Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa
File: 404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa (raw, json)
Hash identifier: 6oiVH7tT3RBKKbleYOBGvtzD/KzDcfmyIvJQjxoxz0E=
Subject key identifier: C9:BD:B2:06:90:8C:5B:AD:77:41:6B:81:4F:9E:63:03:F4:09:0C:E5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4B8D662701CEC9066B2C9EBB146D8A2BD8EC8189
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa
Signing time: Fri 25 Apr 2025 20:30:13 +0000
ROA not before: Fri 25 Apr 2025 20:30:13 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d017::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:8d:66:27:01:ce:c9:06:6b:2c:9e:bb:14:6d:8a:2b:d8:ec:81:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:30:13 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=f32689f7ad7655c4f60e1087c5309425967808a22e4bcdee71d1f079ea78c81e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:af:a6:55:10:84:5e:4c:b1:b9:42:48:fe:a3:
93:0a:c9:83:d9:3c:6e:a0:17:2d:7c:c3:9a:5d:f4:
44:4a:ad:54:dd:e6:0c:53:6b:18:4b:24:5d:fb:2a:
bb:12:21:24:c2:c2:22:a2:7f:8c:64:e5:5f:1c:e0:
d4:69:70:b9:0d:9a:83:8f:5e:7b:4b:b5:9a:b8:4e:
89:86:99:51:86:d3:44:27:97:81:53:13:8c:9f:97:
54:7b:0c:ed:57:c0:39:48:9b:4b:f6:09:a5:e0:1c:
45:42:fc:33:0d:7b:65:b4:12:fd:62:74:18:e6:07:
52:b7:d0:a5:87:a5:b7:6a:b3:af:32:55:3f:38:10:
e4:87:a8:31:94:e1:21:a7:51:64:99:6e:f6:2a:0f:
a6:11:00:ca:d8:6a:96:68:fc:e3:4e:12:ba:f4:43:
4c:63:ab:c1:03:f3:9f:5c:10:63:b2:57:8d:4a:5a:
8d:05:e0:ef:90:cc:2a:79:46:1d:3d:d0:7b:09:1b:
e4:39:69:56:a5:86:86:f5:c3:ec:b4:47:e6:f1:6f:
50:b9:93:af:5e:07:57:bc:d3:26:68:bd:fb:e3:e8:
10:e1:3f:6b:a5:25:30:d2:f7:3e:3a:fd:5e:70:43:
09:aa:1c:5e:62:57:d1:24:d9:19:aa:9d:db:46:e7:
e8:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:BD:B2:06:90:8C:5B:AD:77:41:6B:81:4F:9E:63:03:F4:09:0C:E5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d017::/36
Signature Algorithm: sha256WithRSAEncryption
c2:2a:12:75:7b:18:97:0a:5f:7e:ed:df:9a:14:62:0b:f3:4d:
54:89:4c:5f:04:f2:6c:d6:79:9a:93:6a:7f:84:4f:fa:b5:13:
56:42:7a:b9:c9:4c:52:6d:01:49:b9:d4:75:96:bf:8a:f9:b2:
30:b0:91:f2:95:2f:03:27:f0:76:67:32:bf:32:16:f5:9d:77:
80:79:a8:9d:17:17:3c:4e:70:59:67:51:72:70:2e:ab:ca:0c:
88:4f:fa:95:95:7c:6e:f2:bd:da:57:4e:c2:ac:72:a9:f7:8f:
90:f7:37:40:20:77:de:67:74:93:f8:0d:57:62:db:b5:ac:a7:
34:09:8f:e7:fb:75:21:7f:a3:7e:5c:45:72:86:ce:81:3f:63:
a2:e2:ac:76:7f:b3:ec:88:6b:78:1f:08:77:e4:ef:65:76:b1:
05:42:ba:93:46:e7:45:50:03:81:af:55:5b:54:ac:5e:75:e1:
82:3c:73:32:9f:f3:bd:65:d6:8f:8b:77:dd:2c:6f:de:d9:aa:
47:79:2a:a7:f8:76:5b:c4:ec:f6:bf:39:ab:47:b2:ec:1b:c0:
1e:ae:5e:f9:fe:78:1d:7c:32:f0:a7:c9:45:03:04:78:90:96:
df:b0:6f:51:5e:02:f8:fd:9b:61:4d:65:03:2f:79:ab:32:91:
a8:c4:9e:fe
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUS41mJwHOyQZrLJ67FG2KK9jsgYkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDMwMTNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzMjY4OWY3YWQ3NjU1YzRmNjBlMTA4N2M1MzA5NDI1OTY3ODA4YTIyZTRi
Y2RlZTcxZDFmMDc5ZWE3OGM4MWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANSvplUQhF5MsblCSP6jkwrJg9k8bqAXLXzDml30REqtVN3mDFNrGEskXfsq
uxIhJMLCIqJ/jGTlXxzg1GlwuQ2ag49ee0u1mrhOiYaZUYbTRCeXgVMTjJ+XVHsM
7VfAOUibS/YJpeAcRUL8Mw17ZbQS/WJ0GOYHUrfQpYelt2qzrzJVPzgQ5IeoMZTh
IadRZJlu9ioPphEAythqlmj8404SuvRDTGOrwQPzn1wQY7JXjUpajQXg75DMKnlG
HT3Qewkb5DlpVqWGhvXD7LRH5vFvULmTr14HV7zTJmi9++PoEOE/a6UlMNL3Pjr9
XnBDCaocXmJX0STZGaqd20bn6E0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTJvbIG
kIxbrXdBa4FPnmMD9AkM5TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDA0ZWYxYWYtZTA1Mi00MWI4LWEwYmYtNzBlM2ZhMGFhMDUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BcA
MA0GCSqGSIb3DQEBCwUAA4IBAQDCKhJ1exiXCl9+7d+aFGIL801UiUxfBPJs1nma
k2p/hE/6tRNWQnq5yUxSbQFJudR1lr+K+bIwsJHylS8DJ/B2ZzK/Mhb1nXeAeaid
Fxc8TnBZZ1FycC6rygyIT/qVlXxu8r3aV07CrHKp94+Q9zdAIHfeZ3ST+A1XYtu1
rKc0CY/n+3Uhf6N+XEVyhs6BP2Oi4qx2f7PsiGt4Hwh35O9ldrEFQrqTRudFUAOB
r1VbVKxedeGCPHMyn/O9ZdaPi3fdLG/e2apHeSqn+HZbxOz2vzmrR7LsG8Aerl75
/ngdfDLwp8lFAwR4kJbfsG9RXgL4/ZthTWUDL3mrMpGoxJ7+
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:25 2025 by rpki-client