Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6b4f5b06-ebd9-4673-8db1-8e72df99c996.roa
File: 6b4f5b06-ebd9-4673-8db1-8e72df99c996.roa (raw, json)
Hash identifier: sox8RjMW8hMUKgKVOa2np9OLwjZhugrZAjxewGQWRNU=
Subject key identifier: 44:DA:32:5F:83:28:9D:87:1E:A0:8F:73:0F:F6:19:C1:CF:7B:F4:49
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3F6A27ADBE15E8AA5A25C1F322CE79209F33E562
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6b4f5b06-ebd9-4673-8db1-8e72df99c996.roa
Signing time: Fri 25 Apr 2025 18:40:54 +0000
ROA not before: Fri 25 Apr 2025 18:40:54 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:2080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:6a:27:ad:be:15:e8:aa:5a:25:c1:f3:22:ce:79:20:9f:33:e5:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:40:54 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=07e12e76ff8d412545495a03c084ddef1704a121c1b7590a8714a0a8bac322cc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:26:58:a5:7e:92:56:b9:5a:7c:76:69:26:79:
94:cc:d2:a8:bc:1d:8b:03:b0:d5:e7:32:fa:d3:37:
12:19:72:a4:1f:d2:d5:e3:e0:d3:ff:13:3e:b4:0b:
65:46:34:6d:e0:50:c7:48:c5:0b:d1:92:2d:94:3b:
cb:36:d1:af:97:36:5b:db:c1:ac:31:06:b0:90:d3:
d2:94:ba:9f:43:ad:47:be:2d:a7:52:8d:c7:fe:ef:
e8:a8:40:d9:f5:a5:4c:13:a9:5a:e8:a8:5a:9e:6c:
46:02:d6:49:1c:24:e2:85:28:c1:60:54:df:50:fe:
6c:fe:61:53:8f:ce:75:09:96:15:04:d1:39:6a:92:
c1:01:a2:df:99:0b:28:f7:2c:e8:5e:35:06:75:a4:
a9:63:d9:15:da:ff:e0:50:20:01:7e:22:da:ce:96:
a0:a6:2b:82:f2:e7:e8:d9:9c:17:fe:07:53:72:6c:
a9:19:da:72:d8:2d:f4:c4:84:05:97:7b:f9:8a:b0:
fd:df:db:04:6f:d6:48:de:b3:32:72:4b:cd:c9:b1:
63:2c:b4:a7:42:da:24:cd:a5:6a:47:c4:cc:13:80:
3a:d4:c8:7b:26:cc:3c:7a:cc:8f:e6:d2:b2:71:6a:
b9:1c:d4:e2:1c:69:f1:a7:92:37:4a:79:f4:2a:8c:
db:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:DA:32:5F:83:28:9D:87:1E:A0:8F:73:0F:F6:19:C1:CF:7B:F4:49
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6b4f5b06-ebd9-4673-8db1-8e72df99c996.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:2080::/48
Signature Algorithm: sha256WithRSAEncryption
1a:16:fc:d6:46:09:5b:e8:7d:dc:51:ff:0e:3a:06:89:83:5a:
fd:83:4d:5c:52:10:12:03:27:fa:0a:f8:4f:4b:fa:2c:1b:a9:
c2:94:92:ea:c2:f9:e8:1d:c2:65:71:8a:83:46:54:2b:a8:27:
4b:ca:b2:67:70:e5:cb:5c:b4:c2:02:51:11:76:df:79:b7:22:
72:2b:a8:9e:eb:36:5a:bd:a0:ed:6b:e5:b4:4f:5b:23:b9:b2:
eb:4b:ee:d0:13:49:b0:ef:3c:bf:e2:6b:af:64:da:e1:ea:d6:
b3:7f:f6:23:6e:4d:b1:e3:01:7e:64:16:85:68:f0:72:a2:ea:
40:f8:d1:61:e4:94:29:3f:e4:cf:14:62:a9:6e:ad:a5:2e:2b:
f7:52:30:a0:27:36:5f:25:86:b8:8e:bb:4f:21:a6:45:b2:3a:
e9:03:eb:8c:c3:d0:60:98:bb:cf:66:ef:c0:dc:34:0e:cf:cb:
2f:80:4f:5f:71:e4:39:56:91:d3:10:f6:16:c1:7d:f7:1b:c1:
e8:14:2c:ac:0e:2a:88:f1:fe:79:35:1d:47:8e:d1:94:74:55:
f7:44:74:f4:6a:92:eb:8c:d0:cd:a3:9f:e7:c3:c9:b3:9a:f3:
48:21:9e:9c:f8:4f:cc:b9:d7:06:e6:4d:ba:a3:96:2e:62:d7:
68:e3:45:39
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUP2onrb4V6KpaJcHzIs55IJ8z5WIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODQwNTRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDA3ZTEyZTc2ZmY4ZDQxMjU0NTQ5NWEwM2MwODRkZGVmMTcwNGExMjFjMWI3
NTkwYTg3MTRhMGE4YmFjMzIyY2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJkmWKV+kla5Wnx2aSZ5lMzSqLwdiwOw1ecy+tM3EhlypB/S1ePg0/8TPrQL
ZUY0beBQx0jFC9GSLZQ7yzbRr5c2W9vBrDEGsJDT0pS6n0OtR74tp1KNx/7v6KhA
2fWlTBOpWuioWp5sRgLWSRwk4oUowWBU31D+bP5hU4/OdQmWFQTROWqSwQGi35kL
KPcs6F41BnWkqWPZFdr/4FAgAX4i2s6WoKYrgvLn6NmcF/4HU3JsqRnactgt9MSE
BZd7+Yqw/d/bBG/WSN6zMnJLzcmxYyy0p0LaJM2lakfEzBOAOtTIeybMPHrMj+bS
snFquRzU4hxp8aeSN0p59CqM2ycCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRE2jJf
gyidhx6gj3MP9hnBz3v0STAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmI0ZjViMDYtZWJkOS00NjczLThkYjEtOGU3MmRmOTljOTk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAg
gDANBgkqhkiG9w0BAQsFAAOCAQEAGhb81kYJW+h93FH/DjoGiYNa/YNNXFIQEgMn
+gr4T0v6LBupwpSS6sL56B3CZXGKg0ZUK6gnS8qyZ3Dly1y0wgJREXbfebciciuo
nus2Wr2g7WvltE9bI7my60vu0BNJsO88v+Jrr2Ta4erWs3/2I25NseMBfmQWhWjw
cqLqQPjRYeSUKT/kzxRiqW6tpS4r91IwoCc2XyWGuI67TyGmRbI66QPrjMPQYJi7
z2bvwNw0Ds/LL4BPX3HkOVaR0xD2FsF99xvB6BQsrA4qiPH+eTUdR47RlHRV90R0
9GqS64zQzaOf58PJs5rzSCGenPhPzLnXBuZNuqOWLmLXaONFOQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:45:06 2025 by rpki-client