Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/78085d0a-f1ac-43b7-ac6b-a8afcf9782f5.roa
File: 78085d0a-f1ac-43b7-ac6b-a8afcf9782f5.roa (raw, json)
Hash identifier: AkX4jYHv6/jxg0s/6wTHh5ZG9S4MDWQ8h3jVRjv6u0k=
Subject key identifier: 7E:12:42:24:5F:0B:DE:00:EF:49:66:7C:D2:E3:DC:C7:F5:E6:F3:13
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0660A87CA46199C95EB930B9D2E1416CE1306F43
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/78085d0a-f1ac-43b7-ac6b-a8afcf9782f5.roa
Signing time: Tue 15 Apr 2025 15:10:05 +0000
ROA not before: Tue 15 Apr 2025 15:10:05 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:60:a8:7c:a4:61:99:c9:5e:b9:30:b9:d2:e1:41:6c:e1:30:6f:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:10:05 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=d21ac9e67935402f84e3a88247e8dfa3f3b5dd8867d0df2d2879f7543474aa4e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:70:e3:38:26:3f:85:d0:3c:93:1d:a4:35:4c:
0a:b1:09:9a:7f:67:aa:95:21:96:bf:af:94:50:f3:
c9:31:5f:7c:25:66:55:34:75:24:c6:b9:56:f4:59:
40:3a:80:d4:60:7b:03:59:65:56:53:e3:e5:b6:f3:
07:80:54:c0:c6:da:04:0e:52:20:5f:03:53:66:e2:
61:e1:58:35:18:5c:b1:d2:9c:2e:69:56:39:a1:f1:
f2:1e:af:b1:1f:df:42:48:b0:ad:c5:b2:51:f1:a2:
fa:c2:b4:63:60:1a:f8:fc:d5:b9:f6:ed:bd:c5:1c:
2a:8a:a0:5f:8b:01:a0:24:c5:4f:7b:35:51:da:4e:
8c:8d:ff:2d:8f:7e:7f:73:dd:39:96:f6:1b:aa:8a:
e2:d8:5a:0d:22:9b:a0:dc:a3:8b:78:40:e8:8f:2a:
12:a0:b7:36:a8:35:5b:dd:1f:24:d3:a3:0b:9e:fc:
ac:ea:6e:76:a0:71:c3:80:18:72:89:2e:d4:94:01:
b6:a7:6c:15:a9:96:59:93:9c:d1:a0:bc:1d:1a:dc:
66:8f:36:6f:8f:9e:c4:14:64:da:79:21:0e:02:51:
7a:5f:8a:71:0c:ae:6d:48:ae:91:5c:a6:86:d6:bd:
32:8f:ef:72:b9:8d:54:3d:4c:1a:e0:4e:73:f8:16:
04:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:12:42:24:5F:0B:DE:00:EF:49:66:7C:D2:E3:DC:C7:F5:E6:F3:13
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/78085d0a-f1ac-43b7-ac6b-a8afcf9782f5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:c000::/40
Signature Algorithm: sha256WithRSAEncryption
b7:b8:2b:17:2c:dd:48:5f:88:ec:4f:b6:02:34:c1:51:be:7f:
80:49:49:2d:d2:82:7a:d4:96:19:30:da:37:d3:d2:d7:3a:30:
05:1c:59:cb:c4:ee:79:ed:b6:ec:04:d3:8a:5e:f1:0f:73:18:
4d:e0:20:11:db:a8:62:48:97:e3:32:28:5a:5a:19:93:b4:01:
a8:dc:9c:21:6f:d6:7e:4d:da:87:08:95:ad:96:11:95:59:42:
6c:f4:40:3e:1e:b3:00:37:a5:d0:45:4b:0e:ac:8a:e2:b1:8b:
a4:aa:e6:01:08:cb:cb:11:0f:fc:8b:0e:00:9c:e1:7d:e5:b3:
6f:09:c3:87:ac:83:74:74:aa:d4:dd:03:82:d9:96:e9:e2:7a:
19:c5:f8:56:a4:77:2f:5b:e8:61:96:af:48:55:55:83:5e:2d:
04:ab:87:43:e9:4f:d5:e5:9b:96:8a:f4:ca:c3:64:79:cb:d9:
87:41:b5:70:1a:cb:cb:45:08:16:7c:79:eb:5a:18:f4:6f:9f:
fc:ab:fc:fe:9b:94:3e:9d:22:27:58:1f:62:bd:0b:76:a5:0b:
78:70:07:84:b2:ed:11:1a:e0:8b:74:14:7c:6d:8c:9b:a5:cc:
6d:3a:bc:a4:41:de:50:42:f9:8f:28:ee:17:85:b6:c8:a8:e1:
f3:f0:72:af
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBmCofKRhmcleuTC50uFBbOEwb0MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTEwMDVaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyMWFjOWU2NzkzNTQwMmY4NGUzYTg4MjQ3ZThkZmEzZjNiNWRkODg2N2Qw
ZGYyZDI4NzlmNzU0MzQ3NGFhNGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJhw4zgmP4XQPJMdpDVMCrEJmn9nqpUhlr+vlFDzyTFffCVmVTR1JMa5VvRZ
QDqA1GB7A1llVlPj5bbzB4BUwMbaBA5SIF8DU2biYeFYNRhcsdKcLmlWOaHx8h6v
sR/fQkiwrcWyUfGi+sK0Y2Aa+PzVufbtvcUcKoqgX4sBoCTFT3s1UdpOjI3/LY9+
f3PdOZb2G6qK4thaDSKboNyji3hA6I8qEqC3Nqg1W90fJNOjC578rOpudqBxw4AY
coku1JQBtqdsFamWWZOc0aC8HRrcZo82b4+exBRk2nkhDgJRel+KcQyubUiukVym
hta9Mo/vcrmNVD1MGuBOc/gWBDECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR+EkIk
XwveAO9JZnzS49zH9ebzEzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzgwODVkMGEtZjFhYy00M2I3LWFjNmItYThhZmNmOTc4MmY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DDA
MA0GCSqGSIb3DQEBCwUAA4IBAQC3uCsXLN1IX4jsT7YCNMFRvn+ASUkt0oJ61JYZ
MNo309LXOjAFHFnLxO557bbsBNOKXvEPcxhN4CAR26hiSJfjMihaWhmTtAGo3Jwh
b9Z+TdqHCJWtlhGVWUJs9EA+HrMAN6XQRUsOrIrisYukquYBCMvLEQ/8iw4AnOF9
5bNvCcOHrIN0dKrU3QOC2Zbp4noZxfhWpHcvW+hhlq9IVVWDXi0Eq4dD6U/V5ZuW
ivTKw2R5y9mHQbVwGsvLRQgWfHnrWhj0b5/8q/z+m5Q+nSInWB9ivQt2pQt4cAeE
su0RGuCLdBR8bYybpcxtOrykQd5QQvmPKO4XhbbIqOHz8HKv
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:33 2025 by rpki-client