Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/470f3c02-20c3-480f-a788-60d7378cea9b.roa
File: 470f3c02-20c3-480f-a788-60d7378cea9b.roa (raw, json)
Hash identifier: fyqFyos22IZ6YyLaear6p2x/0mEjiARqlFasV4eT6eE=
Subject key identifier: CB:D1:AD:97:E8:FC:76:7F:79:65:D9:42:FE:50:8C:8B:86:E1:FD:45
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 59CFC2BF11E1DC1D550DBAEC2D78F9FEC598ADF1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/470f3c02-20c3-480f-a788-60d7378cea9b.roa
Signing time: Mon 21 Apr 2025 18:31:02 +0000
ROA not before: Mon 21 Apr 2025 18:31:02 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:cf:c2:bf:11:e1:dc:1d:55:0d:ba:ec:2d:78:f9:fe:c5:98:ad:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 21 18:31:02 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=6194560d4e15e79114dde98779f11b9dd1ea341181ca8250c64f7f4ba36cdc3e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:08:5b:ee:67:a5:e0:a6:10:09:2e:77:e5:d8:
b3:f2:54:17:ca:d3:90:6b:33:13:13:5d:5f:f4:f1:
e4:ce:29:73:56:1f:84:a4:ee:ec:52:5b:9e:eb:99:
eb:2b:96:e2:4e:ad:03:a2:98:a7:a2:d9:55:bc:87:
97:bf:c8:5f:f4:8b:da:a7:0a:ab:ba:ac:fb:1a:2e:
1a:b2:c8:f8:5b:0c:07:b8:16:a1:23:25:a5:0d:99:
c9:8f:31:b1:3c:f9:be:57:2b:1c:d0:b4:b8:ca:d1:
17:65:02:d7:8d:96:95:a2:49:44:d2:bd:0a:18:00:
e0:1e:6e:75:41:7b:ac:ca:aa:5a:0b:33:96:6d:2e:
3b:dc:46:c8:ed:a6:7d:a0:9a:3d:37:53:69:75:d4:
5f:73:20:e0:9b:6f:59:af:00:67:c9:2d:d4:ac:d7:
6a:22:5d:2d:98:8c:9a:3d:73:82:48:e2:4f:69:1b:
61:04:c6:4b:fe:ae:09:6e:50:1e:2e:82:71:8a:eb:
18:75:75:43:85:71:f9:9a:eb:e8:90:44:c5:98:2b:
52:95:83:0e:17:d6:f9:4a:c7:1b:25:7b:97:00:db:
de:c0:7d:31:2d:fa:3a:dd:19:f9:0f:18:de:6c:a0:
d0:3a:10:f6:78:5b:ec:7e:74:27:89:96:df:cf:ea:
fa:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:D1:AD:97:E8:FC:76:7F:79:65:D9:42:FE:50:8C:8B:86:E1:FD:45
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/470f3c02-20c3-480f-a788-60d7378cea9b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:880::/48
Signature Algorithm: sha256WithRSAEncryption
00:4c:c9:6e:0a:97:81:49:da:7a:6a:47:42:8d:08:ee:0e:2f:
b2:bb:5d:de:1f:fb:28:64:76:5b:f9:1c:1f:27:3d:54:6c:24:
c3:6e:94:a3:b8:8e:f6:66:22:36:dd:eb:d2:33:ee:a8:db:b1:
d6:14:e2:95:ac:4d:21:01:73:76:df:ab:24:be:1a:ad:dd:79:
0d:1d:90:45:07:8e:f1:79:28:8a:da:ce:11:ff:c6:a1:41:b5:
e2:0e:1b:6d:22:c4:47:e8:74:69:5f:5e:32:20:e9:ba:68:6e:
82:b6:70:8f:f6:0c:01:e8:ff:77:84:04:40:b5:d9:ed:93:4b:
6e:9d:cc:cd:62:bf:59:af:c6:ec:5a:0d:43:7c:da:1d:8d:02:
27:20:f8:69:28:de:54:14:86:d3:ba:c9:61:32:03:b8:94:7d:
d0:3c:5d:37:dc:54:d6:dd:6e:6c:27:25:05:7c:68:b8:1b:7e:
ff:0c:87:81:e2:8c:3e:3a:ce:a2:30:42:92:ce:1a:1d:7c:21:
a3:0d:3c:7e:7e:ec:77:41:98:65:6a:5b:e5:37:00:c2:49:36:
4e:f6:a0:9f:9b:8f:29:4f:12:8d:40:24:dd:3d:93:50:76:89:
5c:3e:7b:65:15:51:ab:2f:94:28:44:86:33:8e:ec:43:84:3c:
ae:df:06:33
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWc/CvxHh3B1VDbrsLXj5/sWYrfEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjExODMxMDJaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDYxOTQ1NjBkNGUxNWU3OTExNGRkZTk4Nzc5ZjExYjlkZDFlYTM0MTE4MWNh
ODI1MGM2NGY3ZjRiYTM2Y2RjM2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJQIW+5npeCmEAkud+XYs/JUF8rTkGszExNdX/Tx5M4pc1YfhKTu7FJbnuuZ
6yuW4k6tA6KYp6LZVbyHl7/IX/SL2qcKq7qs+xouGrLI+FsMB7gWoSMlpQ2ZyY8x
sTz5vlcrHNC0uMrRF2UC142WlaJJRNK9ChgA4B5udUF7rMqqWgszlm0uO9xGyO2m
faCaPTdTaXXUX3Mg4JtvWa8AZ8kt1KzXaiJdLZiMmj1zgkjiT2kbYQTGS/6uCW5Q
Hi6CcYrrGHV1Q4Vx+Zrr6JBExZgrUpWDDhfW+UrHGyV7lwDb3sB9MS36Ot0Z+Q8Y
3myg0DoQ9nhb7H50J4mW38/q+jkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTL0a2X
6Px2f3ll2UL+UIyLhuH9RTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDcwZjNjMDItMjBjMy00ODBmLWE3ODgtNjBkNzM3OGNlYTliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8I
gDANBgkqhkiG9w0BAQsFAAOCAQEAAEzJbgqXgUnaempHQo0I7g4vsrtd3h/7KGR2
W/kcHyc9VGwkw26Uo7iO9mYiNt3r0jPuqNux1hTilaxNIQFzdt+rJL4ard15DR2Q
RQeO8XkoitrOEf/GoUG14g4bbSLER+h0aV9eMiDpumhugrZwj/YMAej/d4QEQLXZ
7ZNLbp3MzWK/Wa/G7FoNQ3zaHY0CJyD4aSjeVBSG07rJYTIDuJR90DxdN9xU1t1u
bCclBXxouBt+/wyHgeKMPjrOojBCks4aHXwhow08fn7sd0GYZWpb5TcAwkk2Tvag
n5uPKU8SjUAk3T2TUHaJXD57ZRVRqy+UKESGM47sQ4Q8rt8GMw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:20 2025 by rpki-client