Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/69802baa-274e-464f-9528-c2e45ae56d0d.roa
File: 69802baa-274e-464f-9528-c2e45ae56d0d.roa (raw, json)
Hash identifier: XzDEmx3leA0x6gyPkjadrBh5TclDrcL5AgrkBp4HluA=
Subject key identifier: B7:20:6E:19:65:F5:4C:54:9B:22:12:17:8A:24:35:1D:AF:67:A4:9C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3454A5B3607208EBC709A9A41E4D1C20830AA2B9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/69802baa-274e-464f-9528-c2e45ae56d0d.roa
Signing time: Fri 25 Apr 2025 18:10:06 +0000
ROA not before: Fri 25 Apr 2025 18:10:06 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:e040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:54:a5:b3:60:72:08:eb:c7:09:a9:a4:1e:4d:1c:20:83:0a:a2:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:10:06 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=ffc11fb405f516760009772fafc8c73d97e21a365c40ca665c7528351839a409, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:68:eb:04:53:07:06:42:fa:91:b5:b0:86:f8:
85:bb:57:40:c6:95:04:17:0b:67:19:92:7a:dd:f3:
e7:78:d0:1a:95:24:7e:24:30:fc:13:51:a1:b2:74:
68:8b:94:61:bb:1f:df:5d:80:41:30:95:55:86:a2:
c2:1a:f3:de:dd:a1:2f:b6:af:0c:62:44:e5:da:0a:
47:30:75:90:7a:ed:db:11:23:54:86:e0:a6:ca:7d:
ac:90:59:3a:ce:b6:83:8b:53:e4:b0:0d:54:9a:68:
5a:e0:84:bf:f2:23:8f:72:c7:fa:9b:71:62:c3:36:
e8:48:8a:a9:3d:85:fa:5b:86:b2:57:9e:67:52:6f:
55:5c:95:ae:8c:2a:6b:fa:69:dc:84:0c:50:63:f1:
c7:9c:31:77:26:4f:b3:a2:76:34:18:f8:67:b9:bf:
1a:5f:9d:84:f6:29:d9:ed:6d:05:8b:03:50:6b:ab:
94:af:30:6b:7e:d3:f9:5b:60:1d:2d:ac:3b:c1:79:
01:55:43:18:77:34:a7:4d:f4:5f:41:47:f3:3e:50:
a8:4f:07:d6:20:26:66:d0:b9:7f:52:dd:73:2e:5b:
cb:c0:11:32:a9:00:9c:5e:de:8a:7c:50:84:6a:77:
02:c1:8f:c6:9c:67:81:7f:46:e7:06:d1:c2:7d:7b:
ad:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:20:6E:19:65:F5:4C:54:9B:22:12:17:8A:24:35:1D:AF:67:A4:9C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/69802baa-274e-464f-9528-c2e45ae56d0d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:e040::/48
Signature Algorithm: sha256WithRSAEncryption
22:4c:d6:a0:f0:f9:41:fe:78:8a:d7:fb:3e:41:58:a9:9b:27:
09:ef:d2:1a:46:b1:c4:05:68:24:1f:8f:03:75:0d:0d:79:ed:
02:83:9e:cb:d8:48:50:6c:a3:fe:8f:b9:cd:5a:34:43:24:86:
aa:8c:e4:c8:86:65:b8:dc:16:cb:b7:f7:d4:50:94:81:f2:06:
07:68:99:63:ab:e7:70:3f:db:e1:ab:7b:a4:63:0c:07:76:60:
9c:4e:75:4a:6c:8b:f2:04:2b:17:e1:25:a2:1e:b0:31:9d:e3:
16:20:b5:54:28:20:25:e1:72:80:cf:8e:d5:ec:fc:d4:df:21:
a5:0a:99:e3:93:9f:3c:68:f1:10:ed:5f:f7:46:b8:4d:d2:2c:
8d:a2:02:1d:a2:45:41:ab:c3:85:7d:28:fd:65:5e:54:67:22:
7f:57:c6:37:22:a7:5a:b9:8d:93:15:1e:83:fb:6e:f2:45:40:
22:90:c4:7b:3d:91:61:e2:97:e2:8b:b9:bb:eb:5b:ca:75:ef:
eb:a6:31:d6:70:f0:1a:e2:6a:c2:95:d8:f9:c3:33:82:d3:c4:
52:3c:30:a6:b6:b2:f1:d2:d3:0a:0d:af:b0:98:e3:5a:a7:57:
5f:32:60:23:d5:04:e2:92:f3:4e:e7:0a:d6:4c:0a:d4:8d:df:
fd:83:49:44
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNFSls2ByCOvHCamkHk0cIIMKorkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODEwMDZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmYzExZmI0MDVmNTE2NzYwMDA5NzcyZmFmYzhjNzNkOTdlMjFhMzY1YzQw
Y2E2NjVjNzUyODM1MTgzOWE0MDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMxo6wRTBwZC+pG1sIb4hbtXQMaVBBcLZxmSet3z53jQGpUkfiQw/BNRobJ0
aIuUYbsf312AQTCVVYaiwhrz3t2hL7avDGJE5doKRzB1kHrt2xEjVIbgpsp9rJBZ
Os62g4tT5LANVJpoWuCEv/Ijj3LH+ptxYsM26EiKqT2F+luGsleeZ1JvVVyVrowq
a/pp3IQMUGPxx5wxdyZPs6J2NBj4Z7m/Gl+dhPYp2e1tBYsDUGurlK8wa37T+Vtg
HS2sO8F5AVVDGHc0p030X0FH8z5QqE8H1iAmZtC5f1Ldcy5by8ARMqkAnF7einxQ
hGp3AsGPxpxngX9G5wbRwn17rWUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS3IG4Z
ZfVMVJsiEheKJDUdr2eknDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Njk4MDJiYWEtMjc0ZS00NjRmLTk1MjgtYzJlNDVhZTU2ZDBkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HTg
QDANBgkqhkiG9w0BAQsFAAOCAQEAIkzWoPD5Qf54itf7PkFYqZsnCe/SGkaxxAVo
JB+PA3UNDXntAoOey9hIUGyj/o+5zVo0QySGqozkyIZluNwWy7f31FCUgfIGB2iZ
Y6vncD/b4at7pGMMB3ZgnE51SmyL8gQrF+Eloh6wMZ3jFiC1VCggJeFygM+O1ez8
1N8hpQqZ45OfPGjxEO1f90a4TdIsjaICHaJFQavDhX0o/WVeVGcif1fGNyKnWrmN
kxUeg/tu8kVAIpDEez2RYeKX4ou5u+tbynXv66Yx1nDwGuJqwpXY+cMzgtPEUjww
pray8dLTCg2vsJjjWqdXXzJgI9UE4pLzTucK1kwK1I3f/YNJRA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:27:09 2025 by rpki-client