Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/64b71704-2a76-40c8-a5e1-57ebfb451913.roa
File: 64b71704-2a76-40c8-a5e1-57ebfb451913.roa (raw, json)
Hash identifier: Vi2j3zZtouQ+lewRGrKwSVxFTdBwSS+z7x+iSF+fliw=
Subject key identifier: CF:D6:8B:0B:E5:DA:97:AF:87:4F:97:BB:D1:AB:CB:C0:8E:13:13:81
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 153D777DBD4A2DB89748B04B6EB97422B004040D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/64b71704-2a76-40c8-a5e1-57ebfb451913.roa
Signing time: Fri 25 Apr 2025 19:30:17 +0000
ROA not before: Fri 25 Apr 2025 19:30:17 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:e080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:3d:77:7d:bd:4a:2d:b8:97:48:b0:4b:6e:b9:74:22:b0:04:04:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:30:17 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=d11b591566b2af35d6611b0d9eecfe061774883d859272dbe3d07b71b0311d48, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:47:24:ce:32:06:bc:bf:5e:ea:38:22:71:8c:
4f:46:f8:b7:b6:1a:29:39:5f:b1:e3:50:c7:cc:ee:
cc:4d:d2:cd:bd:2d:6f:14:00:e5:a5:80:46:d5:52:
1b:3f:af:ef:a1:c4:29:44:de:cf:6a:64:88:7b:8f:
f5:e9:b8:e0:1d:07:d7:a1:e7:5a:fd:7a:0c:35:8a:
75:3f:9e:bc:3d:ab:48:2f:e6:25:56:bb:15:77:6a:
3d:fb:16:fd:5e:77:3f:52:f7:fd:1a:05:d2:00:79:
52:63:f8:67:34:50:66:c1:15:82:6d:1b:8a:f3:15:
e9:b3:8a:6a:f1:a7:b8:84:a3:df:e3:0d:bc:92:02:
db:c7:f9:f5:d3:59:55:ad:d4:49:c7:e3:15:bd:19:
65:8f:1b:fd:c9:47:a5:87:e9:51:f1:b4:dd:1c:23:
14:13:42:c2:5c:68:6f:65:64:4c:2a:fb:41:3a:1f:
47:d0:d9:48:b4:7c:94:0d:48:57:a8:a9:6a:48:5d:
de:f6:f3:71:6e:db:d8:31:8b:b6:49:d8:ae:11:cb:
3a:b5:83:e3:20:75:3c:14:ec:50:53:56:1e:b1:5e:
ea:ea:1c:fa:49:fe:63:26:8f:47:63:66:9e:ab:31:
c4:70:86:5a:a4:9f:46:91:de:c6:5a:0f:3d:ac:b0:
3a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:D6:8B:0B:E5:DA:97:AF:87:4F:97:BB:D1:AB:CB:C0:8E:13:13:81
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/64b71704-2a76-40c8-a5e1-57ebfb451913.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:e080::/46
Signature Algorithm: sha256WithRSAEncryption
bb:53:73:c7:d2:50:75:e3:ca:0b:30:2d:1e:0c:7b:13:1c:90:
1c:eb:31:b4:2e:89:ff:10:77:63:be:7e:1c:e6:64:ca:27:c4:
39:c1:1e:b5:14:4d:6f:21:c5:91:99:57:ae:e8:91:33:af:4c:
53:24:c3:c9:6e:d3:64:44:5c:fa:81:7f:60:52:ee:8d:85:1f:
bf:7e:c1:26:8d:7d:b0:c9:83:9d:14:89:c8:a9:9d:41:45:ff:
2c:2d:95:a4:3a:af:4c:de:7e:45:57:67:db:d6:7d:d1:40:82:
14:56:ca:2f:9d:26:0c:7c:98:9c:3f:f4:26:48:e3:dc:53:0a:
2b:07:cc:74:e9:25:53:3a:ea:ef:be:5f:c2:09:95:c8:0f:6f:
cd:ec:e1:d7:23:f6:2c:5e:28:35:dc:b0:e2:a9:a3:1f:19:e9:
63:b7:f8:ac:41:f2:9c:fd:a2:45:95:98:d0:2c:76:a7:5b:ff:
df:6f:7e:40:f0:ef:42:26:6e:6b:6c:ad:62:16:72:20:a2:b2:
c9:9c:5f:5e:ef:bc:ec:9d:0c:c3:ec:98:c8:0f:0f:4d:87:0c:
06:a9:5f:c8:a1:e0:a8:dc:97:1e:03:3b:83:d6:49:50:eb:38:
06:3e:16:8b:79:3c:1f:1b:ab:bf:7e:6f:9a:3f:17:7c:26:58:
e6:75:b0:cb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFT13fb1KLbiXSLBLbrl0IrAEBA0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTMwMTdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxMWI1OTE1NjZiMmFmMzVkNjYxMWIwZDllZWNmZTA2MTc3NDg4M2Q4NTky
NzJkYmUzZDA3YjcxYjAzMTFkNDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ9HJM4yBry/Xuo4InGMT0b4t7YaKTlfseNQx8zuzE3Szb0tbxQA5aWARtVS
Gz+v76HEKUTez2pkiHuP9em44B0H16HnWv16DDWKdT+evD2rSC/mJVa7FXdqPfsW
/V53P1L3/RoF0gB5UmP4ZzRQZsEVgm0bivMV6bOKavGnuISj3+MNvJIC28f59dNZ
Va3UScfjFb0ZZY8b/clHpYfpUfG03RwjFBNCwlxob2VkTCr7QTofR9DZSLR8lA1I
V6ipakhd3vbzcW7b2DGLtknYrhHLOrWD4yB1PBTsUFNWHrFe6uoc+kn+YyaPR2Nm
nqsxxHCGWqSfRpHexloPPaywOgsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTP1osL
5dqXr4dPl7vRq8vAjhMTgTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjRiNzE3MDQtMmE3Ni00MGM4LWE1ZTEtNTdlYmZiNDUxOTEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hfg
gDANBgkqhkiG9w0BAQsFAAOCAQEAu1Nzx9JQdePKCzAtHgx7ExyQHOsxtC6J/xB3
Y75+HOZkyifEOcEetRRNbyHFkZlXruiRM69MUyTDyW7TZERc+oF/YFLujYUfv37B
Jo19sMmDnRSJyKmdQUX/LC2VpDqvTN5+RVdn29Z90UCCFFbKL50mDHyYnD/0Jkjj
3FMKKwfMdOklUzrq775fwgmVyA9vzezh1yP2LF4oNdyw4qmjHxnpY7f4rEHynP2i
RZWY0Cx2p1v/329+QPDvQiZua2ytYhZyIKKyyZxfXu+87J0Mw+yYyA8PTYcMBqlf
yKHgqNyXHgM7g9ZJUOs4Bj4Wi3k8Hxurv35vmj8XfCZY5nWwyw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:34 2025 by rpki-client