Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70d9b32d-6db3-4971-bdb4-e5dd251f6705.roa
File: 70d9b32d-6db3-4971-bdb4-e5dd251f6705.roa (raw, json)
Hash identifier: 9+1LyMX4U2etZjqCbhFV8Wg4uJRwi5PLKj11eBNpTtI=
Subject key identifier: 23:66:A4:38:AC:30:48:28:15:98:99:0B:B9:89:E0:12:3F:22:F6:CC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6361AB62DE744F8028BDD8FE221BC607121FBD82
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70d9b32d-6db3-4971-bdb4-e5dd251f6705.roa
Signing time: Fri 25 Apr 2025 19:50:14 +0000
ROA not before: Fri 25 Apr 2025 19:50:14 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:61:ab:62:de:74:4f:80:28:bd:d8:fe:22:1b:c6:07:12:1f:bd:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:50:14 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=cc214a8c436ca9efa3da2911c05ee30bb09258d604ad773dd2d6b4a1523c6718, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:5d:80:57:00:ca:7a:59:16:8d:64:79:3f:b8:
92:aa:f0:a8:c2:db:cb:7e:e0:a7:5a:18:bb:ce:04:
89:11:8c:de:31:5e:48:cc:b1:da:60:60:b8:1b:64:
f2:8c:38:e9:2f:61:12:7a:0e:db:b5:06:f9:62:b2:
7d:12:51:81:6d:9f:f0:67:c1:96:11:4e:1c:fe:06:
bb:0f:64:82:0c:1b:23:01:e8:c6:a1:a3:76:6a:c0:
94:20:01:39:2a:c3:63:13:03:42:e2:94:98:d3:ea:
4d:7f:f2:fa:5f:52:66:50:46:01:10:e2:a5:c7:73:
f2:d5:cd:61:3a:ae:61:2c:b7:39:fb:4a:02:23:a4:
42:c0:69:b7:25:b3:2b:29:21:af:83:4d:f6:08:60:
72:25:27:07:b8:d4:aa:22:d1:76:b7:4e:f8:8e:14:
50:84:a2:52:3f:02:c4:c2:51:a6:85:15:19:40:cf:
3e:1a:c3:ad:8f:01:63:69:2f:5f:27:d1:42:45:7c:
8f:34:72:61:01:17:f7:a7:dd:53:f4:90:78:64:4c:
69:6c:4b:19:a2:06:8a:86:b0:dc:52:54:8b:14:7e:
f9:39:fb:1c:91:d9:3a:6a:ca:15:63:a5:d2:64:99:
6a:7a:e6:47:ba:cd:c0:e7:ba:d6:af:ad:de:75:40:
68:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:66:A4:38:AC:30:48:28:15:98:99:0B:B9:89:E0:12:3F:22:F6:CC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70d9b32d-6db3-4971-bdb4-e5dd251f6705.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:5000::/40
Signature Algorithm: sha256WithRSAEncryption
53:bb:56:0a:4e:0d:6c:51:5b:3e:dc:10:ef:d7:56:d5:c8:2e:
f3:10:cd:c0:71:7e:c5:ef:12:d0:76:1f:93:ac:22:d1:ad:c2:
61:a7:a6:5a:57:fd:2e:00:27:25:ab:d9:30:af:dc:87:be:fc:
1b:2a:53:f2:85:51:a4:23:e6:da:31:06:7d:67:39:50:c9:8e:
39:f7:15:d1:90:c3:1e:51:64:a9:b1:6d:7d:3e:38:cb:38:20:
c7:6f:d2:6b:2b:8e:1a:26:04:03:bd:7c:3b:54:89:61:96:67:
ad:f9:e6:69:40:df:56:7d:d7:87:19:ce:6b:67:d4:77:c2:98:
41:af:37:77:83:14:28:70:82:a7:fc:e3:95:68:ff:58:13:f0:
04:f9:32:fb:0e:2d:68:0b:ab:a8:c0:b5:17:7f:83:63:07:30:
b0:ee:54:d8:01:0c:d8:8a:86:b8:91:61:94:9e:b9:e9:dc:3c:
cc:fb:d6:d0:44:05:97:4a:d8:20:01:b4:31:7d:14:4c:93:65:
a0:a6:0d:ad:32:7a:53:34:7d:60:40:75:a2:9f:42:7f:f1:f4:
1c:c9:c9:41:3e:1e:27:a0:21:cf:99:a7:db:bd:1f:1c:7b:98:
04:8d:a6:e6:a4:8a:e2:dd:d0:f5:5d:12:80:a8:94:97:c1:9f:
60:ff:1b:ed
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUY2GrYt50T4Aovdj+IhvGBxIfvYIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTUwMTRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGNjMjE0YThjNDM2Y2E5ZWZhM2RhMjkxMWMwNWVlMzBiYjA5MjU4ZDYwNGFk
NzczZGQyZDZiNGExNTIzYzY3MTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALpdgFcAynpZFo1keT+4kqrwqMLby37gp1oYu84EiRGM3jFeSMyx2mBguBtk
8ow46S9hEnoO27UG+WKyfRJRgW2f8GfBlhFOHP4Guw9kggwbIwHoxqGjdmrAlCAB
OSrDYxMDQuKUmNPqTX/y+l9SZlBGARDipcdz8tXNYTquYSy3OftKAiOkQsBptyWz
Kykhr4NN9ghgciUnB7jUqiLRdrdO+I4UUISiUj8CxMJRpoUVGUDPPhrDrY8BY2kv
XyfRQkV8jzRyYQEX96fdU/SQeGRMaWxLGaIGioaw3FJUixR++Tn7HJHZOmrKFWOl
0mSZanrmR7rNwOe61q+t3nVAaEcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQjZqQ4
rDBIKBWYmQu5ieASPyL2zDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzBkOWIzMmQtNmRiMy00OTcxLWJkYjQtZTVkZDI1MWY2NzA1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HVQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBTu1YKTg1sUVs+3BDv11bVyC7zEM3AcX7F7xLQ
dh+TrCLRrcJhp6ZaV/0uACclq9kwr9yHvvwbKlPyhVGkI+baMQZ9ZzlQyY459xXR
kMMeUWSpsW19PjjLOCDHb9JrK44aJgQDvXw7VIlhlmet+eZpQN9WfdeHGc5rZ9R3
wphBrzd3gxQocIKn/OOVaP9YE/AE+TL7Di1oC6uowLUXf4NjBzCw7lTYAQzYioa4
kWGUnrnp3DzM+9bQRAWXStggAbQxfRRMk2Wgpg2tMnpTNH1gQHWin0J/8fQcyclB
Ph4noCHPmafbvR8ce5gEjabmpIri3dD1XRKAqJSXwZ9g/xvt
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:36:18 2025 by rpki-client