Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f78d89d-1d32-4176-8f3e-9966f674843e.roa
File: 6f78d89d-1d32-4176-8f3e-9966f674843e.roa (raw, json)
Hash identifier: pYyyqpL2wGhjpxu5s01j64xf9FFees2ExekogJLoYKs=
Subject key identifier: 08:65:84:B4:9E:88:2C:7D:EC:DD:62:E5:B4:0F:C9:65:F8:10:C3:95
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3B00C2A841553A431CE9934F2476E0940E4926E8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f78d89d-1d32-4176-8f3e-9966f674843e.roa
Signing time: Fri 25 Apr 2025 20:10:35 +0000
ROA not before: Fri 25 Apr 2025 20:10:35 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:00:c2:a8:41:55:3a:43:1c:e9:93:4f:24:76:e0:94:0e:49:26:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:10:35 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=594c0d1dc5c8cfa2f35f11f711e1b97304f4dbc110ac3308bb48aea381463217, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:48:de:c7:29:ae:ee:84:ae:97:ce:e5:18:a1:
96:18:b2:04:72:96:41:38:fb:1e:a6:19:67:f3:77:
17:ff:9a:e7:9c:40:36:a3:1f:47:49:5f:bb:4e:a6:
bb:45:38:cc:d8:d4:73:d1:c0:10:8c:1e:20:03:58:
f9:7f:09:25:ed:b7:0b:ae:1c:5b:de:d4:55:0c:6b:
ee:04:d2:9b:30:35:8e:df:fb:b1:30:2f:22:76:24:
71:47:8b:4a:bb:1f:4e:1c:11:7b:10:32:a3:9f:30:
4e:c4:13:e7:e9:37:cf:aa:59:1f:3c:d4:80:0a:83:
e5:a2:29:29:6f:40:b2:a4:67:e2:08:d7:08:82:c9:
21:6f:2c:e3:f2:8d:9e:84:9c:5d:ea:f1:f0:fc:fa:
48:98:ea:28:6b:1f:0c:3c:28:aa:be:0b:70:89:21:
1f:28:f7:02:ba:1a:f2:70:bf:c8:6c:e1:bc:a3:55:
49:76:bb:41:4e:14:87:72:ee:c8:11:49:38:ce:2b:
78:b7:e7:a9:4e:b9:2c:35:b7:f6:03:99:88:7a:ff:
a1:2e:35:35:5e:df:ab:5c:c8:94:52:28:f1:76:7e:
d3:3c:5e:c8:65:b8:bd:6f:16:a1:79:71:22:e8:69:
c5:c4:c6:94:cd:21:c7:4e:63:ae:eb:4d:72:78:8d:
29:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:65:84:B4:9E:88:2C:7D:EC:DD:62:E5:B4:0F:C9:65:F8:10:C3:95
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f78d89d-1d32-4176-8f3e-9966f674843e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071::/32
Signature Algorithm: sha256WithRSAEncryption
39:df:f4:10:ec:b7:10:94:8f:67:7f:59:6b:43:0e:a7:24:1d:
84:29:51:5f:b5:9c:8f:90:ab:df:cf:44:32:27:50:50:3e:18:
5d:34:9f:69:54:df:f8:f1:8b:66:f6:0c:03:a1:f4:26:87:b5:
d6:cc:a6:f8:b2:12:75:2f:8c:7a:2d:94:10:9b:ed:7a:91:8e:
23:6d:44:98:db:80:47:64:e0:8c:6d:12:d8:b8:81:1e:4b:2f:
e2:96:e3:5f:f8:a6:a9:5c:4d:40:bc:d5:2e:e1:2c:1e:0d:1b:
a6:6b:3a:d0:ac:9f:d2:bc:cc:d5:9f:1f:50:a6:88:71:88:4b:
fe:3a:2b:14:8e:1d:e5:61:64:71:e2:9c:76:e6:0a:f7:e1:d0:
88:f1:01:1e:f8:60:27:6e:ec:bb:df:a5:63:2b:d0:3b:58:1d:
99:d0:03:0b:f7:d9:eb:8a:17:45:e3:85:9f:1e:9d:d3:fe:42:
ef:2d:b1:63:41:2f:7e:62:02:5c:92:1b:ae:fd:9c:62:19:e7:
ff:28:2d:7e:91:91:03:23:bc:26:02:9b:cb:4f:ac:de:18:e2:
79:a5:0e:9e:c6:e0:4b:39:71:8d:72:cb:6e:3f:66:7d:53:bf:
f4:a7:ee:52:10:35:03:dc:ea:68:84:ba:65:93:1f:db:04:36:
d3:12:a6:1c
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUOwDCqEFVOkMc6ZNPJHbglA5JJugwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDEwMzVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5NGMwZDFkYzVjOGNmYTJmMzVmMTFmNzExZTFiOTczMDRmNGRiYzExMGFj
MzMwOGJiNDhhZWEzODE0NjMyMTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZI3scpru6ErpfO5RihlhiyBHKWQTj7HqYZZ/N3F/+a55xANqMfR0lfu06m
u0U4zNjUc9HAEIweIANY+X8JJe23C64cW97UVQxr7gTSmzA1jt/7sTAvInYkcUeL
SrsfThwRexAyo58wTsQT5+k3z6pZHzzUgAqD5aIpKW9AsqRn4gjXCILJIW8s4/KN
noScXerx8Pz6SJjqKGsfDDwoqr4LcIkhHyj3Aroa8nC/yGzhvKNVSXa7QU4Uh3Lu
yBFJOM4reLfnqU65LDW39gOZiHr/oS41NV7fq1zIlFIo8XZ+0zxeyGW4vW8WoXlx
IuhpxcTGlM0hx05jrutNcniNKe8CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQIZYS0
nogsfezdYuW0D8ll+BDDlTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmY3OGQ4OWQtMWQzMi00MTc2LThmM2UtOTk2NmY2NzQ4NDNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0HEw
DQYJKoZIhvcNAQELBQADggEBADnf9BDstxCUj2d/WWtDDqckHYQpUV+1nI+Qq9/P
RDInUFA+GF00n2lU3/jxi2b2DAOh9CaHtdbMpviyEnUvjHotlBCb7XqRjiNtRJjb
gEdk4IxtEti4gR5LL+KW41/4pqlcTUC81S7hLB4NG6ZrOtCsn9K8zNWfH1CmiHGI
S/46KxSOHeVhZHHinHbmCvfh0IjxAR74YCdu7LvfpWMr0DtYHZnQAwv32euKF0Xj
hZ8endP+Qu8tsWNBL35iAlySG679nGIZ5/8oLX6RkQMjvCYCm8tPrN4Y4nmlDp7G
4Es5cY1yy24/Zn1Tv/Sn7lIQNQPc6miEumWTH9sENtMSphw=
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:16 2025 by rpki-client