Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a2f7401-8559-4633-8579-cca77d6fa971.roa
File: 6a2f7401-8559-4633-8579-cca77d6fa971.roa (raw, json)
Hash identifier: 7CbQTG9DZ08XXlf0Ett2vhx+JuBPiinxNvXwYJLF/7w=
Subject key identifier: CF:3F:98:B9:88:FA:43:D7:A4:4F:81:52:20:70:6C:4D:0B:82:01:9F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1884FFAE9641C92E6FACB1986254CC7134EB60A0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a2f7401-8559-4633-8579-cca77d6fa971.roa
Signing time: Fri 25 Apr 2025 20:21:11 +0000
ROA not before: Fri 25 Apr 2025 20:21:11 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01a::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:84:ff:ae:96:41:c9:2e:6f:ac:b1:98:62:54:cc:71:34:eb:60:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:21:11 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=b6a3e47f7bef33d0b72985b548ee3565da08faee0af9ce0b8d12edf0f10d062f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:74:58:b0:6c:4e:07:95:1f:b0:cc:00:c5:95:
aa:d5:74:20:57:3b:1c:11:fd:32:b3:04:f4:49:a0:
46:51:1c:78:6c:f1:0b:aa:3b:43:a1:d0:ea:00:70:
ef:db:73:e4:90:2b:60:f7:23:af:15:0d:46:96:2b:
bd:71:a8:f4:03:c4:a5:23:01:4f:88:7d:ed:55:d7:
28:57:79:18:39:ca:45:68:d8:13:da:d5:9b:6c:12:
6d:63:60:64:a3:96:2b:64:70:51:a6:dc:00:5c:27:
f9:ad:08:b1:e7:21:a5:75:e8:51:f0:b1:13:88:ed:
57:fa:51:4b:50:73:aa:75:ab:59:8a:a6:b7:45:bd:
24:e1:06:2b:94:b4:13:14:b6:49:5c:3c:70:73:54:
27:97:f7:e8:83:b3:ed:52:7c:cf:15:20:e5:db:ed:
5e:ce:42:31:fb:76:e4:7b:4b:34:cf:dc:b8:49:86:
fc:1c:ea:96:ae:ed:38:be:11:64:97:d8:2e:a8:43:
98:e7:df:e7:a8:fa:b9:ce:0c:4f:eb:56:31:3a:f4:
3f:0c:fe:6b:3e:d8:df:8e:ad:22:f5:e1:22:7a:f7:
82:78:0f:b8:1f:d8:a3:91:94:2b:b2:e4:cf:04:c2:
45:3b:78:da:f3:48:f4:b3:e0:32:59:b8:fc:63:5a:
fe:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:3F:98:B9:88:FA:43:D7:A4:4F:81:52:20:70:6C:4D:0B:82:01:9F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a2f7401-8559-4633-8579-cca77d6fa971.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01a::/36
Signature Algorithm: sha256WithRSAEncryption
94:70:c9:ac:92:66:5c:56:84:e2:4e:71:de:4b:e5:8e:59:82:
2c:2f:64:73:0d:3a:0d:5e:65:88:da:fe:3f:fa:ff:f5:fe:95:
88:ee:31:cb:bb:9e:0e:1f:d7:9f:1e:8d:3b:cd:4d:5c:dd:3d:
86:48:b5:f8:2b:66:b3:72:45:c2:25:4e:a7:e3:63:25:ac:10:
25:9c:34:b2:0b:87:bf:32:e7:af:22:18:cf:e2:6e:0c:d0:70:
04:d5:aa:ad:2a:3b:b2:e6:18:ac:67:ce:56:05:0e:cc:18:bb:
da:b6:8b:b7:e0:19:2b:7d:d6:c8:dd:d7:b0:51:47:15:27:0c:
43:99:ac:a2:b6:04:1a:99:03:24:ee:fb:d8:fc:17:e4:53:dd:
93:d5:28:a1:1c:67:d5:5f:5b:44:60:b0:ae:bf:47:93:f1:db:
31:ed:5a:51:a1:3d:8f:23:43:77:dd:16:59:50:8f:57:cb:bf:
49:11:cb:1d:7e:a2:8a:8f:1f:c0:a1:95:b7:ed:ee:53:c9:83:
df:0a:08:7c:b4:6b:05:ce:72:bb:6c:5d:ff:c8:cb:5a:bb:cd:
d6:8e:2f:f3:c5:bf:c9:63:f3:fa:74:d1:cc:54:98:a0:ea:93:
07:72:2d:cd:33:ba:87:1d:74:c7:7f:8d:f1:26:26:60:70:25:
32:42:82:1d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGIT/rpZByS5vrLGYYlTMcTTrYKAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDIxMTFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGI2YTNlNDdmN2JlZjMzZDBiNzI5ODViNTQ4ZWUzNTY1ZGEwOGZhZWUwYWY5
Y2UwYjhkMTJlZGYwZjEwZDA2MmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ90WLBsTgeVH7DMAMWVqtV0IFc7HBH9MrME9EmgRlEceGzxC6o7Q6HQ6gBw
79tz5JArYPcjrxUNRpYrvXGo9APEpSMBT4h97VXXKFd5GDnKRWjYE9rVm2wSbWNg
ZKOWK2RwUabcAFwn+a0IsechpXXoUfCxE4jtV/pRS1BzqnWrWYqmt0W9JOEGK5S0
ExS2SVw8cHNUJ5f36IOz7VJ8zxUg5dvtXs5CMft25HtLNM/cuEmG/Bzqlq7tOL4R
ZJfYLqhDmOff56j6uc4MT+tWMTr0Pwz+az7Y346tIvXhInr3gngPuB/Yo5GUK7Lk
zwTCRTt42vNI9LPgMlm4/GNa/gsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTPP5i5
iPpD16RPgVIgcGxNC4IBnzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmEyZjc0MDEtODU1OS00NjMzLTg1NzktY2NhNzdkNmZhOTcxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BoA
MA0GCSqGSIb3DQEBCwUAA4IBAQCUcMmskmZcVoTiTnHeS+WOWYIsL2RzDToNXmWI
2v4/+v/1/pWI7jHLu54OH9efHo07zU1c3T2GSLX4K2azckXCJU6n42MlrBAlnDSy
C4e/MuevIhjP4m4M0HAE1aqtKjuy5hisZ85WBQ7MGLvatou34BkrfdbI3dewUUcV
JwxDmayitgQamQMk7vvY/BfkU92T1SihHGfVX1tEYLCuv0eT8dsx7VpRoT2PI0N3
3RZZUI9Xy79JEcsdfqKKjx/AoZW37e5TyYPfCgh8tGsFznK7bF3/yMtau83Wji/z
xb/JY/P6dNHMVJig6pMHci3NM7qHHXTHf43xJiZgcCUyQoId
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:48:45 2025 by rpki-client