Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6bd3f603-c189-489c-bdf5-631b47b2cd39.roa
File: 6bd3f603-c189-489c-bdf5-631b47b2cd39.roa (raw, json)
Hash identifier: toAvR3WgaoLQ66lt4e1XJ45y05/NWuUBcOY2JI2xtNU=
Subject key identifier: 85:AB:8F:4E:28:36:CF:3E:2F:08:E8:A1:D2:00:1E:88:CB:60:F7:8F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 07CB00605DF78C3C6D5B20530EEC1A1D53BEE725
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6bd3f603-c189-489c-bdf5-631b47b2cd39.roa
Signing time: Fri 25 Apr 2025 18:10:40 +0000
ROA not before: Fri 25 Apr 2025 18:10:40 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:cb:00:60:5d:f7:8c:3c:6d:5b:20:53:0e:ec:1a:1d:53:be:e7:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:10:40 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=fcc248fe8601fc372eef6ac6ef472bfc433bf206ff2dd60be11f76f0c7edf963, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a8:0a:2f:f2:9f:8c:5a:87:aa:54:63:21:85:
06:33:98:d1:5b:d9:3f:7b:3b:df:b4:ee:48:9b:74:
60:f3:d7:ac:e8:5a:82:05:74:14:4b:16:e7:d2:f4:
37:70:10:41:b9:e3:57:02:30:01:38:90:62:26:1e:
88:b6:79:c6:8f:1d:76:ff:7a:58:4c:28:94:2e:4c:
1f:43:4f:52:77:1e:2e:db:a3:45:03:c2:37:92:24:
7b:82:ec:e9:c2:6a:54:1e:98:e3:46:3e:4b:53:84:
f7:d4:e3:b0:4b:31:6e:e8:1c:eb:40:e7:3d:13:27:
25:4c:f0:48:f9:c1:07:83:e6:b6:2d:19:0d:b3:3c:
73:dc:5d:13:87:fd:03:d9:7e:52:b8:79:92:09:8d:
a0:f1:89:4a:fb:4c:c7:98:87:53:cb:40:1d:62:7e:
95:7b:cb:b0:e6:1f:fa:4a:a7:1f:d7:af:ea:e7:2e:
2a:de:70:81:d8:b8:8d:59:e8:36:c5:88:4a:8e:2d:
e9:91:db:d6:11:2f:5b:9f:6a:e4:47:16:b5:2b:0b:
cb:4d:e4:a7:8f:08:72:78:b9:39:b7:2e:8d:8c:e7:
ee:15:c7:23:27:fa:56:2d:82:1f:2d:ca:72:38:36:
d1:3f:a7:22:17:9f:23:9d:58:55:5b:da:d5:26:66:
79:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:AB:8F:4E:28:36:CF:3E:2F:08:E8:A1:D2:00:1E:88:CB:60:F7:8F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6bd3f603-c189-489c-bdf5-631b47b2cd39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
3e:16:a5:8c:39:91:f7:cd:e3:f0:c0:c0:d3:74:80:b0:46:99:
1f:1c:11:d7:3c:a9:d3:4a:56:56:e4:b8:08:71:90:a4:67:c8:
6a:d6:2e:5c:82:ab:27:85:3c:3a:31:89:45:0f:4e:36:79:fd:
90:29:bc:3c:de:58:9d:a1:26:1e:01:6a:9f:8d:e2:26:5d:fd:
9b:55:eb:39:63:2d:97:83:0a:d3:8b:bb:97:5b:52:8a:8c:5e:
f8:09:cf:09:77:23:69:de:03:e9:bb:de:6f:0d:44:91:8e:f6:
75:d0:95:08:f1:d5:d1:6f:b3:3a:ba:c3:be:d6:e7:1f:c3:40:
3a:e7:94:f6:28:0d:ea:61:9d:cb:ea:f2:7b:55:6b:29:4c:eb:
15:72:02:b0:ab:03:36:aa:a0:87:4e:f6:b0:85:3e:45:b5:89:
5c:2d:3d:24:73:ba:99:c1:76:a7:55:9b:45:fb:5b:e8:b7:f2:
e8:24:30:b3:07:bb:c6:ad:eb:35:7f:3e:6f:6d:fa:0f:34:84:
03:17:74:ec:d5:24:2d:c9:51:b4:e6:09:0a:39:50:c0:26:37:
a1:2b:df:58:9f:b0:03:42:01:63:b2:a7:01:b2:c6:83:7c:61:
b5:b6:ad:37:ed:12:86:2b:5d:32:ca:ad:cb:2e:fc:80:0b:c3:
39:38:97:08
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUB8sAYF33jDxtWyBTDuwaHVO+5yUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODEwNDBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjYzI0OGZlODYwMWZjMzcyZWVmNmFjNmVmNDcyYmZjNDMzYmYyMDZmZjJk
ZDYwYmUxMWY3NmYwYzdlZGY5NjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALeoCi/yn4xah6pUYyGFBjOY0VvZP3s737TuSJt0YPPXrOhaggV0FEsW59L0
N3AQQbnjVwIwATiQYiYeiLZ5xo8ddv96WEwolC5MH0NPUnceLtujRQPCN5Ike4Ls
6cJqVB6Y40Y+S1OE99TjsEsxbugc60DnPRMnJUzwSPnBB4Pmti0ZDbM8c9xdE4f9
A9l+Urh5kgmNoPGJSvtMx5iHU8tAHWJ+lXvLsOYf+kqnH9ev6ucuKt5wgdi4jVno
NsWISo4t6ZHb1hEvW59q5EcWtSsLy03kp48Icni5ObcujYzn7hXHIyf6Vi2CHy3K
cjg20T+nIhefI51YVVva1SZmecUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSFq49O
KDbPPi8I6KHSAB6Iy2D3jzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmJkM2Y2MDMtYzE4OS00ODljLWJkZjUtNjMxYjQ3YjJjZDM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGA
wDANBgkqhkiG9w0BAQsFAAOCAQEAPhaljDmR983j8MDA03SAsEaZHxwR1zyp00pW
VuS4CHGQpGfIatYuXIKrJ4U8OjGJRQ9ONnn9kCm8PN5YnaEmHgFqn43iJl39m1Xr
OWMtl4MK04u7l1tSioxe+AnPCXcjad4D6bvebw1EkY72ddCVCPHV0W+zOrrDvtbn
H8NAOueU9igN6mGdy+rye1VrKUzrFXICsKsDNqqgh072sIU+RbWJXC09JHO6mcF2
p1WbRftb6Lfy6CQwswe7xq3rNX8+b236DzSEAxd07NUkLclRtOYJCjlQwCY3oSvf
WJ+wA0IBY7KnAbLGg3xhtbatN+0ShitdMsqtyy78gAvDOTiXCA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:50 2025 by rpki-client