Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3fa7e298-325c-4151-ac0e-2364c78e67e5.roa
File: 3fa7e298-325c-4151-ac0e-2364c78e67e5.roa (raw, json)
Hash identifier: 6anqh08HBSpmMwgeED2InQ4DgW7hQ9y8CRMIFyYK8fA=
Subject key identifier: CC:08:04:B4:A8:FE:5B:C3:48:34:B7:7E:4F:57:06:F3:1B:0A:93:41
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3007ADF4633D392ABB993EA6D50CC9EC27433E42
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3fa7e298-325c-4151-ac0e-2364c78e67e5.roa
Signing time: Fri 25 Apr 2025 19:41:13 +0000
ROA not before: Fri 25 Apr 2025 19:41:13 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:07:ad:f4:63:3d:39:2a:bb:99:3e:a6:d5:0c:c9:ec:27:43:3e:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:41:13 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=d1d557002ce86f970b43f966b3703c806232b1b03fc452b6233244fff9342ba0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0e:a4:ad:46:74:00:c4:e1:46:fd:93:d5:21:
f5:c2:4b:99:29:fe:40:af:58:fe:9f:90:94:3a:1a:
b7:c2:72:a6:a4:ed:b4:99:0e:81:12:07:b1:8d:11:
32:5d:52:14:35:51:0e:2f:43:2c:48:e7:03:67:b5:
4c:8f:5c:b4:e3:1a:db:58:a9:26:32:e5:41:65:16:
6e:6b:f0:7c:2f:b7:4c:3c:14:35:fb:85:ef:74:fe:
e9:04:9e:a0:3e:ab:3a:84:ae:3e:05:cc:84:38:98:
20:06:e5:27:80:f8:90:b4:25:e7:db:af:d4:86:84:
ce:10:46:ff:f2:37:32:03:51:75:54:81:92:80:f0:
59:5d:58:46:a1:ae:ae:d5:98:5b:89:8e:44:9c:c8:
7c:ce:72:88:00:1d:92:67:b4:29:92:ff:0e:71:f0:
3e:75:e3:c2:75:78:2f:63:9e:61:78:cb:99:44:9a:
4b:ba:97:87:c4:6c:36:b7:c2:b6:48:2f:f4:f9:b4:
e1:c7:ae:8b:95:10:25:6f:d6:cb:24:9d:9d:5b:95:
41:4e:67:f0:d7:aa:9a:0d:41:c3:4a:28:5a:f6:18:
3a:b1:70:22:48:af:ab:8c:26:fc:f9:4e:62:cb:8a:
70:eb:6a:04:75:a8:02:1a:22:b2:7f:c9:93:08:bf:
08:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:08:04:B4:A8:FE:5B:C3:48:34:B7:7E:4F:57:06:F3:1B:0A:93:41
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3fa7e298-325c-4151-ac0e-2364c78e67e5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:6000::/40
Signature Algorithm: sha256WithRSAEncryption
90:68:22:b1:bd:78:99:b0:69:bb:df:69:60:29:50:ac:82:b1:
f7:ef:58:71:03:36:15:e1:af:03:2c:6a:0f:d7:b3:aa:85:f4:
16:19:ef:f6:f2:f9:84:39:bb:5d:b0:bc:bb:58:32:8f:25:d2:
79:75:4b:11:cc:d2:34:92:f5:75:8c:b8:29:80:57:5d:2f:51:
76:72:1e:b7:a6:51:c2:69:85:87:d0:86:70:fc:33:35:03:fb:
06:3c:38:ec:9c:e3:41:58:1c:eb:31:dd:ad:94:da:ce:99:5a:
c7:04:ce:fe:5f:fa:70:3a:47:de:81:73:a0:e9:27:c9:cb:ea:
01:86:d5:2c:ad:d6:c1:a6:d6:e8:e0:26:e8:3c:98:47:d8:3d:
cd:f8:42:cc:1b:b3:bf:5f:6a:e4:69:10:db:f8:39:0a:58:ff:
26:58:0a:47:13:92:e0:5f:d6:eb:5f:6a:74:1a:7c:8c:a8:d2:
55:eb:91:fa:df:53:76:3c:8e:3d:f9:4e:0c:39:b4:00:64:b3:
05:af:fa:9e:f6:7c:f9:b9:1b:de:c2:4a:45:59:44:1d:f5:aa:
19:0d:22:d1:8a:c4:69:63:8f:04:1d:1b:60:ca:e5:22:9d:ab:
ad:ac:cb:5c:9a:dc:8e:ac:db:15:60:27:fa:9b:2f:4c:27:e1:
b5:6b:db:c2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMAet9GM9OSq7mT6m1QzJ7CdDPkIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTQxMTNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxZDU1NzAwMmNlODZmOTcwYjQzZjk2NmIzNzAzYzgwNjIzMmIxYjAzZmM0
NTJiNjIzMzI0NGZmZjkzNDJiYTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALkOpK1GdADE4Ub9k9Uh9cJLmSn+QK9Y/p+QlDoat8JypqTttJkOgRIHsY0R
Ml1SFDVRDi9DLEjnA2e1TI9ctOMa21ipJjLlQWUWbmvwfC+3TDwUNfuF73T+6QSe
oD6rOoSuPgXMhDiYIAblJ4D4kLQl59uv1IaEzhBG//I3MgNRdVSBkoDwWV1YRqGu
rtWYW4mORJzIfM5yiAAdkme0KZL/DnHwPnXjwnV4L2OeYXjLmUSaS7qXh8RsNrfC
tkgv9Pm04ceui5UQJW/WyySdnVuVQU5n8Neqmg1Bw0ooWvYYOrFwIkivq4wm/PlO
YsuKcOtqBHWoAhoisn/Jkwi/CI0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTMCAS0
qP5bw0g0t35PVwbzGwqTQTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2ZhN2UyOTgtMzI1Yy00MTUxLWFjMGUtMjM2NGM3OGU2N2U1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hdg
MA0GCSqGSIb3DQEBCwUAA4IBAQCQaCKxvXiZsGm732lgKVCsgrH371hxAzYV4a8D
LGoP17OqhfQWGe/28vmEObtdsLy7WDKPJdJ5dUsRzNI0kvV1jLgpgFddL1F2ch63
plHCaYWH0IZw/DM1A/sGPDjsnONBWBzrMd2tlNrOmVrHBM7+X/pwOkfegXOg6SfJ
y+oBhtUsrdbBptbo4CboPJhH2D3N+ELMG7O/X2rkaRDb+DkKWP8mWApHE5LgX9br
X2p0GnyMqNJV65H631N2PI49+U4MObQAZLMFr/qe9nz5uRvewkpFWUQd9aoZDSLR
isRpY48EHRtgyuUinautrMtcmtyOrNsVYCf6my9MJ+G1a9vC
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:12 2025 by rpki-client