Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7175e6ba-4879-48cc-b428-9cd0d88a156a.roa
File: 7175e6ba-4879-48cc-b428-9cd0d88a156a.roa (raw, json)
Hash identifier: a8ib/gSyYCGugTo9SuWDdNLookQmS7d59OIpCGErLwA=
Subject key identifier: 2A:D5:20:55:1B:6A:43:47:F1:12:E8:83:D7:E4:23:1C:EF:1E:13:0D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 367F1848EE0CCB428D878C86E9CE7A99F4CFBE6E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7175e6ba-4879-48cc-b428-9cd0d88a156a.roa
Signing time: Mon 21 Apr 2025 18:31:10 +0000
ROA not before: Mon 21 Apr 2025 18:31:10 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:7f:18:48:ee:0c:cb:42:8d:87:8c:86:e9:ce:7a:99:f4:cf:be:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 21 18:31:10 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=177699e977103ac23b1e7142443622b74cccb7d529dc896b118857c16050a5f1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:62:58:18:c8:92:51:f9:41:f8:a5:3d:9e:36:
de:45:ea:b5:0e:a7:b2:b2:da:bb:65:b6:9e:be:04:
a1:3c:30:08:97:9b:3c:c6:52:ff:60:85:c0:81:03:
26:ab:66:66:0f:8a:c3:ec:07:cd:12:5a:34:96:dd:
5a:af:e9:c8:f0:15:c6:6b:1e:3d:4a:a6:ce:e9:86:
7b:df:f5:6b:03:94:53:70:c5:02:79:ca:48:14:7c:
82:c3:18:d6:41:64:54:62:d9:9e:db:61:c9:55:b4:
e7:0b:ba:07:65:e9:37:76:ad:03:3f:01:60:14:8f:
12:00:38:7b:3b:c7:f5:9d:0a:72:5d:1a:6e:25:22:
ff:95:ea:f1:6e:c6:73:93:8a:d1:09:4d:bf:75:b9:
c4:3f:23:96:59:7c:94:c0:21:0a:9e:e0:c7:f4:36:
23:78:2d:52:e8:95:46:95:7b:1d:68:85:4f:20:44:
8e:eb:79:15:60:bc:f7:e6:f0:6d:0d:74:72:ed:0b:
02:72:f4:44:4a:cc:fa:97:0f:25:d5:8b:7c:c4:5e:
e6:59:4b:67:31:56:ca:c0:dd:8b:21:84:f1:3d:c8:
52:af:0f:95:d2:18:45:c9:35:58:ec:d5:56:1b:32:
ae:d8:e1:42:97:8b:60:e0:74:fa:fc:ca:25:11:cf:
63:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:D5:20:55:1B:6A:43:47:F1:12:E8:83:D7:E4:23:1C:EF:1E:13:0D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7175e6ba-4879-48cc-b428-9cd0d88a156a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
3f:1e:0f:46:6c:fc:ab:6e:d7:1e:9d:01:d3:a5:53:9a:8d:52:
c3:e5:39:d6:69:cf:1c:4c:4e:87:d4:06:da:d6:46:b0:87:f1:
b1:bb:ee:88:ec:24:2d:f7:57:2d:93:3f:51:3e:d9:e1:9b:ea:
e9:bd:27:80:db:4c:a9:d8:91:53:c8:db:5c:35:b5:9c:92:54:
15:39:5e:46:dd:55:ab:b7:f0:b8:74:ff:2f:9e:4d:c5:80:7f:
b7:ad:e6:18:ab:5e:1e:97:eb:5b:7b:42:4f:e7:5d:a1:b8:52:
7d:08:61:68:cb:e3:21:43:63:81:f7:1d:4a:9a:24:ef:d0:f5:
25:35:ef:c2:f3:3a:8f:a5:7a:38:69:e6:86:2b:37:5d:67:a2:
cf:93:b6:d3:aa:5c:e6:c8:dd:ed:61:db:02:b4:b1:b0:b9:25:
07:75:eb:ce:72:88:e1:65:e9:cf:01:04:6b:76:41:39:94:32:
d2:49:a6:6e:95:8c:3f:7f:42:ef:e9:15:43:ce:4c:70:99:91:
22:3f:b1:52:2f:01:df:bb:d8:1b:bd:8c:e3:99:23:c0:5b:0f:
8b:a8:43:a6:fc:4e:4c:6c:27:dd:0d:de:b3:3c:01:cd:4d:70:
8f:cc:ec:c9:4b:4f:b0:f4:f8:8d:f7:c1:ed:32:9c:33:18:a4:
b9:3a:fc:d9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNn8YSO4My0KNh4yG6c56mfTPvm4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjExODMxMTBaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3NzY5OWU5NzcxMDNhYzIzYjFlNzE0MjQ0MzYyMmI3NGNjY2I3ZDUyOWRj
ODk2YjExODg1N2MxNjA1MGE1ZjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPZiWBjIklH5QfilPZ423kXqtQ6nsrLau2W2nr4EoTwwCJebPMZS/2CFwIED
JqtmZg+Kw+wHzRJaNJbdWq/pyPAVxmsePUqmzumGe9/1awOUU3DFAnnKSBR8gsMY
1kFkVGLZntthyVW05wu6B2XpN3atAz8BYBSPEgA4ezvH9Z0Kcl0abiUi/5Xq8W7G
c5OK0QlNv3W5xD8jlll8lMAhCp7gx/Q2I3gtUuiVRpV7HWiFTyBEjut5FWC89+bw
bQ10cu0LAnL0RErM+pcPJdWLfMRe5llLZzFWysDdiyGE8T3IUq8PldIYRck1WOzV
VhsyrtjhQpeLYOB0+vzKJRHPYxECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQq1SBV
G2pDR/ES6IPX5CMc7x4TDTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzE3NWU2YmEtNDg3OS00OGNjLWI0MjgtOWNkMGQ4OGExNTZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEI
wDANBgkqhkiG9w0BAQsFAAOCAQEAPx4PRmz8q27XHp0B06VTmo1Sw+U51mnPHExO
h9QG2tZGsIfxsbvuiOwkLfdXLZM/UT7Z4Zvq6b0ngNtMqdiRU8jbXDW1nJJUFTle
Rt1Vq7fwuHT/L55NxYB/t63mGKteHpfrW3tCT+ddobhSfQhhaMvjIUNjgfcdSpok
79D1JTXvwvM6j6V6OGnmhis3XWeiz5O206pc5sjd7WHbArSxsLklB3XrznKI4WXp
zwEEa3ZBOZQy0kmmbpWMP39C7+kVQ85McJmRIj+xUi8B37vYG72M45kjwFsPi6hD
pvxOTGwn3Q3eszwBzU1wj8zsyUtPsPT4jffB7TKcMxikuTr82Q==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:28 2025 by rpki-client