Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/773f4606-0d98-4350-9ccd-3aba599136ef.roa
File: 773f4606-0d98-4350-9ccd-3aba599136ef.roa (raw, json)
Hash identifier: UgrJi7z2/kFCi2hRcUk0g/PJbSh3tvXy6bKDVQCTsZY=
Subject key identifier: C4:C8:9F:FD:68:2C:21:A2:08:2E:D3:17:3C:E4:3D:7D:AE:19:C6:E4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5B92260FD0E42A869D7F3EEA68866A89C99A600B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/773f4606-0d98-4350-9ccd-3aba599136ef.roa
Signing time: Mon 21 Apr 2025 18:31:07 +0000
ROA not before: Mon 21 Apr 2025 18:31:07 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:92:26:0f:d0:e4:2a:86:9d:7f:3e:ea:68:86:6a:89:c9:9a:60:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 21 18:31:07 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=ff4f0d11ebeeeeac7e719d183045c7f629e266c31aaa65cb63f30526f7e928c5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:cf:ed:88:2d:73:b3:19:0f:58:11:05:87:96:
fc:1a:16:56:fa:e0:15:3e:67:85:3a:ea:09:34:de:
92:86:29:4e:7f:3a:a5:b3:88:2f:68:ce:17:13:6a:
7c:06:3f:19:dd:8a:11:2d:cf:3a:0c:5a:ab:dd:5b:
e4:9a:d1:80:5a:00:f1:fe:bb:14:4e:a3:45:fc:98:
ab:fe:63:74:85:d9:2e:2a:29:45:27:c4:1f:91:54:
90:66:0e:63:95:06:f7:75:da:f4:21:4e:a3:ae:63:
6c:d5:68:fa:4a:0f:1d:36:9e:f2:95:e7:4f:89:1b:
b4:79:4b:67:12:f2:7a:8d:4d:90:ba:f0:6a:c1:0b:
32:80:8a:91:b1:96:44:ac:58:97:de:59:e1:f4:14:
00:d6:ec:7e:d9:af:b4:a4:f3:d8:80:dd:1b:1e:56:
8a:7f:0a:a4:36:b4:09:33:94:4f:d7:0a:94:30:a8:
49:36:cb:52:e2:50:11:65:bd:dc:85:37:83:0f:2c:
9e:60:6b:ff:b6:e6:41:91:55:ae:9b:4f:7e:97:7d:
be:d7:dc:15:4b:cb:f4:96:0f:76:b9:5c:05:94:78:
1e:ed:a9:ce:fb:9f:1a:7a:7f:c6:be:02:f0:6e:3e:
55:30:80:d6:c2:0f:09:0e:4c:5d:18:19:1d:3d:4a:
ac:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:C8:9F:FD:68:2C:21:A2:08:2E:D3:17:3C:E4:3D:7D:AE:19:C6:E4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/773f4606-0d98-4350-9ccd-3aba599136ef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:800::/40
Signature Algorithm: sha256WithRSAEncryption
55:32:c8:3e:dc:89:1f:4e:99:f8:fb:f7:6b:49:f1:f2:d6:b7:
c5:bd:6d:7d:31:97:94:f0:65:34:1b:64:74:85:f1:57:22:80:
47:c0:8d:87:5c:a0:05:ca:db:29:8f:c9:86:85:d4:1b:cf:bf:
e8:4c:5c:ec:c9:d0:38:19:79:f5:6a:56:4a:c9:06:c8:f7:45:
09:c7:6c:f4:fa:ec:01:00:b3:fe:14:bc:28:a5:5b:68:9b:69:
a9:b1:97:fa:1c:2a:1a:eb:d9:12:88:34:96:c9:12:98:62:47:
29:db:60:7c:c3:b1:21:6e:4f:79:c3:cb:a2:46:ad:cc:5e:e6:
24:17:f4:4a:08:78:86:b4:ce:31:a9:6d:9e:cf:a6:a5:b4:df:
ca:c7:9e:90:83:71:d4:57:65:b7:e6:3d:d7:76:e4:9a:8f:8f:
61:ab:d3:92:23:f5:f0:95:00:bd:66:0e:20:3a:ca:3f:c1:ba:
35:58:f6:00:36:c6:59:03:f9:27:8c:2a:12:91:7a:55:65:22:
6f:7c:30:58:2d:21:b5:92:88:da:e6:f5:8a:ea:4d:18:18:de:
62:1c:42:9a:8c:4d:c9:9f:cc:9d:a6:8d:bc:a6:ca:92:30:bb:
eb:98:70:20:13:34:23:4c:fb:f1:6c:18:d2:ee:c5:2c:24:c1:
03:ea:b7:79
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUW5ImD9DkKoadfz7qaIZqicmaYAswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjExODMxMDdaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmNGYwZDExZWJlZWVlYWM3ZTcxOWQxODMwNDVjN2Y2MjllMjY2YzMxYWFh
NjVjYjYzZjMwNTI2ZjdlOTI4YzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMzP7Ygtc7MZD1gRBYeW/BoWVvrgFT5nhTrqCTTekoYpTn86pbOIL2jOFxNq
fAY/Gd2KES3POgxaq91b5JrRgFoA8f67FE6jRfyYq/5jdIXZLiopRSfEH5FUkGYO
Y5UG93Xa9CFOo65jbNVo+koPHTae8pXnT4kbtHlLZxLyeo1NkLrwasELMoCKkbGW
RKxYl95Z4fQUANbsftmvtKTz2IDdGx5Win8KpDa0CTOUT9cKlDCoSTbLUuJQEWW9
3IU3gw8snmBr/7bmQZFVrptPfpd9vtfcFUvL9JYPdrlcBZR4Hu2pzvufGnp/xr4C
8G4+VTCA1sIPCQ5MXRgZHT1KrLMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTEyJ/9
aCwhoggu0xc85D19rhnG5DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzczZjQ2MDYtMGQ5OC00MzUwLTljY2QtM2FiYTU5OTEzNmVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DgI
MA0GCSqGSIb3DQEBCwUAA4IBAQBVMsg+3IkfTpn4+/drSfHy1rfFvW19MZeU8GU0
G2R0hfFXIoBHwI2HXKAFytspj8mGhdQbz7/oTFzsydA4GXn1alZKyQbI90UJx2z0
+uwBALP+FLwopVtom2mpsZf6HCoa69kSiDSWyRKYYkcp22B8w7Ehbk95w8uiRq3M
XuYkF/RKCHiGtM4xqW2ez6altN/Kx56Qg3HUV2W35j3XduSaj49hq9OSI/XwlQC9
Zg4gOso/wbo1WPYANsZZA/knjCoSkXpVZSJvfDBYLSG1koja5vWK6k0YGN5iHEKa
jE3Jn8ydpo28psqSMLvrmHAgEzQjTPvxbBjS7sUsJMED6rd5
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:09 2025 by rpki-client