Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60c499a8-e470-4a76-9095-20d8554a426a.roa
File: 60c499a8-e470-4a76-9095-20d8554a426a.roa (raw, json)
Hash identifier: IrE5pV2xVHKcPgPPASz/VcHRESlTTIptTGQvbijyYl8=
Subject key identifier: 59:D4:1E:30:2D:CD:55:FB:D8:D1:EF:9D:34:73:06:B7:F2:1F:92:B0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 12A368DE6C4692F2D85CC5C81D274E694C51BE4C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60c499a8-e470-4a76-9095-20d8554a426a.roa
Signing time: Fri 25 Apr 2025 20:21:20 +0000
ROA not before: Fri 25 Apr 2025 20:21:20 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:a3:68:de:6c:46:92:f2:d8:5c:c5:c8:1d:27:4e:69:4c:51:be:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:21:20 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=8ce94060be7e4c1e08006462355cd64a5f850a946f5f5dcc43e07e2497839896, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:df:ab:f5:6c:64:a0:67:04:ef:91:8e:51:44:
d8:ae:29:a1:6c:17:50:b3:c7:52:d4:bc:a1:c3:0a:
ab:7f:c5:f3:b0:25:ce:91:21:b1:a5:88:c1:7e:90:
d2:f6:dc:3c:99:aa:89:e1:db:b4:bc:7e:0f:7a:a4:
83:bd:70:85:67:95:75:16:1b:cf:24:16:64:b5:4f:
3f:41:5e:39:56:2b:a7:20:97:d8:36:3d:fa:ec:75:
e6:97:33:97:59:55:2a:4e:60:e2:d7:89:04:7a:9b:
d9:26:97:ae:a9:cb:d6:9c:fa:80:a1:33:1a:2c:6f:
aa:3f:60:d6:91:cc:f4:a6:85:e1:0a:f5:95:dc:23:
16:af:cc:43:7c:d5:8f:05:9d:48:f5:fd:c3:0c:48:
80:66:f1:c7:8c:60:99:a2:3e:ca:56:8b:d4:7d:4a:
b7:4f:74:70:fd:cd:bd:74:73:40:42:e7:28:fb:ca:
74:33:5c:cc:51:08:dc:c4:1a:24:3d:9c:be:c9:73:
5c:fb:62:ae:59:dc:48:79:e4:59:c7:23:5c:bb:68:
f4:23:b1:7e:59:1e:67:7d:9b:b8:29:18:75:bc:98:
24:c8:e1:e5:9d:1e:b6:14:c0:90:5b:cb:b3:f0:12:
ec:03:4f:8e:7e:b7:4a:89:6c:f2:68:29:9b:b3:c3:
f3:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:D4:1E:30:2D:CD:55:FB:D8:D1:EF:9D:34:73:06:B7:F2:1F:92:B0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60c499a8-e470-4a76-9095-20d8554a426a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018:c00::/38
Signature Algorithm: sha256WithRSAEncryption
64:ef:0f:f7:a1:fe:e3:e3:45:00:2f:3f:da:6a:48:e1:d2:ec:
17:ca:ca:a2:89:2e:c7:e5:d2:ee:69:a3:6d:b3:e7:7f:ee:de:
70:4e:8b:d6:7d:4a:9b:3e:23:20:38:68:2a:87:56:0c:a7:85:
a7:b9:13:94:e2:12:a4:86:fb:cc:59:42:97:c9:2e:82:a3:30:
87:8c:25:03:b1:9f:23:3c:10:85:58:66:2a:17:a0:0b:3a:cc:
ae:c3:07:93:1b:20:6e:56:fc:da:5c:55:31:50:32:68:f9:7d:
10:66:c1:40:34:36:01:fb:83:3c:f1:1b:eb:d7:6d:93:9a:36:
49:7b:66:a4:01:5c:84:9f:c3:66:20:e4:ac:a1:af:4d:f9:9e:
0a:2c:72:51:6f:1a:ba:d4:fc:8c:29:48:e5:30:09:66:54:67:
b3:fd:c9:e1:01:9f:32:f6:1c:d6:2a:00:14:2f:6b:94:bd:64:
bf:a6:f9:8c:30:4a:76:06:2a:88:8d:49:8f:96:82:6e:dc:a5:
62:28:cd:1a:2f:bb:bd:1f:25:9e:52:fb:16:62:a8:76:f3:4c:
3d:75:33:a0:18:7e:91:f6:12:5c:f5:dc:ec:fe:5d:a7:e6:ef:
48:89:5e:b0:00:50:bb:ab:5b:a7:7f:b0:4b:27:c3:9d:62:74:
92:9a:7a:0a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEqNo3mxGkvLYXMXIHSdOaUxRvkwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDIxMjBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDhjZTk0MDYwYmU3ZTRjMWUwODAwNjQ2MjM1NWNkNjRhNWY4NTBhOTQ2ZjVm
NWRjYzQzZTA3ZTI0OTc4Mzk4OTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALDfq/VsZKBnBO+RjlFE2K4poWwXULPHUtS8ocMKq3/F87AlzpEhsaWIwX6Q
0vbcPJmqieHbtLx+D3qkg71whWeVdRYbzyQWZLVPP0FeOVYrpyCX2DY9+ux15pcz
l1lVKk5g4teJBHqb2SaXrqnL1pz6gKEzGixvqj9g1pHM9KaF4Qr1ldwjFq/MQ3zV
jwWdSPX9wwxIgGbxx4xgmaI+ylaL1H1Kt090cP3NvXRzQELnKPvKdDNczFEI3MQa
JD2cvslzXPtirlncSHnkWccjXLto9COxflkeZ32buCkYdbyYJMjh5Z0ethTAkFvL
s/AS7ANPjn63Sols8mgpm7PD818CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRZ1B4w
Lc1V+9jR7500cwa38h+SsDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjBjNDk5YTgtZTQ3MC00YTc2LTkwOTUtMjBkODU1NGE0MjZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BgM
MA0GCSqGSIb3DQEBCwUAA4IBAQBk7w/3of7j40UALz/aakjh0uwXysqiiS7H5dLu
aaNts+d/7t5wTovWfUqbPiMgOGgqh1YMp4WnuROU4hKkhvvMWUKXyS6CozCHjCUD
sZ8jPBCFWGYqF6ALOsyuwweTGyBuVvzaXFUxUDJo+X0QZsFANDYB+4M88Rvr122T
mjZJe2akAVyEn8NmIOSsoa9N+Z4KLHJRbxq61PyMKUjlMAlmVGez/cnhAZ8y9hzW
KgAUL2uUvWS/pvmMMEp2BiqIjUmPloJu3KViKM0aL7u9HyWeUvsWYqh280w9dTOg
GH6R9hJc9dzs/l2n5u9IiV6wAFC7q1unf7BLJ8OdYnSSmnoK
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:48:04 2025 by rpki-client