Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52630693-0f5d-4126-ba07-ad0c0c999660.roa
File: 52630693-0f5d-4126-ba07-ad0c0c999660.roa (raw, json)
Hash identifier: JR+gQHZKHwuL1sw9G1c87bIJO8OEjTTcTTE3cKJt7so=
Subject key identifier: EC:05:BA:1D:07:CE:3E:0B:59:9E:8E:28:86:1F:5D:9B:3A:6D:C5:26
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3D7C0F7A7DD745FB8D1928B7E416E7E696388025
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52630693-0f5d-4126-ba07-ad0c0c999660.roa
Signing time: Fri 25 Apr 2025 19:51:05 +0000
ROA not before: Fri 25 Apr 2025 19:51:05 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:7c:0f:7a:7d:d7:45:fb:8d:19:28:b7:e4:16:e7:e6:96:38:80:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:51:05 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=b1f171c866208de08ac9c290c21178175b1ddf8e2d66690b1a63883791c511d2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d8:28:86:44:e6:4c:92:ae:02:9f:f6:29:85:
db:fc:d2:ff:bf:26:70:e9:f9:27:31:ce:50:63:f5:
8b:5d:f4:ea:83:e8:73:f8:33:39:ff:c2:b4:7e:8c:
a2:84:47:94:32:fc:ff:79:4c:72:60:7f:25:cc:ab:
46:b7:d9:5f:5e:9d:76:e3:64:59:72:04:54:62:2c:
60:13:5c:0f:37:02:5a:e0:21:30:c4:c0:62:b6:f5:
36:5d:ba:8e:66:77:9a:0a:4b:0e:d8:f4:1c:2d:ca:
d6:21:d7:70:98:8c:60:f6:15:de:d9:76:78:3f:f3:
5f:d9:1a:56:e5:7a:88:44:5d:69:cc:28:ea:10:30:
0c:bf:7e:d8:33:51:52:95:ac:61:99:02:ab:e9:1a:
f6:e1:57:ec:8b:89:d7:1d:13:df:2f:f2:58:3c:ce:
40:81:ea:40:ac:47:9a:08:53:c4:30:e1:0a:4c:9c:
bc:9e:f1:e9:66:d3:86:25:92:db:f7:c7:c2:58:63:
8f:1c:d5:36:d2:5f:56:bb:78:5b:e2:7e:84:46:fc:
ea:e1:5f:f4:68:ef:85:7c:96:2d:33:b2:f4:43:db:
0a:1b:61:7e:33:88:f1:71:db:cf:85:9c:c8:52:f2:
45:fd:0c:aa:64:07:c7:68:ba:49:0b:70:35:80:79:
50:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:05:BA:1D:07:CE:3E:0B:59:9E:8E:28:86:1F:5D:9B:3A:6D:C5:26
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52630693-0f5d-4126-ba07-ad0c0c999660.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:e000::/40
Signature Algorithm: sha256WithRSAEncryption
a7:18:17:bd:1a:fc:27:37:2b:e1:66:2e:9e:07:b9:d7:1d:8c:
56:45:c9:61:cf:13:3b:6d:4e:34:b8:b9:7d:83:22:20:3f:dc:
b8:b9:22:32:99:b3:7a:82:0c:5d:36:89:73:1a:7e:f3:c8:7a:
86:89:1d:e5:bd:74:ed:85:83:32:7f:be:5f:f9:86:d1:19:04:
22:73:89:36:fd:40:99:57:6d:4a:09:d5:44:b9:0b:2c:d8:c3:
27:c7:7a:61:78:24:3e:39:26:45:ab:ec:25:15:89:f4:5f:bd:
67:dd:c3:59:f2:e9:b0:07:ec:40:b8:60:ac:db:e4:55:93:b3:
74:96:3a:5d:e8:2d:b4:ea:3b:c5:a7:d0:1d:5e:71:29:b1:f3:
58:59:c6:87:9a:ff:2e:27:01:b7:63:37:4e:86:e1:11:9d:f1:
c2:a2:f0:5f:f6:a8:0d:8c:38:be:3b:eb:36:4e:6e:5d:29:76:
61:9a:f7:c2:45:cc:da:c0:37:5e:d9:1e:78:1c:67:bb:41:e5:
9d:89:09:bf:22:61:43:3c:26:56:d3:31:a0:39:46:96:cb:1d:
3d:a2:66:43:3e:44:d0:bf:02:a7:22:79:5d:f4:9b:8e:4a:c1:
bc:26:46:22:9d:1d:c1:e9:b9:29:50:f3:47:e0:b8:cb:8b:9f:
b6:56:8a:4c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPXwPen3XRfuNGSi35Bbn5pY4gCUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTUxMDVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxZjE3MWM4NjYyMDhkZTA4YWM5YzI5MGMyMTE3ODE3NWIxZGRmOGUyZDY2
NjkwYjFhNjM4ODM3OTFjNTExZDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJrYKIZE5kySrgKf9imF2/zS/78mcOn5JzHOUGP1i1306oPoc/gzOf/CtH6M
ooRHlDL8/3lMcmB/JcyrRrfZX16dduNkWXIEVGIsYBNcDzcCWuAhMMTAYrb1Nl26
jmZ3mgpLDtj0HC3K1iHXcJiMYPYV3tl2eD/zX9kaVuV6iERdacwo6hAwDL9+2DNR
UpWsYZkCq+ka9uFX7IuJ1x0T3y/yWDzOQIHqQKxHmghTxDDhCkycvJ7x6WbThiWS
2/fHwlhjjxzVNtJfVrt4W+J+hEb86uFf9GjvhXyWLTOy9EPbChthfjOI8XHbz4Wc
yFLyRf0MqmQHx2i6SQtwNYB5UB0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTsBbod
B84+C1mejiiGH12bOm3FJjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTI2MzA2OTMtMGY1ZC00MTI2LWJhMDctYWQwYzBjOTk5NjYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HHg
MA0GCSqGSIb3DQEBCwUAA4IBAQCnGBe9GvwnNyvhZi6eB7nXHYxWRclhzxM7bU40
uLl9gyIgP9y4uSIymbN6ggxdNolzGn7zyHqGiR3lvXTthYMyf75f+YbRGQQic4k2
/UCZV21KCdVEuQss2MMnx3pheCQ+OSZFq+wlFYn0X71n3cNZ8umwB+xAuGCs2+RV
k7N0ljpd6C206jvFp9AdXnEpsfNYWcaHmv8uJwG3YzdOhuERnfHCovBf9qgNjDi+
O+s2Tm5dKXZhmvfCRczawDde2R54HGe7QeWdiQm/ImFDPCZW0zGgOUaWyx09omZD
PkTQvwKnInld9JuOSsG8JkYinR3B6bkpUPNH4LjLi5+2VopM
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:36:22 2025 by rpki-client