Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72da9f02-356c-4664-864e-e60b7c9e874d.roa
File: 72da9f02-356c-4664-864e-e60b7c9e874d.roa (raw, json)
Hash identifier: AvrMiDIUQ2aBzz8Y6XW7ott8nKfVujJx2GHOBFy7+u8=
Subject key identifier: A5:5E:0E:42:CE:E9:AE:2D:84:62:23:7E:A4:59:D2:E6:F7:88:A9:05
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7A9BFB9C3380BCEB308B0ECC434DEF0F9E118934
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72da9f02-356c-4664-864e-e60b7c9e874d.roa
Signing time: Fri 25 Apr 2025 19:30:13 +0000
ROA not before: Fri 25 Apr 2025 19:30:13 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:c040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:9b:fb:9c:33:80:bc:eb:30:8b:0e:cc:43:4d:ef:0f:9e:11:89:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:30:13 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=ae13835c166ceba8446f7c8690bfef4144a89ba191663b8aad76dd7b9e30a75a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:ab:11:9b:a1:92:b5:d4:f5:7b:84:3f:56:09:
7a:55:34:08:c4:19:c7:7b:8a:ea:85:3b:78:11:71:
7b:27:5a:b2:84:bc:f9:62:fe:ee:9b:c8:b1:10:38:
75:8a:ff:4f:c0:e8:ac:98:87:16:84:17:55:72:d9:
de:89:e4:3d:b3:6e:42:20:ff:fe:77:77:b5:45:f2:
a3:41:a6:0b:cd:7c:bd:37:f1:98:21:49:54:02:49:
52:10:ab:ea:26:ed:e1:9e:42:32:60:7b:15:f2:6a:
3a:a8:4f:69:4d:43:5b:0f:5c:9e:be:79:c6:89:ea:
51:ad:21:31:dc:6a:9f:fa:d4:04:94:b0:2e:8b:a1:
dc:e3:bd:4e:11:f7:b2:94:b2:8d:69:3b:e6:b8:48:
2e:d1:6c:c0:89:59:f4:82:71:5b:b2:ba:0d:cb:ee:
55:bc:c8:c9:e9:90:12:f4:4f:32:74:00:e8:3c:8c:
bf:66:7d:df:c9:a1:25:ed:bd:6d:37:84:5a:a6:3e:
0e:42:1a:85:a6:6f:ec:f4:48:89:a4:0c:02:ec:4d:
27:be:5c:e9:8a:1f:0f:c3:7e:de:c8:d9:1d:08:a1:
b8:de:2f:06:53:4d:c0:88:21:6b:98:f7:78:85:ab:
a8:2d:b2:85:aa:9c:95:b7:ac:0f:2f:11:3e:c4:a6:
bd:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:5E:0E:42:CE:E9:AE:2D:84:62:23:7E:A4:59:D2:E6:F7:88:A9:05
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72da9f02-356c-4664-864e-e60b7c9e874d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:c040::/46
Signature Algorithm: sha256WithRSAEncryption
7b:06:fa:9b:8b:ed:83:0c:a4:7c:aa:d1:bf:0d:f0:88:b7:fd:
94:5f:c1:d8:94:f6:56:19:a5:33:7c:6f:d4:b3:db:5e:71:3d:
45:fa:25:1f:08:e9:0b:24:9d:c3:63:e0:d6:15:bf:1c:c7:28:
d0:d1:01:9e:76:ac:67:1f:26:b2:df:82:8b:e5:cd:b0:e4:5d:
31:10:2d:96:02:d4:5a:5d:a3:09:01:33:97:dc:a3:50:3e:7f:
17:e0:58:ee:5a:32:13:79:46:f3:ce:fb:fb:61:1a:bd:cd:7c:
c8:74:95:2a:05:5a:e9:05:76:a8:c5:52:94:62:f8:5e:5e:39:
df:63:f0:1d:18:68:da:e0:32:be:64:f9:de:28:98:0c:43:e7:
54:6f:b5:fe:57:32:62:d6:9a:25:e8:c9:f2:79:cd:4b:e1:12:
e3:00:bf:29:0f:e0:bc:52:73:1a:af:d0:e8:74:81:88:54:42:
3e:99:c5:3f:f7:02:ee:80:69:f2:ab:5e:f2:ef:02:7f:7d:0e:
03:1d:d0:f5:40:90:1b:93:bb:33:b5:55:07:30:fa:e2:82:a6:
c9:17:1f:b1:7e:9e:6c:35:0b:ff:99:a4:53:30:3a:5f:06:3f:
e0:3d:cd:e5:e1:60:5a:34:36:d9:66:3a:2c:fd:8a:ef:31:06:
1f:6e:3a:00
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUepv7nDOAvOswiw7MQ03vD54RiTQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTMwMTNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlMTM4MzVjMTY2Y2ViYTg0NDZmN2M4NjkwYmZlZjQxNDRhODliYTE5MTY2
M2I4YWFkNzZkZDdiOWUzMGE3NWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOirEZuhkrXU9XuEP1YJelU0CMQZx3uK6oU7eBFxeydasoS8+WL+7pvIsRA4
dYr/T8DorJiHFoQXVXLZ3onkPbNuQiD//nd3tUXyo0GmC818vTfxmCFJVAJJUhCr
6ibt4Z5CMmB7FfJqOqhPaU1DWw9cnr55xonqUa0hMdxqn/rUBJSwLouh3OO9ThH3
spSyjWk75rhILtFswIlZ9IJxW7K6DcvuVbzIyemQEvRPMnQA6DyMv2Z938mhJe29
bTeEWqY+DkIahaZv7PRIiaQMAuxNJ75c6YofD8N+3sjZHQihuN4vBlNNwIgha5j3
eIWrqC2yhaqclbesDy8RPsSmvVkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSlXg5C
zumuLYRiI36kWdLm94ipBTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzJkYTlmMDItMzU2Yy00NjY0LTg2NGUtZTYwYjdjOWU4NzRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HfA
QDANBgkqhkiG9w0BAQsFAAOCAQEAewb6m4vtgwykfKrRvw3wiLf9lF/B2JT2Vhml
M3xv1LPbXnE9RfolHwjpCySdw2Pg1hW/HMco0NEBnnasZx8mst+Ci+XNsORdMRAt
lgLUWl2jCQEzl9yjUD5/F+BY7loyE3lG8877+2Eavc18yHSVKgVa6QV2qMVSlGL4
Xl4532PwHRho2uAyvmT53iiYDEPnVG+1/lcyYtaaJejJ8nnNS+ES4wC/KQ/gvFJz
Gq/Q6HSBiFRCPpnFP/cC7oBp8qte8u8Cf30OAx3Q9UCQG5O7M7VVBzD64oKmyRcf
sX6ebDUL/5mkUzA6XwY/4D3N5eFgWjQ22WY6LP2K7zEGH246AA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:01 2025 by rpki-client