Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/41abc6c7-a6fb-4666-b503-a8a0784797a1.roa
File: 41abc6c7-a6fb-4666-b503-a8a0784797a1.roa (raw, json)
Hash identifier: 0R2YZ3REP9rxWe7TBRQX0L1CXoSgOj1JCrnNJ4g2nu8=
Subject key identifier: 35:F5:82:0B:0C:82:98:7D:6E:98:17:9D:15:C6:1D:48:99:A5:A9:17
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 617C90DE1C2707E607285976D4253650468CEC97
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/41abc6c7-a6fb-4666-b503-a8a0784797a1.roa
Signing time: Fri 25 Apr 2025 19:01:31 +0000
ROA not before: Fri 25 Apr 2025 19:01:31 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:7c:90:de:1c:27:07:e6:07:28:59:76:d4:25:36:50:46:8c:ec:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:01:31 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=847536f1224e2dc37614e497643f8f47d380019744927378e4fbd84bbb390fab, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f3:fd:8f:5f:99:37:98:fd:3c:81:73:d1:b6:
7d:19:bd:89:40:47:93:2d:e3:50:a4:8a:f3:24:7c:
85:2a:fa:60:78:2a:a2:c7:e8:ea:1e:d4:d2:ca:28:
61:e0:74:6c:00:4c:5a:29:9f:51:bc:9f:59:60:51:
29:05:30:02:da:96:3f:77:8d:de:51:fc:3f:60:0a:
25:15:e3:50:db:a1:d3:6d:d3:36:14:c5:3e:66:23:
2a:f9:ec:ef:af:f2:c5:00:9a:8d:ea:1d:89:58:26:
23:70:fe:ea:fa:3a:31:eb:7c:31:9f:93:b1:1b:f5:
e8:ce:7c:cf:10:54:7b:c3:c0:a1:d8:12:a6:df:7b:
aa:c2:34:26:ae:05:ff:dd:2d:3f:24:99:db:dc:fe:
2a:0c:29:29:3c:fe:9d:53:1f:9b:ee:6d:71:b7:cb:
8d:64:f0:fa:1e:87:79:89:ba:13:7b:58:5f:14:f5:
33:3b:af:07:f3:25:2d:93:29:86:23:01:9f:85:4f:
52:7e:0e:e0:53:58:3d:1c:2a:e2:37:83:47:2d:1f:
b9:0a:c4:e8:67:44:f5:26:95:fd:be:50:21:ca:9f:
f6:ce:cb:9b:be:a1:86:f9:81:0c:8e:22:44:f2:47:
23:af:58:f9:e3:b0:55:dd:00:f8:ac:af:8e:3e:d0:
c0:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:F5:82:0B:0C:82:98:7D:6E:98:17:9D:15:C6:1D:48:99:A5:A9:17
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/41abc6c7-a6fb-4666-b503-a8a0784797a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8000::/40
Signature Algorithm: sha256WithRSAEncryption
b9:e3:80:38:d6:72:74:f4:b4:ec:1b:d2:6e:f2:14:29:77:76:
76:c5:de:46:e6:b5:dc:12:e9:0d:2e:f0:89:e1:c3:96:0b:0e:
e5:6c:ed:af:28:8d:b3:da:5d:f3:26:06:7b:df:df:5b:8f:07:
a8:98:c2:b8:10:20:c3:37:48:b5:a2:8e:1f:f9:da:37:21:6b:
03:c8:13:54:01:1d:c0:c6:35:0b:84:59:59:5a:85:0b:30:f7:
a1:ba:27:f1:1c:ad:3d:6e:72:e5:ea:a8:4e:bc:7b:1c:3a:ee:
69:fe:c0:0d:7b:e2:40:2e:94:78:58:94:d2:04:9b:67:64:0e:
ec:19:1c:a4:90:88:44:27:3a:f2:c2:0f:13:13:08:a1:a8:84:
a9:11:42:d8:c7:ef:c4:59:2b:5d:2d:28:c7:68:c7:83:06:5b:
2b:f9:f4:44:c5:22:25:63:43:b2:d0:8a:a9:9e:ab:c6:19:5b:
c8:92:53:86:80:d1:a3:05:f3:2a:0a:4a:c8:38:fc:64:bc:67:
81:87:23:d1:df:8d:17:c4:17:a5:ed:c3:a2:f7:63:24:48:32:
38:38:d6:e6:59:db:5d:70:37:37:16:30:2f:ad:df:17:9b:c3:
8c:86:23:5b:0a:0a:8c:f5:3f:4d:45:d2:86:69:76:4e:4b:c3:
12:01:bc:50
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYXyQ3hwnB+YHKFl21CU2UEaM7JcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTAxMzFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDg0NzUzNmYxMjI0ZTJkYzM3NjE0ZTQ5NzY0M2Y4ZjQ3ZDM4MDAxOTc0NDky
NzM3OGU0ZmJkODRiYmIzOTBmYWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJvz/Y9fmTeY/TyBc9G2fRm9iUBHky3jUKSK8yR8hSr6YHgqosfo6h7U0soo
YeB0bABMWimfUbyfWWBRKQUwAtqWP3eN3lH8P2AKJRXjUNuh023TNhTFPmYjKvns
76/yxQCajeodiVgmI3D+6vo6Met8MZ+TsRv16M58zxBUe8PAodgSpt97qsI0Jq4F
/90tPySZ29z+KgwpKTz+nVMfm+5tcbfLjWTw+h6HeYm6E3tYXxT1MzuvB/MlLZMp
hiMBn4VPUn4O4FNYPRwq4jeDRy0fuQrE6GdE9SaV/b5QIcqf9s7Lm76hhvmBDI4i
RPJHI69Y+eOwVd0A+Kyvjj7QwHcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ19YIL
DIKYfW6YF50Vxh1ImaWpFzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDFhYmM2YzctYTZmYi00NjY2LWI1MDMtYThhMDc4NDc5N2ExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ACA
MA0GCSqGSIb3DQEBCwUAA4IBAQC544A41nJ09LTsG9Ju8hQpd3Z2xd5G5rXcEukN
LvCJ4cOWCw7lbO2vKI2z2l3zJgZ7399bjweomMK4ECDDN0i1oo4f+do3IWsDyBNU
AR3AxjULhFlZWoULMPehuifxHK09bnLl6qhOvHscOu5p/sANe+JALpR4WJTSBJtn
ZA7sGRykkIhEJzrywg8TEwihqISpEULYx+/EWStdLSjHaMeDBlsr+fRExSIlY0Oy
0IqpnqvGGVvIklOGgNGjBfMqCkrIOPxkvGeBhyPR340XxBel7cOi92MkSDI4ONbm
WdtdcDc3FjAvrd8Xm8OMhiNbCgqM9T9NRdKGaXZOS8MSAbxQ
-----END CERTIFICATE-----
Generated at Mon Apr 28 13:15:51 2025 by rpki-client