Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa
File: 7116ef93-bff5-462e-a725-ae90147ffd39.roa (raw, json)
Hash identifier: GYwxwoeVhqvOInrzt8NZ9TgFlrlevv985RDxBCgKGOk=
Subject key identifier: 6C:9D:E4:40:A5:E9:47:5D:0C:45:2D:19:C1:E8:49:77:32:B6:4E:B0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7AF30401441A1136D23BEF3B05C1F6A87024256C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa
Signing time: Fri 25 Apr 2025 18:40:09 +0000
ROA not before: Fri 25 Apr 2025 18:40:09 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:c0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:f3:04:01:44:1a:11:36:d2:3b:ef:3b:05:c1:f6:a8:70:24:25:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:40:09 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=1b768a2f829227eab6e22be6ca9cda535478094f52335a75a9bb44187819a2cc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e0:ec:a9:1a:06:28:6b:44:ac:02:36:11:52:
be:77:ca:00:12:89:fa:0d:52:17:7a:21:ec:63:4a:
18:f4:5d:dd:93:57:72:b3:a5:61:1f:29:b6:0c:4c:
ee:b9:4c:b3:d0:a3:21:31:9a:92:ad:74:aa:d9:37:
78:41:13:6e:d1:c7:36:1b:0e:30:5d:1d:43:09:3d:
46:bf:03:dd:64:df:e0:5a:d4:1a:9b:ae:2e:0e:69:
c3:f8:f0:5c:e9:8c:56:fb:f6:09:8f:bc:e0:55:43:
26:4a:83:38:2a:49:ef:9e:ff:11:9d:cc:bb:77:95:
25:78:ca:e0:ad:62:71:41:bf:27:7e:66:d4:dd:90:
95:25:35:05:92:53:e7:6a:75:de:11:03:59:be:e3:
01:eb:d9:f6:5b:ba:fb:2d:d5:da:0e:0e:5b:09:b3:
4d:fe:b2:3a:52:1d:20:2f:42:06:90:fa:a4:09:c8:
39:1b:b1:17:a2:ed:4a:1b:29:9a:38:21:1f:30:d8:
c6:17:a8:43:69:c5:4a:cd:e3:98:6d:76:f2:77:b3:
54:d3:a5:7a:f9:cd:84:31:c7:63:5d:34:ed:25:fc:
b6:b9:cd:6e:57:30:b7:3f:2d:bd:30:9a:3e:38:88:
38:94:87:e3:9e:23:34:58:a4:2c:a7:c1:62:8c:9d:
fc:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:9D:E4:40:A5:E9:47:5D:0C:45:2D:19:C1:E8:49:77:32:B6:4E:B0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
79:04:1a:38:ad:56:31:aa:f4:a9:9d:f5:0c:5e:dd:8e:f7:8f:
92:8a:c7:43:e6:16:7c:7e:8c:e6:7c:51:60:4c:96:1f:8f:47:
30:52:d7:f0:a7:b2:b4:70:3e:95:67:dc:73:1d:a1:6a:c8:a1:
16:42:cf:89:c2:dc:43:2b:f8:25:13:17:63:9b:e5:11:d0:f0:
3f:6e:95:d6:da:1e:a6:2f:67:37:cc:70:18:88:02:60:d3:94:
76:a0:64:23:1b:b2:bb:57:62:39:c2:4c:e1:f7:8e:cf:66:d4:
c8:87:ea:84:ba:fc:2e:1a:16:2c:c5:f6:29:62:77:64:c8:89:
87:59:d0:5e:59:82:ff:ee:68:ee:c6:15:4a:36:e5:66:52:a6:
22:07:5a:c2:94:36:68:65:97:f6:a5:d9:50:7f:a5:d1:da:6c:
cd:3f:9e:e0:07:3c:06:20:f8:17:81:81:00:1e:97:f2:3a:48:
e2:21:df:29:19:66:a6:9c:5b:64:c2:31:32:db:73:b9:03:f3:
6a:9b:62:79:fe:53:02:a0:69:02:22:f6:f5:bb:fc:c4:a5:0a:
1b:bc:54:9e:36:9c:e0:eb:77:ea:c2:7b:78:11:bd:a8:1f:f7:
5b:e8:24:17:6e:a2:f3:06:da:3d:c5:23:3e:c5:39:fa:30:9a:
a5:ce:6f:49
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUevMEAUQaETbSO+87BcH2qHAkJWwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODQwMDlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDFiNzY4YTJmODI5MjI3ZWFiNmUyMmJlNmNhOWNkYTUzNTQ3ODA5NGY1MjMz
NWE3NWE5YmI0NDE4NzgxOWEyY2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMXg7KkaBihrRKwCNhFSvnfKABKJ+g1SF3oh7GNKGPRd3ZNXcrOlYR8ptgxM
7rlMs9CjITGakq10qtk3eEETbtHHNhsOMF0dQwk9Rr8D3WTf4FrUGpuuLg5pw/jw
XOmMVvv2CY+84FVDJkqDOCpJ757/EZ3Mu3eVJXjK4K1icUG/J35m1N2QlSU1BZJT
52p13hEDWb7jAevZ9lu6+y3V2g4OWwmzTf6yOlIdIC9CBpD6pAnIORuxF6LtShsp
mjghHzDYxheoQ2nFSs3jmG128nezVNOlevnNhDHHY1007SX8trnNblcwtz8tvTCa
PjiIOJSH454jNFikLKfBYoyd/DkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRsneRA
pelHXQxFLRnB6El3MrZOsDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzExNmVmOTMtYmZmNS00NjJlLWE3MjUtYWU5MDE0N2ZmZDM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLA
wDANBgkqhkiG9w0BAQsFAAOCAQEAeQQaOK1WMar0qZ31DF7djvePkorHQ+YWfH6M
5nxRYEyWH49HMFLX8KeytHA+lWfccx2hasihFkLPicLcQyv4JRMXY5vlEdDwP26V
1toepi9nN8xwGIgCYNOUdqBkIxuyu1diOcJM4feOz2bUyIfqhLr8LhoWLMX2KWJ3
ZMiJh1nQXlmC/+5o7sYVSjblZlKmIgdawpQ2aGWX9qXZUH+l0dpszT+e4Ac8BiD4
F4GBAB6X8jpI4iHfKRlmppxbZMIxMttzuQPzaptief5TAqBpAiL29bv8xKUKG7xU
njac4Ot36sJ7eBG9qB/3W+gkF26i8wbaPcUjPsU5+jCapc5vSQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:36:11 2025 by rpki-client