Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e236a15-c957-4409-8a2a-3a19150d1b43.roa
File: 6e236a15-c957-4409-8a2a-3a19150d1b43.roa (raw, json)
Hash identifier: MW2LDMT2N1ouWh4FYRh7wj8lKuHLbIyhau85VrHOGis=
Subject key identifier: 66:FC:78:B6:DB:C3:AF:55:1C:1D:DE:B3:53:82:FC:5D:20:5B:02:E4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 48D68C9C56E6D89BEA7B05C295D02F7D313D6DE7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e236a15-c957-4409-8a2a-3a19150d1b43.roa
Signing time: Tue 15 Apr 2025 15:00:10 +0000
ROA not before: Tue 15 Apr 2025 15:00:10 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:d6:8c:9c:56:e6:d8:9b:ea:7b:05:c2:95:d0:2f:7d:31:3d:6d:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:00:10 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=b4c3c1375d4fec40464507e852e5a9d14598ee0fca0c409f22543d0dde193a9f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:1d:0f:8b:7f:9e:7d:6c:ba:32:41:f7:2e:27:
ed:e0:7f:72:03:e3:61:47:4c:6f:9b:96:55:58:e9:
30:84:fb:b8:09:83:8e:6c:53:b8:55:03:91:40:be:
31:e2:5f:e5:42:dc:b9:e3:ce:89:c5:77:79:0f:a8:
b6:05:70:af:0e:52:61:2c:fe:7e:ef:cf:cd:31:0c:
5f:54:ac:82:a8:31:ae:85:d0:69:c5:9f:bb:df:d8:
da:7d:fa:7e:ea:f9:a2:02:2d:b5:a8:6d:eb:5b:c5:
b1:fb:ea:31:4d:b8:1e:de:a6:68:cc:b1:39:17:a3:
2f:4f:fc:71:6f:d5:55:06:7b:d2:df:98:a4:9e:16:
e1:92:68:7d:6b:57:99:af:05:48:4c:22:70:7e:a0:
85:57:47:3c:de:d0:dd:83:9c:14:90:4a:f4:c8:dd:
80:64:a8:ce:3e:05:36:4c:bc:a2:8c:95:11:ba:15:
02:28:bc:b7:62:49:be:09:c0:c4:07:03:6a:47:d3:
6a:09:91:87:55:0d:6c:44:e5:fa:81:52:7b:9a:ba:
b7:07:85:db:a9:61:6a:41:d9:2f:ab:9e:58:10:50:
31:cd:30:d7:d0:bc:0c:7d:cd:85:b6:05:71:4b:31:
93:da:59:72:3a:70:9f:07:ed:05:e5:94:dd:b5:53:
c7:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:FC:78:B6:DB:C3:AF:55:1C:1D:DE:B3:53:82:FC:5D:20:5B:02:E4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e236a15-c957-4409-8a2a-3a19150d1b43.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:9000::/40
Signature Algorithm: sha256WithRSAEncryption
87:1f:b1:8c:95:cd:ce:db:f5:b4:50:25:ee:83:51:3c:74:3e:
85:84:86:fc:86:8d:9c:ea:e6:a2:99:7e:ab:ad:91:9a:96:da:
54:40:71:c9:55:45:cb:66:86:3b:94:5b:95:bf:88:ba:da:27:
e3:2d:b1:a0:6e:23:99:c6:ad:d5:3c:56:eb:4b:a7:f0:33:8c:
84:7c:e2:73:fb:77:75:18:a2:6b:d3:c4:76:16:f1:c5:76:36:
e1:69:3a:86:f6:d9:7d:b3:c6:57:f6:c1:60:36:ae:65:59:76:
24:9f:66:ad:8b:46:4f:e5:e3:d8:e7:89:fd:c2:3f:14:04:0b:
fc:2b:ab:76:1b:ee:b8:c5:22:a4:0e:4c:a0:c9:68:6a:c7:03:
0a:ba:14:4c:41:01:fa:82:23:d5:2e:f2:43:d1:39:dd:29:d2:
6e:10:22:8c:0d:b3:c1:52:5a:e6:85:8a:a0:1f:bf:39:7f:20:
4c:de:87:f0:7f:90:23:a6:36:3f:1b:da:3e:81:91:08:40:4c:
96:e9:89:99:ce:3c:d8:b2:7f:ca:db:86:fd:cb:52:8b:70:e3:
3e:a9:6c:d6:5a:12:35:37:e6:5f:a5:1f:d3:d3:7c:8b:a3:61:
77:ad:38:56:b4:61:f1:d6:02:9f:84:f6:e7:f2:f6:7a:f2:1b:
30:89:cc:e0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSNaMnFbm2JvqewXCldAvfTE9becwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTAwMTBaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGI0YzNjMTM3NWQ0ZmVjNDA0NjQ1MDdlODUyZTVhOWQxNDU5OGVlMGZjYTBj
NDA5ZjIyNTQzZDBkZGUxOTNhOWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIkdD4t/nn1sujJB9y4n7eB/cgPjYUdMb5uWVVjpMIT7uAmDjmxTuFUDkUC+
MeJf5ULcuePOicV3eQ+otgVwrw5SYSz+fu/PzTEMX1SsgqgxroXQacWfu9/Y2n36
fur5ogIttaht61vFsfvqMU24Ht6maMyxORejL0/8cW/VVQZ70t+YpJ4W4ZJofWtX
ma8FSEwicH6ghVdHPN7Q3YOcFJBK9MjdgGSozj4FNky8ooyVEboVAii8t2JJvgnA
xAcDakfTagmRh1UNbETl+oFSe5q6tweF26lhakHZL6ueWBBQMc0w19C8DH3NhbYF
cUsxk9pZcjpwnwftBeWU3bVTx78CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRm/Hi2
28OvVRwd3rNTgvxdIFsC5DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmUyMzZhMTUtYzk1Ny00NDA5LThhMmEtM2ExOTE1MGQxYjQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCHH7GMlc3O2/W0UCXug1E8dD6FhIb8ho2c6uai
mX6rrZGaltpUQHHJVUXLZoY7lFuVv4i62ifjLbGgbiOZxq3VPFbrS6fwM4yEfOJz
+3d1GKJr08R2FvHFdjbhaTqG9tl9s8ZX9sFgNq5lWXYkn2ati0ZP5ePY54n9wj8U
BAv8K6t2G+64xSKkDkygyWhqxwMKuhRMQQH6giPVLvJD0TndKdJuECKMDbPBUlrm
hYqgH785fyBM3ofwf5AjpjY/G9o+gZEIQEyW6YmZzjzYsn/K24b9y1KLcOM+qWzW
WhI1N+ZfpR/T03yLo2F3rThWtGHx1gKfhPbn8vZ68hswiczg
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:44 2025 by rpki-client