:1a:6b:ad:9c:9d:
75:83:39:42:ee:71:c7:9f:d6:10:85:cd:71:a5:ee:
71:0f:03:ed:75:e6:45:38:88:31:21:ae:03:a1:24:
2f:e3:bd:2f:2c:86:82:e5:f3:62:ba:a5:71:15:af:
7b:b3:45:91:77:c7:11:f8:40:ea:91:b4:e6:7f:21:
c1:0a:b0:74:aa:6a:67:c4:af:04:1e:2a:db:ea:80:
5c:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:0A:7A:85:67:39:87:66:D1:05:86:E8:A9:71:59:F6:2D:00:86:6A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3dfc02bb-5baf-420b-af1f-f4b8acdce23b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:b080::/46
Signature Algorithm: sha256WithRSAEncryption
32:90:21:fd:82:54:04:e4:0c:1c:02:42:1d:3e:d0:60:02:87:
68:fc:9a:d3:af:dd:b3:9e:47:9f:98:ce:a7:9b:f5:18:02:b2:
1a:8a:85:74:cd:0b:88:e6:d8:01:8f:90:27:42:c2:82:f9:9b:
ca:14:74:08:ec:8d:6f:ed:37:35:08:d7:87:cd:0e:41:88:da:
36:4d:64:b4:b1:f5:01:74:22:08:3a:61:7d:13:85:49:0d:a2:
9a:51:5b:ea:5f:9b:65:31:4b:9d:3c:13:93:e6:ec:ff:4e:b8:
d5:af:e5:6c:9a:6f:a0:1b:ea:37:44:34:6e:72:07:0f:d6:38:
ae:16:56:66:92:90:66:ad:74:1c:62:c4:17:15:e6:17:c0:98:
91:e8:64:ac:f9:ce:d9:73:02:29:f1:65:3d:da:39:0e:e4:00:
2e:e1:e0:e3:fd:8b:62:72:9f:94:68:aa:b6:c5:5a:ef:63:ec:
aa:13:cd:5e:e7:87:f8:5e:a4:f8:66:25:10:fe:f4:3c:8d:d6:
5f:6e:20:bf:2a:b2:97:da:94:7e:7a:66:15:19:42:d3:a1:7f:
8e:db:6a:8a:bc:83:65:8b:31:65:96:e6:a4:1e:ae:66:96:10:
a0:bb:cc:8b:ae:61:f0:2e:8a:0b:14:b0:3e:b7:14:1b:0d:bb:
be:e2:7b:23
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUY8E1YDF3klYCdId/d7Ua2OpVKrwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTMxMzVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkZWRmNGUyODhhYWZmNzRiMjJiNGI1Mzc4YjRjNWY0MjczMGIyZTZhNGEy
NDEyYzZkNjcxNGY1NmNiMGExMzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALoFRRuo5xiK/3W7lRiY8TUUTtz0D5Nb2CGHe2PbOFhymEqE1zhwicYAstjG
7m4W0lay4wnLuy3ba1lh1dxuxqOpS7FL9NwNIExgVQ3oy9DTnQZscJ2tTD5qNJK9
AYDYN8RbfjDAijRR2sff/ebTk6LszH0dVApJGbsTJB/I6wKhC+il1coLcwRjarrP
2wsjStkraOB4odagFXcQXabqFyX7JuKMwaYsnJfx2bkehRprrZyddYM5Qu5xx5/W
EIXNcaXucQ8D7XXmRTiIMSGuA6EkL+O9LyyGguXzYrqlcRWve7NFkXfHEfhA6pG0
5n8hwQqwdKpqZ8SvBB4q2+qAXL8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRtCnqF
ZzmHZtEFhuipcVn2LQCGajAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2RmYzAyYmItNWJhZi00MjBiLWFmMWYtZjRiOGFjZGNlMjNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Huw
gDANBgkqhkiG9w0BAQsFAAOCAQEAMpAh/YJUBOQMHAJCHT7QYAKHaPya06/ds55H
n5jOp5v1GAKyGoqFdM0LiObYAY+QJ0LCgvmbyhR0COyNb+03NQjXh80OQYjaNk1k
tLH1AXQiCDphfROFSQ2imlFb6l+bZTFLnTwTk+bs/0641a/lbJpvoBvqN0Q0bnIH
D9Y4rhZWZpKQZq10HGLEFxXmF8CYkehkrPnO2XMCKfFlPdo5DuQALuHg4/2LYnKf
lGiqtsVa72PsqhPNXueH+F6k+GYlEP70PI3WX24gvyqyl9qUfnpmFRlC06F/jttq
iryDZYsxZZbmpB6uZpYQoLvMi65h8C6KCxSwPrcUGw27vuJ7Iw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:22 2025 by rpki-client