Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ec34216-a73a-4f02-b92a-08993431272e.roa
File: 6ec34216-a73a-4f02-b92a-08993431272e.roa (raw, json)
Hash identifier: qG1lCvnXz+O6e7hLDr4pTIajSUqy2gqp+CfNaNRnU7Q=
Subject key identifier: 8C:26:93:7E:17:A0:DE:34:A2:E6:11:90:44:B8:5E:56:14:7F:6A:A0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2ABA8D63BFC47498EDB9EEE910C29E391C2B9B4A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ec34216-a73a-4f02-b92a-08993431272e.roa
Signing time: Fri 25 Apr 2025 19:20:15 +0000
ROA not before: Fri 25 Apr 2025 19:20:15 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:e080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:ba:8d:63:bf:c4:74:98:ed:b9:ee:e9:10:c2:9e:39:1c:2b:9b:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:20:15 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=46a31fb3f4ee59a6905d68e94a15af381b06b8f853e326712d433acbe19f035f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a1:66:a9:bd:3a:49:d3:cc:9e:ff:13:cc:91:
d1:48:48:b3:53:4b:6b:78:fb:a9:56:75:96:43:9a:
47:93:a5:1a:83:fa:ea:9b:32:29:e6:29:9d:79:de:
fa:05:1d:7c:d5:e4:5c:a3:ce:24:c6:a0:ae:1a:aa:
aa:fa:9e:e2:e0:7a:0c:3a:47:2e:8a:89:cd:91:fb:
30:71:23:89:00:c1:13:24:1b:fa:23:54:2e:bd:4f:
a5:15:d1:dd:90:da:0b:35:6c:82:f0:a7:15:c0:a2:
19:6c:a4:58:1c:4a:5e:93:d0:d8:28:ba:d5:19:52:
9d:dd:4e:7e:c3:eb:6a:b6:e8:cd:f0:25:47:27:48:
59:39:60:97:9f:89:88:23:e3:94:5f:01:a5:2d:dc:
4e:6c:35:f1:75:76:e4:46:6a:e1:a4:19:bc:f2:4b:
cc:71:89:b2:d1:3a:26:ab:58:57:e9:0d:83:63:42:
6d:6b:03:8e:72:1f:29:8e:40:3a:a4:2b:46:48:a6:
1c:e2:0a:54:fe:74:b3:03:d8:66:08:60:1f:73:1a:
e4:05:d6:5f:8d:b0:ab:69:7b:95:fa:57:5c:70:88:
7f:b9:8a:f3:05:85:23:1c:db:ef:87:57:ab:36:f2:
f3:b0:c1:31:12:d5:53:1d:65:1d:2f:ab:52:5d:18:
eb:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:26:93:7E:17:A0:DE:34:A2:E6:11:90:44:B8:5E:56:14:7F:6A:A0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ec34216-a73a-4f02-b92a-08993431272e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:e080::/46
Signature Algorithm: sha256WithRSAEncryption
51:86:5b:3d:4f:6a:18:48:e8:fa:c7:a5:30:24:3e:71:7e:0d:
d6:ca:94:89:51:ce:e9:2e:f0:53:bd:18:13:26:40:dd:67:1e:
66:30:3f:ea:e1:80:11:4d:12:54:20:07:4c:28:2a:c1:dd:4e:
14:49:5e:70:3b:fc:e7:78:7b:0a:d2:0f:87:d9:2d:6f:09:4a:
9d:d5:ee:18:c8:bc:8f:30:d0:df:fc:69:35:c5:2e:c7:25:e4:
f7:74:b1:d6:78:4b:db:a2:2f:a5:98:f5:35:7f:ca:2e:c9:4a:
83:b6:d0:82:3a:8c:28:91:a4:62:06:83:b6:ea:89:67:90:b6:
e9:b2:b1:40:a1:83:4a:56:a7:fc:47:02:42:c2:8b:5e:13:d0:
63:59:d2:6c:c3:2c:24:48:20:17:a8:e6:68:c8:ba:8b:9e:d6:
ac:c0:cf:49:c9:7c:b1:a8:08:8b:81:36:7c:18:33:59:3c:be:
b3:5e:35:b4:9f:c9:08:f4:0a:ee:f8:03:5d:6e:7e:fe:31:a5:
ab:8a:11:ff:37:3e:63:e1:b8:0a:a3:12:7d:31:88:9b:85:f4:
1c:e5:96:a9:d8:d6:b5:b3:b4:72:38:a6:b7:2e:b8:d3:64:96:
0d:7b:91:4d:6f:6d:ba:6b:d5:77:eb:d8:30:21:cd:b4:87:43:
5d:6c:8c:d6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKrqNY7/EdJjtue7pEMKeORwrm0owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTIwMTVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2YTMxZmIzZjRlZTU5YTY5MDVkNjhlOTRhMTVhZjM4MWIwNmI4Zjg1M2Uz
MjY3MTJkNDMzYWNiZTE5ZjAzNWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMqhZqm9OknTzJ7/E8yR0UhIs1NLa3j7qVZ1lkOaR5OlGoP66psyKeYpnXne
+gUdfNXkXKPOJMagrhqqqvqe4uB6DDpHLoqJzZH7MHEjiQDBEyQb+iNULr1PpRXR
3ZDaCzVsgvCnFcCiGWykWBxKXpPQ2Ci61RlSnd1OfsPrarbozfAlRydIWTlgl5+J
iCPjlF8BpS3cTmw18XV25EZq4aQZvPJLzHGJstE6JqtYV+kNg2NCbWsDjnIfKY5A
OqQrRkimHOIKVP50swPYZghgH3Ma5AXWX42wq2l7lfpXXHCIf7mK8wWFIxzb74dX
qzby87DBMRLVUx1lHS+rUl0Y68sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSMJpN+
F6DeNKLmEZBEuF5WFH9qoDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmVjMzQyMTYtYTczYS00ZjAyLWI5MmEtMDg5OTM0MzEyNzJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hvg
gDANBgkqhkiG9w0BAQsFAAOCAQEAUYZbPU9qGEjo+selMCQ+cX4N1sqUiVHO6S7w
U70YEyZA3WceZjA/6uGAEU0SVCAHTCgqwd1OFElecDv853h7CtIPh9ktbwlKndXu
GMi8jzDQ3/xpNcUuxyXk93Sx1nhL26IvpZj1NX/KLslKg7bQgjqMKJGkYgaDtuqJ
Z5C26bKxQKGDSlan/EcCQsKLXhPQY1nSbMMsJEggF6jmaMi6i57WrMDPScl8sagI
i4E2fBgzWTy+s141tJ/JCPQK7vgDXW5+/jGlq4oR/zc+Y+G4CqMSfTGIm4X0HOWW
qdjWtbO0cjimty6402SWDXuRTW9tumvVd+vYMCHNtIdDXWyM1g==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:26 2025 by rpki-client