Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c0911f1-01b0-4492-b92f-9915d315647d.roa
File: 5c0911f1-01b0-4492-b92f-9915d315647d.roa (raw, json)
Hash identifier: gfpsLltylgaS9jW6q8Xt+7ZvPuJ+OLlZZHpzjoyt6KM=
Subject key identifier: 48:EA:D4:4B:F2:27:B7:ED:8D:32:E6:73:E5:05:86:0F:B4:BE:56:E8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0F91E4AB561F3CADEAF439F6526FE3ED36989CFE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c0911f1-01b0-4492-b92f-9915d315647d.roa
Signing time: Mon 21 Apr 2025 18:31:15 +0000
ROA not before: Mon 21 Apr 2025 18:31:15 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:91:e4:ab:56:1f:3c:ad:ea:f4:39:f6:52:6f:e3:ed:36:98:9c:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 21 18:31:15 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=d4c2e7b2d4fe5ac1021b0e5f2bf7d185ca15e8d5331707eadad25270a26bbd57, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b9:24:78:38:49:cc:ed:72:64:0b:f8:3a:52:
ac:f1:01:cc:94:4d:95:c9:51:a9:12:ed:0d:91:d3:
3c:d9:2b:7c:ba:56:49:18:37:63:ad:b5:c3:78:93:
64:4b:23:e8:89:73:77:3e:07:b3:41:37:39:c4:5c:
b0:ef:9a:b2:ce:dd:29:b9:70:46:79:ec:02:6c:f5:
72:0c:c6:0b:6d:22:81:a9:94:fe:e9:58:12:b4:c7:
4a:04:58:6f:11:fa:d2:e1:f0:a4:e9:ad:58:d7:ab:
72:a5:9d:11:e6:53:1b:21:e9:52:de:f5:ee:a6:ca:
1b:c2:fc:9f:f6:db:3f:a2:ec:a5:20:0f:c5:db:66:
41:93:9a:18:55:d5:43:a7:9f:5f:8f:a1:00:04:03:
d7:f7:50:bb:f5:c6:f9:05:d3:15:b0:22:9f:48:a2:
d1:a2:6c:f9:d8:f8:bc:a9:d7:ad:df:2e:20:99:0a:
6d:0a:fc:59:73:fc:55:d0:91:e4:15:5f:9e:52:cb:
b2:9e:ba:06:15:43:4f:15:50:16:ac:1a:c3:a6:c8:
1d:d0:9b:d3:a1:52:99:e1:a4:b4:14:2d:3b:47:58:
51:b6:4c:96:2b:79:51:0c:36:89:2e:eb:5b:03:29:
dc:20:59:ad:12:7d:b7:53:36:ae:a7:0c:5b:da:a4:
93:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:EA:D4:4B:F2:27:B7:ED:8D:32:E6:73:E5:05:86:0F:B4:BE:56:E8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c0911f1-01b0-4492-b92f-9915d315647d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:880::/48
Signature Algorithm: sha256WithRSAEncryption
b6:eb:05:7d:d5:25:81:3c:7f:c2:5f:91:57:12:54:f5:db:90:
be:6e:47:aa:3d:da:d6:07:bf:05:2c:ef:47:2d:8a:56:3a:2e:
5b:7c:22:98:32:b8:85:dc:7b:ab:97:7e:77:78:a1:8a:bb:36:
d2:98:85:2d:d2:9b:40:71:e6:8b:76:92:ad:fe:fb:dd:5d:b2:
92:3e:ba:c6:d5:ae:65:a7:02:2b:45:30:5d:b8:31:18:f5:0c:
3f:51:b7:40:5a:f5:86:34:83:6b:5f:33:61:61:29:d5:61:a5:
f0:c4:7f:9c:20:74:68:b9:95:b4:38:cd:6e:ca:6c:c7:d6:83:
42:ef:69:39:38:5e:a1:0b:f3:68:b8:c8:fc:7c:6f:5b:4d:47:
af:a8:02:c8:92:54:92:dd:06:b3:7f:71:2b:f7:b0:50:22:0a:
d6:d3:60:18:86:ce:59:c4:db:25:36:85:40:7d:fa:fd:c2:5b:
98:01:38:67:7d:e4:b8:d1:a3:ab:92:b9:67:ab:8a:f5:0f:d2:
f9:51:2f:7e:6d:12:f0:af:3e:8b:da:5a:55:65:a7:d5:32:74:
d3:05:a2:e0:97:4d:a6:5c:80:04:97:bc:1c:29:96:71:84:8e:
62:08:26:ce:b3:f5:5d:04:fe:ba:08:7a:28:18:14:c7:ac:f2:
30:39:20:d5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUD5Hkq1YfPK3q9Dn2Um/j7TaYnP4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjExODMxMTVaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0YzJlN2IyZDRmZTVhYzEwMjFiMGU1ZjJiZjdkMTg1Y2ExNWU4ZDUzMzE3
MDdlYWRhZDI1MjcwYTI2YmJkNTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALa5JHg4ScztcmQL+DpSrPEBzJRNlclRqRLtDZHTPNkrfLpWSRg3Y621w3iT
ZEsj6Ilzdz4Hs0E3OcRcsO+ass7dKblwRnnsAmz1cgzGC20igamU/ulYErTHSgRY
bxH60uHwpOmtWNercqWdEeZTGyHpUt717qbKG8L8n/bbP6LspSAPxdtmQZOaGFXV
Q6efX4+hAAQD1/dQu/XG+QXTFbAin0ii0aJs+dj4vKnXrd8uIJkKbQr8WXP8VdCR
5BVfnlLLsp66BhVDTxVQFqwaw6bIHdCb06FSmeGktBQtO0dYUbZMlit5UQw2iS7r
WwMp3CBZrRJ9t1M2rqcMW9qkk00CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRI6tRL
8ie37Y0y5nPlBYYPtL5W6DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWMwOTExZjEtMDFiMC00NDkyLWI5MmYtOTkxNWQzMTU2NDdkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HQI
gDANBgkqhkiG9w0BAQsFAAOCAQEAtusFfdUlgTx/wl+RVxJU9duQvm5Hqj3a1ge/
BSzvRy2KVjouW3wimDK4hdx7q5d+d3ihirs20piFLdKbQHHmi3aSrf773V2ykj66
xtWuZacCK0UwXbgxGPUMP1G3QFr1hjSDa18zYWEp1WGl8MR/nCB0aLmVtDjNbsps
x9aDQu9pOTheoQvzaLjI/HxvW01Hr6gCyJJUkt0Gs39xK/ewUCIK1tNgGIbOWcTb
JTaFQH36/cJbmAE4Z33kuNGjq5K5Z6uK9Q/S+VEvfm0S8K8+i9paVWWn1TJ00wWi
4JdNplyABJe8HCmWcYSOYggmzrP1XQT+ugh6KBgUx6zyMDkg1Q==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:41 2025 by rpki-client