Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60b690d0-a362-4547-bf57-d14f49f40869.roa
File: 60b690d0-a362-4547-bf57-d14f49f40869.roa (raw, json)
Hash identifier: oXEYlyiInYMZ+bW85kpOm2lmYi6Uk0d4D6EJAbKYVLo=
Subject key identifier: 0D:D0:6F:B9:90:6D:56:46:38:8B:EF:C0:5B:88:05:6C:33:4F:52:82
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3749811605E958CFB98BF0D58436CBA6D3ECBD2E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60b690d0-a362-4547-bf57-d14f49f40869.roa
Signing time: Fri 25 Apr 2025 20:11:11 +0000
ROA not before: Fri 25 Apr 2025 20:11:11 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:49:81:16:05:e9:58:cf:b9:8b:f0:d5:84:36:cb:a6:d3:ec:bd:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:11:11 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=079c51722bb51027a507e536f3d9e269470993f76be6ab574f906a7839b4dbd4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:4d:0f:1e:cc:46:6f:83:3c:01:9f:96:16:a9:
6e:b8:51:50:b8:83:6d:37:47:05:e7:79:0f:44:87:
e5:74:02:7c:f5:05:29:bb:ac:4e:bc:ca:8b:9f:94:
7e:88:a7:b8:c1:23:7e:9c:5b:e5:c3:ad:17:c2:9e:
94:2d:43:e1:dc:77:b2:0b:a6:67:9c:d8:10:97:f1:
44:d8:39:fa:5b:ef:33:af:85:c5:fc:71:f4:0d:86:
b6:b6:b3:01:14:bd:f1:9e:e9:b1:76:60:3c:b4:71:
b6:22:33:2e:f3:5c:f6:1f:8a:2b:93:16:ca:1e:b3:
24:a0:bf:c6:7d:6a:24:84:49:68:66:2c:1d:c0:3c:
43:38:41:9b:3c:6a:3c:d8:56:8b:0b:3c:69:74:48:
4b:37:52:c3:40:aa:6f:dc:1d:9f:12:bf:31:86:0c:
b1:c0:a4:f4:68:89:10:b6:f1:08:15:12:d9:01:07:
ed:48:7b:1b:98:4f:80:1d:bb:21:bd:2e:89:8d:81:
d4:e7:39:74:4c:68:f4:46:ec:f3:2f:08:6a:a9:b0:
8f:3d:d2:4f:7a:27:db:a3:6d:22:8d:85:7a:af:63:
f9:12:2d:e1:78:0f:c1:3b:aa:57:e3:2e:bb:96:8a:
ca:69:a4:34:c0:1b:55:f5:8e:48:b6:25:a0:41:6a:
d9:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:D0:6F:B9:90:6D:56:46:38:8B:EF:C0:5B:88:05:6C:33:4F:52:82
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60b690d0-a362-4547-bf57-d14f49f40869.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018:400::/38
Signature Algorithm: sha256WithRSAEncryption
95:17:2a:88:5b:55:21:a9:d2:ee:8a:bc:65:2e:07:d8:bf:d2:
f2:2e:20:3f:8f:00:d0:51:ee:d5:a6:39:fd:40:53:1c:06:0f:
75:66:34:9d:8c:54:ab:cd:34:8e:50:b9:d3:cc:0a:28:75:06:
1f:94:71:9d:9d:b5:76:da:d1:24:80:0a:02:01:2a:20:e1:11:
12:57:86:d3:70:92:1a:c7:d7:d1:0d:fb:c7:af:7a:9c:23:12:
0f:e4:9e:c0:57:18:e4:34:34:60:1d:41:03:1f:d6:0a:62:c4:
9a:81:2f:de:eb:f1:9e:e1:a8:e7:56:80:db:df:3f:ea:c4:4a:
b2:1e:1e:bd:ce:cc:54:48:32:c0:8a:25:66:9d:64:c6:02:e6:
20:04:1c:ec:58:72:c5:ef:7c:f3:90:94:39:f3:f1:51:fb:80:
bf:df:70:21:18:c7:e5:8a:9d:35:64:2c:6e:25:e1:f0:e0:22:
b9:3f:9d:5f:73:5a:8c:0f:df:84:2c:2e:2b:be:04:6f:16:44:
a2:46:f6:f8:d7:1d:44:42:72:4c:59:a8:65:99:01:49:08:7e:
de:c8:26:f3:b3:b9:4b:5d:7f:fb:5c:10:d4:95:f2:99:66:3a:
98:f4:e8:f7:17:87:9a:aa:09:5e:64:bd:8d:02:24:2a:51:d5:
c3:7b:b3:0d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUN0mBFgXpWM+5i/DVhDbLptPsvS4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDExMTFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDA3OWM1MTcyMmJiNTEwMjdhNTA3ZTUzNmYzZDllMjY5NDcwOTkzZjc2YmU2
YWI1NzRmOTA2YTc4MzliNGRiZDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANFNDx7MRm+DPAGflhapbrhRULiDbTdHBed5D0SH5XQCfPUFKbusTrzKi5+U
foinuMEjfpxb5cOtF8KelC1D4dx3sgumZ5zYEJfxRNg5+lvvM6+Fxfxx9A2Gtraz
ARS98Z7psXZgPLRxtiIzLvNc9h+KK5MWyh6zJKC/xn1qJIRJaGYsHcA8QzhBmzxq
PNhWiws8aXRISzdSw0Cqb9wdnxK/MYYMscCk9GiJELbxCBUS2QEH7Uh7G5hPgB27
Ib0uiY2B1Oc5dExo9Ebs8y8Iaqmwjz3ST3on26NtIo2Feq9j+RIt4XgPwTuqV+Mu
u5aKymmkNMAbVfWOSLYloEFq2SsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQN0G+5
kG1WRjiL78BbiAVsM09SgjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjBiNjkwZDAtYTM2Mi00NTQ3LWJmNTctZDE0ZjQ5ZjQwODY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BgE
MA0GCSqGSIb3DQEBCwUAA4IBAQCVFyqIW1UhqdLuirxlLgfYv9LyLiA/jwDQUe7V
pjn9QFMcBg91ZjSdjFSrzTSOULnTzAoodQYflHGdnbV22tEkgAoCASog4RESV4bT
cJIax9fRDfvHr3qcIxIP5J7AVxjkNDRgHUEDH9YKYsSagS/e6/Ge4ajnVoDb3z/q
xEqyHh69zsxUSDLAiiVmnWTGAuYgBBzsWHLF73zzkJQ58/FR+4C/33AhGMflip01
ZCxuJeHw4CK5P51fc1qMD9+ELC4rvgRvFkSiRvb41x1EQnJMWahlmQFJCH7eyCbz
s7lLXX/7XBDUlfKZZjqY9Oj3F4eaqgleZL2NAiQqUdXDe7MN
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:49 2025 by rpki-client