Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/44d8b686-7db5-4309-8f09-3af611be3753.roa
File: 44d8b686-7db5-4309-8f09-3af611be3753.roa (raw, json)
Hash identifier: FAYjnXpykOki4H+iv47OA1NPjS6g4Lg4fn04jms4HLI=
Subject key identifier: 9F:56:AF:01:74:8F:98:15:3B:79:F2:29:F8:C6:35:25:4C:58:BA:2E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7654917E8B349D37A1C1C4EBF454756DBAF33CEB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/44d8b686-7db5-4309-8f09-3af611be3753.roa
Signing time: Fri 25 Apr 2025 19:40:09 +0000
ROA not before: Fri 25 Apr 2025 19:40:09 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:54:91:7e:8b:34:9d:37:a1:c1:c4:eb:f4:54:75:6d:ba:f3:3c:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:40:09 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=018f3d7b55a3404a3b986c03762c732a9e55869ed6532a0280d2198f06b2a216, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:21:7e:a2:2a:77:f0:8e:44:c8:08:fa:24:03:
0a:8b:5f:24:3c:73:d1:bf:fe:9b:12:19:dc:be:f8:
d8:11:d1:54:db:5b:66:9f:a9:df:c9:ef:0c:77:09:
56:f8:bf:10:51:69:30:16:ea:25:18:69:b9:cc:67:
02:53:ac:81:26:e8:e3:40:25:83:3b:41:d8:63:6f:
df:47:d8:61:ad:5e:be:fd:08:b5:cd:d7:c3:b9:8f:
2c:c1:a0:0a:00:d7:5c:a8:d3:41:d1:fa:8f:d5:9a:
67:2b:5b:cc:5c:3b:fc:2b:e9:63:d4:6c:7b:15:a4:
9d:67:0e:0a:f8:de:ed:88:96:2a:c3:f2:ad:4b:89:
bf:89:f2:0a:1a:fa:c9:68:e9:8b:38:f0:f2:dd:f7:
39:03:63:d0:f3:3a:26:e2:84:8c:bd:64:e2:60:fd:
d3:00:c6:85:27:fa:8e:1b:54:57:cd:67:9b:82:af:
8e:86:69:97:8d:be:18:4d:c5:94:03:b0:17:e7:af:
e9:93:f6:9c:89:39:fc:53:2d:55:03:be:e6:78:f8:
2f:3e:64:08:34:17:3b:5b:f0:d5:7f:d0:a9:2e:a6:
20:23:25:75:1f:09:c8:0e:03:82:5b:43:b5:17:53:
03:90:e9:1b:a0:d3:d9:49:f0:9b:a9:b8:d0:d5:dc:
67:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:56:AF:01:74:8F:98:15:3B:79:F2:29:F8:C6:35:25:4C:58:BA:2E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/44d8b686-7db5-4309-8f09-3af611be3753.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:c000::/40
Signature Algorithm: sha256WithRSAEncryption
0b:4a:1a:39:70:00:18:d9:37:9d:71:3a:fd:33:a9:4c:3a:11:
e0:89:1b:17:8c:ec:72:06:91:2c:bf:cc:76:2e:a5:bf:2e:2b:
c2:d8:31:85:14:55:82:da:35:53:f1:73:c5:6c:6d:88:e1:cf:
7d:cc:eb:da:57:04:59:81:bf:8f:e9:88:46:2d:fd:3d:37:ec:
eb:bc:40:4a:fc:a3:d0:23:0f:04:ce:6c:4f:d0:91:76:a0:4b:
52:b8:eb:62:0a:1c:7a:8f:a9:da:19:1e:2c:71:cd:2e:5c:79:
ae:b3:cb:78:1e:94:e2:f9:bd:a1:44:f1:e9:b0:86:52:d8:69:
91:ae:37:93:a2:34:8f:ef:e3:c8:9d:e1:6c:2d:d8:03:93:0d:
93:75:f6:3a:14:2f:5f:be:67:33:4b:79:04:97:34:0c:63:08:
aa:13:08:50:48:e0:92:d0:b8:59:76:88:a0:32:d8:a2:89:56:
dc:9d:93:d5:5b:30:4d:73:cd:f2:b9:85:c3:7b:dd:4e:29:50:
50:b5:16:b1:ca:9d:ea:54:22:95:f1:5f:80:2d:b0:a4:f2:55:
7c:67:66:49:3c:57:4f:07:dc:ab:99:b8:f6:8e:da:5b:1f:20:
7d:e8:8b:14:b7:af:bf:07:5f:af:bf:70:65:09:1e:65:39:73:
a0:4f:eb:37
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdlSRfos0nTehwcTr9FR1bbrzPOswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTQwMDlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDAxOGYzZDdiNTVhMzQwNGEzYjk4NmMwMzc2MmM3MzJhOWU1NTg2OWVkNjUz
MmEwMjgwZDIxOThmMDZiMmEyMTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALohfqIqd/CORMgI+iQDCotfJDxz0b/+mxIZ3L742BHRVNtbZp+p38nvDHcJ
Vvi/EFFpMBbqJRhpucxnAlOsgSbo40AlgztB2GNv30fYYa1evv0Itc3Xw7mPLMGg
CgDXXKjTQdH6j9WaZytbzFw7/CvpY9RsexWknWcOCvje7YiWKsPyrUuJv4nyChr6
yWjpizjw8t33OQNj0PM6JuKEjL1k4mD90wDGhSf6jhtUV81nm4KvjoZpl42+GE3F
lAOwF+ev6ZP2nIk5/FMtVQO+5nj4Lz5kCDQXO1vw1X/QqS6mICMldR8JyA4DgltD
tRdTA5DpG6DT2Unwm6m40NXcZ0kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSfVq8B
dI+YFTt58in4xjUlTFi6LjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDRkOGI2ODYtN2RiNS00MzA5LThmMDktM2FmNjExYmUzNzUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HrA
MA0GCSqGSIb3DQEBCwUAA4IBAQALSho5cAAY2TedcTr9M6lMOhHgiRsXjOxyBpEs
v8x2LqW/LivC2DGFFFWC2jVT8XPFbG2I4c99zOvaVwRZgb+P6YhGLf09N+zrvEBK
/KPQIw8EzmxP0JF2oEtSuOtiChx6j6naGR4scc0uXHmus8t4HpTi+b2hRPHpsIZS
2GmRrjeTojSP7+PIneFsLdgDkw2TdfY6FC9fvmczS3kElzQMYwiqEwhQSOCS0LhZ
doigMtiiiVbcnZPVWzBNc83yuYXDe91OKVBQtRaxyp3qVCKV8V+ALbCk8lV8Z2ZJ
PFdPB9yrmbj2jtpbHyB96IsUt6+/B1+vv3BlCR5lOXOgT+s3
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:25 2025 by rpki-client