Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/631196a4-90f5-4760-982e-15fbaf4805ec.roa
File: 631196a4-90f5-4760-982e-15fbaf4805ec.roa (raw, json)
Hash identifier: fA71/KJ8ZESx0GJe2iPPm2AIKcal9fIzAsvaENAHiHg=
Subject key identifier: 2C:65:13:BA:71:14:63:9E:D9:2F:85:60:4F:2B:EB:23:95:56:2E:BD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 37CA17593775B50FE0883DB45EAE59D06E6BF867
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/631196a4-90f5-4760-982e-15fbaf4805ec.roa
Signing time: Mon 21 Apr 2025 18:40:12 +0000
ROA not before: Mon 21 Apr 2025 18:40:12 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d020:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:ca:17:59:37:75:b5:0f:e0:88:3d:b4:5e:ae:59:d0:6e:6b:f8:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 21 18:40:12 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=a516af8656d65defa4b6104a2963d334039264d905f788072a8cb7a3017d863f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b5:89:14:3d:45:a9:46:9e:db:2d:be:4f:42:
c5:29:e9:cf:68:22:74:11:67:f2:3e:8f:c0:92:49:
a4:65:97:af:70:d4:d2:78:a5:fc:61:35:f2:23:b6:
1c:61:dd:96:c4:f8:92:c1:4f:df:76:b8:61:09:c7:
9c:5d:e2:7b:ec:a5:ce:1e:bb:a7:28:54:75:bd:ac:
54:f1:c7:7a:d9:b3:90:96:52:69:2f:a3:a3:55:ab:
fb:b6:54:37:e5:35:5e:5d:6a:67:8a:e5:da:c8:1a:
63:02:cd:75:ee:53:6c:23:90:e0:29:e7:d9:ac:50:
8d:a3:bf:03:ac:4e:26:da:67:fe:0e:ed:a2:72:22:
d4:49:71:df:c5:42:74:fc:c3:24:f6:eb:18:a8:eb:
50:eb:52:12:ae:fb:15:3b:ed:9d:4c:0c:86:f5:62:
5e:fb:a8:68:e3:94:5e:24:29:b9:6e:7d:3a:51:f5:
44:de:54:44:bd:06:93:f3:aa:3b:ee:31:6f:92:51:
ba:65:56:b9:f0:1b:81:2d:7f:47:a8:98:74:24:87:
89:c1:87:dd:de:23:7e:bc:11:09:c0:0e:aa:d3:04:
fc:ee:ec:e3:07:59:e2:47:ce:d9:e2:d0:16:90:0f:
84:f8:a3:bf:33:f6:8f:c2:30:85:10:f3:f8:6f:68:
94:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:65:13:BA:71:14:63:9E:D9:2F:85:60:4F:2B:EB:23:95:56:2E:BD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/631196a4-90f5-4760-982e-15fbaf4805ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d020:8000::/36
Signature Algorithm: sha256WithRSAEncryption
26:7d:18:56:fe:35:d7:b2:4c:af:93:42:de:e3:1f:f4:0d:80:
ae:e9:24:b7:67:03:39:08:94:10:13:ae:8e:f5:82:c7:95:17:
02:78:e6:d1:8e:c7:06:88:21:e8:09:93:47:dc:78:a0:d0:21:
cb:45:ef:47:14:10:4d:ee:34:d2:83:11:65:bd:b0:b2:b9:9c:
e7:b6:a6:38:b3:63:e1:7a:2e:d4:22:e6:e9:ae:39:50:4c:cb:
5e:68:29:32:57:0b:de:cc:f2:72:0b:47:0f:94:d5:23:b3:55:
f2:72:ed:55:6a:60:df:92:fb:a7:1b:99:75:62:09:13:c8:8e:
b9:e3:84:dc:17:58:98:10:c1:0a:d4:f6:27:9b:59:7b:8d:fb:
1b:17:a4:2d:3b:9a:58:e6:95:bc:51:4b:00:7e:fc:fa:bb:63:
2f:b4:00:0a:c2:61:bb:d5:d7:65:20:9a:f8:7d:45:9a:ac:81:
b2:37:ef:c6:8d:4f:15:dd:a5:71:e3:85:e1:ab:9d:b4:9b:47:
1e:07:67:1d:28:65:02:1a:db:7f:8c:37:51:22:3d:47:72:bd:
00:07:9b:8e:9f:3f:e3:f9:cf:6a:3a:6c:c2:d6:48:12:87:dd:
c4:c7:36:27:5c:07:94:82:a7:05:7b:3e:32:94:13:3b:ce:7c:
a6:87:ae:67
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUN8oXWTd1tQ/giD20Xq5Z0G5r+GcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjExODQwMTJaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGE1MTZhZjg2NTZkNjVkZWZhNGI2MTA0YTI5NjNkMzM0MDM5MjY0ZDkwNWY3
ODgwNzJhOGNiN2EzMDE3ZDg2M2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKS1iRQ9RalGntstvk9CxSnpz2gidBFn8j6PwJJJpGWXr3DU0nil/GE18iO2
HGHdlsT4ksFP33a4YQnHnF3ie+ylzh67pyhUdb2sVPHHetmzkJZSaS+jo1Wr+7ZU
N+U1Xl1qZ4rl2sgaYwLNde5TbCOQ4Cnn2axQjaO/A6xOJtpn/g7tonIi1Elx38VC
dPzDJPbrGKjrUOtSEq77FTvtnUwMhvViXvuoaOOUXiQpuW59OlH1RN5URL0Gk/Oq
O+4xb5JRumVWufAbgS1/R6iYdCSHicGH3d4jfrwRCcAOqtME/O7s4wdZ4kfO2eLQ
FpAPhPijvzP2j8IwhRDz+G9olN8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQsZRO6
cRRjntkvhWBPK+sjlVYuvTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjMxMTk2YTQtOTBmNS00NzYwLTk4MmUtMTVmYmFmNDgwNWVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CCA
MA0GCSqGSIb3DQEBCwUAA4IBAQAmfRhW/jXXskyvk0Le4x/0DYCu6SS3ZwM5CJQQ
E66O9YLHlRcCeObRjscGiCHoCZNH3Hig0CHLRe9HFBBN7jTSgxFlvbCyuZzntqY4
s2Phei7UIubprjlQTMteaCkyVwvezPJyC0cPlNUjs1Xycu1VamDfkvunG5l1YgkT
yI6544TcF1iYEMEK1PYnm1l7jfsbF6QtO5pY5pW8UUsAfvz6u2MvtAAKwmG71ddl
IJr4fUWarIGyN+/GjU8V3aVx44Xhq520m0ceB2cdKGUCGtt/jDdRIj1Hcr0AB5uO
nz/j+c9qOmzC1kgSh93ExzYnXAeUgqcFez4ylBM7znymh65n
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:36:22 2025 by rpki-client