Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74f41cc9-ba0e-46d9-a774-45f6a030a3f4.roa
File: 74f41cc9-ba0e-46d9-a774-45f6a030a3f4.roa (raw, json)
Hash identifier: SPcCuvRBCJTkgkGwd4Uswf8mGnC4cnzSIWkXt5oPoz8=
Subject key identifier: 67:0C:84:18:EA:F5:6C:65:8B:6A:AF:87:39:7A:05:9F:0E:6C:74:C0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3D42F8E5F9C44FC9F26951E0CBE764F4735A947F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74f41cc9-ba0e-46d9-a774-45f6a030a3f4.roa
Signing time: Mon 21 Apr 2025 18:31:12 +0000
ROA not before: Mon 21 Apr 2025 18:31:12 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:42:f8:e5:f9:c4:4f:c9:f2:69:51:e0:cb:e7:64:f4:73:5a:94:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 21 18:31:12 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=9860a9741c963ff3e5b2500483cd2bad5691d8755d5886b03cb9c6ec2688faa8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:bd:47:be:b2:6a:ca:c4:72:6a:fb:73:9d:87:
66:0d:8a:67:86:51:05:b8:37:0d:6c:28:58:88:25:
e7:9e:33:c3:18:d3:00:42:ab:22:44:2b:36:9e:35:
32:23:48:f4:48:f9:5a:57:d1:a0:0f:81:59:0b:41:
18:9c:a4:55:4c:12:db:d7:a3:ea:7b:30:f6:3c:83:
92:da:34:8f:cf:f8:24:2b:61:e5:af:3c:9c:62:fe:
ef:40:c0:93:05:63:15:09:52:bc:85:b5:e4:11:01:
da:7b:52:15:f1:11:bd:d8:96:ad:f1:fa:cf:20:fe:
43:26:2c:96:a2:b4:b7:36:02:19:3f:cc:7e:02:f7:
23:b0:39:7c:a9:35:ea:aa:05:59:3a:96:b6:43:c0:
4f:5e:96:56:a5:39:0f:bb:44:e8:42:db:16:32:ea:
c7:36:fe:40:8c:ac:3c:b4:8b:f8:cc:4b:cb:74:fb:
cf:92:78:fc:99:59:50:5c:ae:ae:4a:cb:9d:c3:8a:
83:a3:fd:ac:cb:c4:91:3a:b7:22:49:dc:79:82:97:
dc:2c:5c:5e:85:53:02:5d:a8:05:0d:c1:dc:10:45:
b9:68:08:ef:74:0d:2d:22:c0:cb:a1:97:d4:cb:83:
58:96:81:3f:7c:b4:62:7b:22:5a:5a:82:2d:8a:86:
d1:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:0C:84:18:EA:F5:6C:65:8B:6A:AF:87:39:7A:05:9F:0E:6C:74:C0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74f41cc9-ba0e-46d9-a774-45f6a030a3f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:880::/48
Signature Algorithm: sha256WithRSAEncryption
07:9a:be:b3:d8:80:52:47:f2:12:60:f5:68:6f:8e:24:1b:72:
1d:02:19:c5:8d:40:51:3a:26:f4:75:17:f5:8d:97:59:5a:a9:
6e:8c:f9:8e:16:46:96:65:bd:bd:d9:2c:4d:99:bb:63:4c:f4:
77:cc:36:d3:77:e6:dc:81:90:a7:91:22:6e:0e:df:3e:c4:b8:
d0:c4:10:26:8f:37:11:25:be:22:d7:54:3f:88:cc:cf:12:d5:
56:34:b8:68:57:d8:66:7c:1a:09:67:8c:73:2c:e2:4e:aa:b2:
a6:45:ac:5f:ae:50:e0:7d:0f:57:5d:17:cf:09:21:d2:73:b6:
b5:36:2f:59:f6:29:d9:b9:f1:a9:28:f0:10:b5:97:7a:e8:56:
e4:76:2f:66:9f:72:90:01:d4:72:ae:50:00:c1:91:d5:45:a3:
fc:57:36:6e:6c:e8:64:42:6a:83:75:87:7b:61:40:44:79:77:
9d:77:97:5d:91:45:53:24:26:8e:57:e3:4a:93:1b:7f:c1:b8:
2e:62:ed:01:36:9d:03:73:15:ec:d3:74:b1:fd:d7:03:b6:5e:
1d:09:12:26:f7:5b:fa:ab:36:64:14:5b:48:29:6a:c9:71:41:
6d:03:a2:e6:d3:a9:09:f5:4a:62:ec:a1:28:6c:8a:e5:0a:65:
3b:c2:40:06
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUPUL45fnET8nyaVHgy+dk9HNalH8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjExODMxMTJaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDk4NjBhOTc0MWM5NjNmZjNlNWIyNTAwNDgzY2QyYmFkNTY5MWQ4NzU1ZDU4
ODZiMDNjYjljNmVjMjY4OGZhYTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALq9R76yasrEcmr7c52HZg2KZ4ZRBbg3DWwoWIgl554zwxjTAEKrIkQrNp41
MiNI9Ej5WlfRoA+BWQtBGJykVUwS29ej6nsw9jyDkto0j8/4JCth5a88nGL+70DA
kwVjFQlSvIW15BEB2ntSFfERvdiWrfH6zyD+QyYslqK0tzYCGT/MfgL3I7A5fKk1
6qoFWTqWtkPAT16WVqU5D7tE6ELbFjLqxzb+QIysPLSL+MxLy3T7z5J4/JlZUFyu
rkrLncOKg6P9rMvEkTq3IknceYKX3CxcXoVTAl2oBQ3B3BBFuWgI73QNLSLAy6GX
1MuDWJaBP3y0YnsiWlqCLYqG0ZECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRnDIQY
6vVsZYtqr4c5egWfDmx0wDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzRmNDFjYzktYmEwZS00NmQ5LWE3NzQtNDVmNmEwMzBhM2Y0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DgI
gDANBgkqhkiG9w0BAQsFAAOCAQEAB5q+s9iAUkfyEmD1aG+OJBtyHQIZxY1AUTom
9HUX9Y2XWVqpboz5jhZGlmW9vdksTZm7Y0z0d8w203fm3IGQp5Eibg7fPsS40MQQ
Jo83ESW+ItdUP4jMzxLVVjS4aFfYZnwaCWeMcyziTqqypkWsX65Q4H0PV10Xzwkh
0nO2tTYvWfYp2bnxqSjwELWXeuhW5HYvZp9ykAHUcq5QAMGR1UWj/Fc2bmzoZEJq
g3WHe2FARHl3nXeXXZFFUyQmjlfjSpMbf8G4LmLtATadA3MV7NN0sf3XA7ZeHQkS
Jvdb+qs2ZBRbSClqyXFBbQOi5tOpCfVKYuyhKGyK5QplO8JABg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:47:04 2025 by rpki-client