Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72c1c04d-5c77-431c-825c-1633fac1964d.roa
File: 72c1c04d-5c77-431c-825c-1633fac1964d.roa (raw, json)
Hash identifier: fmzmFaksU2KQAwDW8baJ6qUCLjzMaJWnlVb/nlD/kBs=
Subject key identifier: 47:00:88:72:2C:17:2A:ED:2A:73:5E:84:39:AE:51:94:AF:1D:EA:36
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6BA48FBB9AA76A61B80DF7078AC40EAD859169C6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72c1c04d-5c77-431c-825c-1633fac1964d.roa
Signing time: Fri 25 Apr 2025 19:10:43 +0000
ROA not before: Fri 25 Apr 2025 19:10:43 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8030::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:a4:8f:bb:9a:a7:6a:61:b8:0d:f7:07:8a:c4:0e:ad:85:91:69:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:10:43 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=d4baa9acdb51e080e805e9183fda95b921a79b4190c4fe7cb005ae462333eacb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:70:8f:49:03:b5:ff:18:28:c3:16:ae:9d:46:
b9:85:82:2a:60:a5:d6:f3:a9:36:dc:76:62:3c:36:
fb:87:61:18:56:8a:53:63:6d:47:4d:0c:3b:48:65:
46:93:4e:7a:14:ae:8f:e5:72:ec:8a:77:2b:56:ea:
b8:04:81:86:5a:c7:2a:53:d6:bd:f2:bf:36:73:10:
43:c3:0c:ad:f5:40:fa:86:53:6c:c3:ac:2e:8a:5a:
7e:4b:9f:3b:75:05:01:69:53:6f:38:8c:d8:d2:fd:
85:c7:dc:c8:31:1f:04:b7:5c:12:ed:5b:3a:9a:c5:
4d:68:69:17:6e:22:6e:df:c9:65:dd:25:08:b8:90:
13:a1:3f:e1:56:0b:33:f2:b6:bb:44:46:e0:50:30:
9c:38:5e:de:b4:35:85:96:2a:2d:be:92:d6:36:29:
8d:3b:dc:2c:59:05:2c:6d:20:4b:38:78:ac:0d:0a:
a0:e5:9e:64:cf:d2:3d:63:0a:24:80:38:41:2e:31:
c2:46:c5:e1:76:ea:2c:1e:14:0d:c0:cc:0e:06:c4:
67:28:51:fa:1a:3d:98:0d:72:d0:ce:31:e1:1e:1a:
3f:f2:44:e9:b3:c3:a3:a8:e0:9b:27:35:88:f1:59:
e9:b3:61:b3:8b:ab:02:39:fb:53:42:ea:bb:ae:fe:
b4:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:00:88:72:2C:17:2A:ED:2A:73:5E:84:39:AE:51:94:AF:1D:EA:36
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72c1c04d-5c77-431c-825c-1633fac1964d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8030::/48
Signature Algorithm: sha256WithRSAEncryption
40:c8:4b:47:c9:db:82:16:b0:fe:a7:40:70:2d:7c:5c:ef:d0:
b9:c8:e4:a2:79:f4:d7:4a:bc:3c:2e:83:15:a1:1b:df:ee:b1:
2e:61:a6:e2:32:f0:57:cf:bb:31:f5:f2:97:e5:88:e2:a0:37:
f6:65:79:eb:c5:a5:3a:b2:6c:a1:80:df:ed:84:5e:10:4d:4c:
7d:d3:53:4e:41:1b:15:8c:4b:76:5c:e9:f4:da:34:b5:7b:4c:
c0:ae:d3:fd:17:4e:43:1f:c7:6f:7e:41:60:9a:64:6b:d9:1b:
3f:31:93:99:1f:4e:e0:e9:a7:4e:95:2b:67:c8:67:a6:d2:6f:
88:93:1e:99:c7:16:25:8d:54:cd:0f:39:0a:ad:3e:f4:46:57:
90:23:27:da:92:fb:32:ea:70:53:77:e2:48:eb:d1:5f:f7:49:
42:1f:bf:b8:a1:e3:ce:e5:97:0d:e1:38:59:25:af:0b:ea:ec:
99:97:7a:e4:4e:68:c1:8b:c1:69:b7:46:d1:e7:e2:cf:f7:0c:
1b:fc:ef:e0:7e:e3:34:65:5a:e0:8b:58:ef:78:f1:c3:95:23:
9e:d2:1d:ca:06:43:5d:02:9e:8b:da:62:20:11:f4:cc:90:ca:
44:3f:e0:29:42:11:87:e9:89:3e:f0:77:88:88:9f:d0:72:47:
f8:fa:2d:a4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUa6SPu5qnamG4DfcHisQOrYWRacYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTEwNDNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0YmFhOWFjZGI1MWUwODBlODA1ZTkxODNmZGE5NWI5MjFhNzliNDE5MGM0
ZmU3Y2IwMDVhZTQ2MjMzM2VhY2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKhwj0kDtf8YKMMWrp1GuYWCKmCl1vOpNtx2Yjw2+4dhGFaKU2NtR00MO0hl
RpNOehSuj+Vy7Ip3K1bquASBhlrHKlPWvfK/NnMQQ8MMrfVA+oZTbMOsLopafkuf
O3UFAWlTbziM2NL9hcfcyDEfBLdcEu1bOprFTWhpF24ibt/JZd0lCLiQE6E/4VYL
M/K2u0RG4FAwnDhe3rQ1hZYqLb6S1jYpjTvcLFkFLG0gSzh4rA0KoOWeZM/SPWMK
JIA4QS4xwkbF4XbqLB4UDcDMDgbEZyhR+ho9mA1y0M4x4R4aP/JE6bPDo6jgmyc1
iPFZ6bNhs4urAjn7U0Lqu67+tIECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRHAIhy
LBcq7SpzXoQ5rlGUrx3qNjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzJjMWMwNGQtNWM3Ny00MzFjLTgyNWMtMTYzM2ZhYzE5NjRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
MDANBgkqhkiG9w0BAQsFAAOCAQEAQMhLR8nbghaw/qdAcC18XO/Qucjkonn010q8
PC6DFaEb3+6xLmGm4jLwV8+7MfXyl+WI4qA39mV568WlOrJsoYDf7YReEE1MfdNT
TkEbFYxLdlzp9No0tXtMwK7T/RdOQx/Hb35BYJpka9kbPzGTmR9O4OmnTpUrZ8hn
ptJviJMemccWJY1UzQ85Cq0+9EZXkCMn2pL7MupwU3fiSOvRX/dJQh+/uKHjzuWX
DeE4WSWvC+rsmZd65E5owYvBabdG0efiz/cMG/zv4H7jNGVa4ItY73jxw5UjntId
ygZDXQKei9piIBH0zJDKRD/gKUIRh+mJPvB3iIif0HJH+PotpA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:40 2025 by rpki-client