Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6cb31e0d-b014-41fb-b9bc-681b27340ffe.roa
File: 6cb31e0d-b014-41fb-b9bc-681b27340ffe.roa (raw, json)
Hash identifier: e/LgyywvErtM/WIZMY4xDgdt6UBng+6hRMN4MtbSd58=
Subject key identifier: 5C:50:D7:07:C4:AE:69:66:27:D0:77:9D:E9:A5:76:FD:AE:16:79:C9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 203B91FC651AE60F4CE2AE15C8F4EC6E53B95E11
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6cb31e0d-b014-41fb-b9bc-681b27340ffe.roa
Signing time: Thu 17 Apr 2025 20:36:53 +0000
ROA not before: Thu 17 Apr 2025 20:36:53 +0000
ROA not after: Thu 22 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05b:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:3b:91:fc:65:1a:e6:0f:4c:e2:ae:15:c8:f4:ec:6e:53:b9:5e:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 20:36:53 2025 GMT
Not After : May 22 23:59:59 2025 GMT
Subject: serialNumber=0fab98158bdef7cb302dce12656c676ad16dfc84e97c821c15f05286a363c39f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1d:d5:b8:28:d9:a0:37:8d:71:f6:c8:8c:fa:
0c:49:99:b3:65:67:94:54:39:2b:e7:a3:3c:17:7d:
fe:22:a5:5a:fc:fe:07:76:27:f3:d2:43:cd:43:7e:
aa:bc:00:2b:1e:37:b1:2a:a3:4a:f1:60:04:d7:aa:
21:f5:86:33:1c:ad:96:4d:2e:83:32:d4:91:76:ad:
db:26:d8:27:c1:5a:00:7f:76:3a:2f:f6:a4:73:1b:
ee:f5:f2:d7:fb:0a:c8:cb:c1:99:3c:3f:5e:d3:bc:
ef:e5:40:92:25:8b:5f:99:93:1a:cd:e1:21:98:bd:
64:9a:87:92:b6:ed:f0:10:4c:01:3a:c8:0e:f1:01:
2d:a2:06:41:61:a4:88:33:f4:ef:a2:2f:09:d4:f2:
2a:a0:80:d9:d6:89:5c:d1:61:b3:2c:e6:8e:57:97:
c6:2c:83:61:af:d4:07:f4:48:7c:bf:61:87:4c:12:
19:16:05:1b:0a:0d:cc:d7:af:e6:62:d9:32:ee:e7:
33:11:36:5e:e8:df:cb:5e:0d:29:92:b3:09:54:e4:
30:5f:24:8d:da:9f:62:4d:7e:0c:22:9f:4a:ab:fe:
ea:25:6f:68:5e:8c:3e:26:40:ea:a1:08:15:c1:c2:
63:dd:e8:40:f9:7f:f9:aa:73:db:96:2d:d1:40:99:
ce:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:50:D7:07:C4:AE:69:66:27:D0:77:9D:E9:A5:76:FD:AE:16:79:C9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6cb31e0d-b014-41fb-b9bc-681b27340ffe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05b:c000::/40
Signature Algorithm: sha256WithRSAEncryption
b4:41:11:0d:e1:fe:79:a5:e4:b4:85:40:73:92:12:6c:48:1e:
8e:34:13:f0:2b:34:06:44:78:30:dd:97:ce:4d:08:6f:9b:96:
16:fc:08:24:92:cd:11:df:30:4f:fe:d7:d9:10:f7:b6:37:b1:
f9:51:5e:0c:cb:96:ed:cf:95:e2:2e:d5:62:94:04:61:50:34:
43:c2:a3:96:2c:62:d5:73:9c:cd:fe:8b:bc:7b:1a:47:36:af:
7a:c4:f4:9a:ec:5d:7a:8b:cc:6e:10:ad:a2:61:8d:5a:db:b6:
52:17:8e:0a:c5:81:9c:1f:b9:c0:4b:2a:cd:b5:30:cf:51:56:
45:a6:94:1b:6a:bd:11:9f:33:30:26:7e:28:4f:e3:2f:35:c8:
9a:da:aa:08:c8:f1:c8:75:49:bd:39:f3:d7:fa:2a:8d:e2:a1:
4e:f3:9c:61:61:8b:06:eb:22:fd:dd:74:da:e2:ce:2b:b5:2c:
02:f3:89:93:ee:bf:39:b3:2c:2f:eb:a3:b2:f3:9c:94:9b:66:
1e:61:8a:80:af:ba:a9:17:de:93:7d:58:9b:90:d0:19:9b:cf:
05:26:9e:57:a9:a4:36:99:bc:8e:5a:4b:2c:15:4f:7c:9d:a7:
20:bd:3d:cf:97:b0:66:45:87:98:f5:0e:d5:79:40:7e:d6:91:
d4:34:d5:84
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIDuR/GUa5g9M4q4VyPTsblO5XhEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTcyMDM2NTNaFw0yNTA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDBmYWI5ODE1OGJkZWY3Y2IzMDJkY2UxMjY1NmM2NzZhZDE2ZGZjODRlOTdj
ODIxYzE1ZjA1Mjg2YTM2M2MzOWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALMd1bgo2aA3jXH2yIz6DEmZs2VnlFQ5K+ejPBd9/iKlWvz+B3Yn89JDzUN+
qrwAKx43sSqjSvFgBNeqIfWGMxytlk0ugzLUkXat2ybYJ8FaAH92Oi/2pHMb7vXy
1/sKyMvBmTw/XtO87+VAkiWLX5mTGs3hIZi9ZJqHkrbt8BBMATrIDvEBLaIGQWGk
iDP076IvCdTyKqCA2daJXNFhsyzmjleXxiyDYa/UB/RIfL9hh0wSGRYFGwoNzNev
5mLZMu7nMxE2Xujfy14NKZKzCVTkMF8kjdqfYk1+DCKfSqv+6iVvaF6MPiZA6qEI
FcHCY93oQPl/+apz25Yt0UCZzvsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRcUNcH
xK5pZifQd53ppXb9rhZ5yTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmNiMzFlMGQtYjAxNC00MWZiLWI5YmMtNjgxYjI3MzQwZmZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FvA
MA0GCSqGSIb3DQEBCwUAA4IBAQC0QREN4f55peS0hUBzkhJsSB6ONBPwKzQGRHgw
3ZfOTQhvm5YW/Agkks0R3zBP/tfZEPe2N7H5UV4My5btz5XiLtVilARhUDRDwqOW
LGLVc5zN/ou8expHNq96xPSa7F16i8xuEK2iYY1a27ZSF44KxYGcH7nASyrNtTDP
UVZFppQbar0RnzMwJn4oT+MvNcia2qoIyPHIdUm9OfPX+iqN4qFO85xhYYsG6yL9
3XTa4s4rtSwC84mT7r85sywv66Oy85yUm2YeYYqAr7qpF96TfVibkNAZm88FJp5X
qaQ2mbyOWkssFU98nacgvT3Pl7BmRYeY9Q7VeUB+1pHUNNWE
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:41 2025 by rpki-client