Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/75d0b5d9-2477-4d38-ab7a-0c60a33d8246.roa
File: 75d0b5d9-2477-4d38-ab7a-0c60a33d8246.roa (raw, json)
Hash identifier: Lbn1OeH87S8boCwknqcVxk/qX3YmeeGgsoduu87VVgo=
Subject key identifier: 9B:C4:FD:68:C5:97:D5:BB:59:0D:68:0B:CA:05:95:E4:ED:3E:42:51
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7215469636B94E080F33B1D78F5389AC63F00F0B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/75d0b5d9-2477-4d38-ab7a-0c60a33d8246.roa
Signing time: Fri 25 Apr 2025 18:10:09 +0000
ROA not before: Fri 25 Apr 2025 18:10:09 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:6040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:15:46:96:36:b9:4e:08:0f:33:b1:d7:8f:53:89:ac:63:f0:0f:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:10:09 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=2f41632bf713b3b146b5bb925cb29d58e5e9d8c821debcd3031e3e78713b5604, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:1e:bb:18:d1:82:5a:eb:66:1d:a1:9f:56:c2:
98:bc:ee:c0:51:e3:06:a7:31:9a:99:3b:21:72:5c:
24:8e:97:bb:d5:80:3d:64:1a:51:98:2a:05:c0:3b:
10:56:6e:53:86:15:0c:14:ae:e5:c7:fd:c9:cb:15:
d7:39:8f:fd:e0:4f:2d:8b:62:68:da:4b:5d:eb:ae:
70:1b:23:ec:b8:1c:38:28:58:81:9c:bf:b2:48:ea:
0b:c8:cc:42:1c:0b:b8:59:ec:10:da:ef:11:38:92:
eb:51:10:f7:d6:93:8e:df:9c:72:d9:27:c7:43:f3:
23:2f:e9:b9:16:c1:52:31:ec:3d:5e:70:e2:47:6e:
4e:29:0f:59:ca:90:7b:02:b5:c4:11:bb:0f:28:19:
e9:b6:4d:b5:11:0e:b2:5b:8d:12:e4:c8:54:1f:9a:
6b:ee:5e:44:f0:69:b7:69:0f:52:c6:df:76:1c:d5:
92:e2:58:89:b9:e8:da:36:95:15:84:bf:ec:c3:08:
b9:88:ae:45:d2:2a:fb:a5:71:69:74:e1:43:31:24:
53:23:71:8a:5e:59:d7:e7:01:0d:2f:5e:6c:9a:ad:
1f:37:51:51:1b:1f:51:ea:31:62:2e:12:be:38:ea:
ee:0e:f6:02:b1:21:12:05:84:cc:52:39:67:fe:af:
09:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:C4:FD:68:C5:97:D5:BB:59:0D:68:0B:CA:05:95:E4:ED:3E:42:51
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/75d0b5d9-2477-4d38-ab7a-0c60a33d8246.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:6040::/48
Signature Algorithm: sha256WithRSAEncryption
66:f9:ba:ba:9b:15:b4:f3:2f:63:58:68:55:cf:bf:4b:43:d8:
cc:b2:22:5e:4c:82:a3:7b:e3:a0:d9:a1:93:5a:2b:9f:19:8c:
9e:95:35:49:14:51:13:b8:c3:58:dc:a3:3f:04:d6:1e:01:96:
d1:e8:33:0c:3a:04:6a:3d:79:0d:37:3c:df:75:ad:df:2f:e9:
4a:eb:8e:fd:49:78:5f:98:a2:ca:dd:32:af:13:60:16:9a:9b:
48:a2:14:8f:10:8a:03:2d:b0:ef:62:53:45:90:1f:96:2b:b4:
af:2d:65:32:67:50:f3:43:31:fb:7e:43:7f:68:02:e1:d6:bb:
5e:f5:17:16:bf:30:4f:cb:a6:a8:f4:92:70:1a:58:55:ca:3e:
5c:39:05:b5:cd:a1:28:38:5a:23:2a:3b:2a:fb:b1:9e:a4:f4:
67:62:52:de:ce:f7:fc:3e:ba:74:d3:61:31:17:f5:ca:2d:e4:
f1:53:d3:ee:bd:e7:e7:71:d0:ed:dd:04:13:a7:e3:6e:66:0c:
10:26:39:9f:a6:87:1a:3f:08:22:b3:a6:48:2a:e8:de:a3:53:
59:17:90:35:1f:8f:1c:2a:87:f6:24:5f:fa:e5:d8:ec:5b:6c:
a1:de:7b:ac:61:b4:fd:70:5f:f4:74:71:30:ee:c5:0d:66:c3:
2b:ce:c9:48
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUchVGlja5TggPM7HXj1OJrGPwDwswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODEwMDlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmNDE2MzJiZjcxM2IzYjE0NmI1YmI5MjVjYjI5ZDU4ZTVlOWQ4YzgyMWRl
YmNkMzAzMWUzZTc4NzEzYjU2MDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKweuxjRglrrZh2hn1bCmLzuwFHjBqcxmpk7IXJcJI6Xu9WAPWQaUZgqBcA7
EFZuU4YVDBSu5cf9ycsV1zmP/eBPLYtiaNpLXeuucBsj7LgcOChYgZy/skjqC8jM
QhwLuFnsENrvETiS61EQ99aTjt+cctknx0PzIy/puRbBUjHsPV5w4kduTikPWcqQ
ewK1xBG7DygZ6bZNtREOsluNEuTIVB+aa+5eRPBpt2kPUsbfdhzVkuJYibno2jaV
FYS/7MMIuYiuRdIq+6VxaXThQzEkUyNxil5Z1+cBDS9ebJqtHzdRURsfUeoxYi4S
vjjq7g72ArEhEgWEzFI5Z/6vCaMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSbxP1o
xZfVu1kNaAvKBZXk7T5CUTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzVkMGI1ZDktMjQ3Ny00ZDM4LWFiN2EtMGM2MGEzM2Q4MjQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFg
QDANBgkqhkiG9w0BAQsFAAOCAQEAZvm6upsVtPMvY1hoVc+/S0PYzLIiXkyCo3vj
oNmhk1ornxmMnpU1SRRRE7jDWNyjPwTWHgGW0egzDDoEaj15DTc833Wt3y/pSuuO
/Ul4X5iiyt0yrxNgFpqbSKIUjxCKAy2w72JTRZAfliu0ry1lMmdQ80Mx+35Df2gC
4da7XvUXFr8wT8umqPSScBpYVco+XDkFtc2hKDhaIyo7KvuxnqT0Z2JS3s73/D66
dNNhMRf1yi3k8VPT7r3n53HQ7d0EE6fjbmYMECY5n6aHGj8IIrOmSCro3qNTWReQ
NR+PHCqH9iRf+uXY7Ftsod57rGG0/XBf9HRxMO7FDWbDK87JSA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:31 2025 by rpki-client