Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79440387-66a3-4852-a94b-8a3250f20726.roa
File: 79440387-66a3-4852-a94b-8a3250f20726.roa (raw, json)
Hash identifier: V6Lq9PFTvdlQ8z54mlUBiMJ+T277DsHsECSIkAIM7rE=
Subject key identifier: 5D:00:24:0A:BC:65:85:43:8E:55:77:17:BE:F5:A1:82:D8:2B:66:4A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 12F93FA4AFF80F8664981DF2FEB06B83682226E1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79440387-66a3-4852-a94b-8a3250f20726.roa
Signing time: Fri 25 Apr 2025 18:10:49 +0000
ROA not before: Fri 25 Apr 2025 18:10:49 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:f9:3f:a4:af:f8:0f:86:64:98:1d:f2:fe:b0:6b:83:68:22:26:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:10:49 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=2f7e8eebf99fa4ecc52d4c1f3c0c53dfe05cd588bbb1abf30ca3779db923d6e8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:5f:36:c4:e5:4e:d4:ed:c4:dc:36:f1:f6:15:
f1:b4:b5:2c:5c:17:4e:9d:b9:24:85:66:85:fc:f3:
38:8c:a8:7c:ea:71:8f:37:46:a1:de:81:35:f3:7b:
ea:40:d6:ac:8a:5d:49:fa:42:dd:1c:b3:fd:6a:cf:
e1:2c:aa:16:63:0c:66:39:39:d5:b8:46:06:57:c3:
3c:9b:84:0f:45:3c:56:7d:62:86:b9:e9:a0:83:db:
9f:d7:a5:1c:73:eb:4a:e2:87:b7:e1:b7:47:7d:2a:
ce:12:3b:f7:d0:57:eb:fb:86:61:79:03:3d:b2:f7:
59:46:8d:57:bb:68:66:a8:10:ab:4b:90:02:b1:27:
9a:1c:b6:d9:9a:0b:e5:b0:e9:fa:0f:3a:8b:4e:59:
e5:81:ea:dd:ea:be:1a:aa:1e:2f:a6:ae:88:dc:82:
ca:85:98:26:20:6b:45:83:24:7c:ff:2b:75:d2:8d:
10:b2:02:80:dd:ca:dd:77:05:43:2d:d9:ed:1c:35:
80:39:61:60:a9:a1:47:f7:f5:98:b0:13:da:32:63:
3f:5b:d8:d2:06:27:00:b6:4d:62:c8:8f:fb:aa:1d:
c0:c7:2c:19:2f:ee:1f:92:10:15:63:db:8b:32:70:
bf:09:dc:59:27:bd:c2:dd:48:3f:d8:60:c9:28:d4:
25:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:00:24:0A:BC:65:85:43:8E:55:77:17:BE:F5:A1:82:D8:2B:66:4A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79440387-66a3-4852-a94b-8a3250f20726.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a040::/48
Signature Algorithm: sha256WithRSAEncryption
36:0a:3a:35:d0:ee:b9:90:57:b8:50:ba:92:5b:2f:81:4d:29:
0c:ac:d2:d5:1b:82:84:d7:37:b9:76:f5:36:2e:13:fd:f3:0b:
70:02:a2:2f:87:02:78:f5:0e:c2:fc:73:cf:f1:2b:f7:a7:85:
df:7c:de:a4:26:ce:73:3e:26:d3:de:fd:41:48:bd:c6:11:a9:
33:6b:67:a9:21:00:6d:31:92:23:a4:f3:55:dd:e5:3d:04:af:
ce:b8:c1:38:3a:6a:ac:4d:80:bf:10:c2:0e:31:b0:20:10:17:
22:ca:9b:24:41:84:8c:21:d4:80:5e:ed:6c:de:71:93:9b:e3:
8e:4b:fa:65:42:e1:fb:a7:51:94:68:3c:86:33:e0:3a:56:87:
6b:d7:b5:07:38:38:48:e8:a3:86:83:d7:fe:73:42:b5:4e:c6:
c9:f4:8f:43:53:51:f8:b0:5c:d5:d5:d8:89:62:30:2f:c3:72:
63:0f:25:10:d4:a3:58:e6:64:c4:7c:a0:63:6e:97:56:80:e7:
ce:9a:8f:c1:8d:a7:b0:c1:4f:cb:51:c2:e7:76:a7:45:89:96:
67:0e:80:3b:7a:60:b2:06:c1:16:68:f0:67:80:10:15:78:df:
0c:b8:47:48:10:2e:e6:08:ab:30:70:32:4a:70:29:48:70:4b:
9c:af:b9:62
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEvk/pK/4D4ZkmB3y/rBrg2giJuEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODEwNDlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmN2U4ZWViZjk5ZmE0ZWNjNTJkNGMxZjNjMGM1M2RmZTA1Y2Q1ODhiYmIx
YWJmMzBjYTM3NzlkYjkyM2Q2ZTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOhfNsTlTtTtxNw28fYV8bS1LFwXTp25JIVmhfzzOIyofOpxjzdGod6BNfN7
6kDWrIpdSfpC3Ryz/WrP4SyqFmMMZjk51bhGBlfDPJuED0U8Vn1ihrnpoIPbn9el
HHPrSuKHt+G3R30qzhI799BX6/uGYXkDPbL3WUaNV7toZqgQq0uQArEnmhy22ZoL
5bDp+g86i05Z5YHq3eq+GqoeL6auiNyCyoWYJiBrRYMkfP8rddKNELICgN3K3XcF
Qy3Z7Rw1gDlhYKmhR/f1mLAT2jJjP1vY0gYnALZNYsiP+6odwMcsGS/uH5IQFWPb
izJwvwncWSe9wt1IP9hgySjUJe8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRdACQK
vGWFQ45Vdxe+9aGC2CtmSjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Nzk0NDAzODctNjZhMy00ODUyLWE5NGItOGEzMjUwZjIwNzI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+g
QDANBgkqhkiG9w0BAQsFAAOCAQEANgo6NdDuuZBXuFC6klsvgU0pDKzS1RuChNc3
uXb1Ni4T/fMLcAKiL4cCePUOwvxzz/Er96eF33zepCbOcz4m0979QUi9xhGpM2tn
qSEAbTGSI6TzVd3lPQSvzrjBODpqrE2AvxDCDjGwIBAXIsqbJEGEjCHUgF7tbN5x
k5vjjkv6ZULh+6dRlGg8hjPgOlaHa9e1Bzg4SOijhoPX/nNCtU7GyfSPQ1NR+LBc
1dXYiWIwL8NyYw8lENSjWOZkxHygY26XVoDnzpqPwY2nsMFPy1HC53anRYmWZw6A
O3pgsgbBFmjwZ4AQFXjfDLhHSBAu5girMHAySnApSHBLnK+5Yg==
-----END CERTIFICATE-----
Generated at Sun Apr 27 07:06:11 2025 by rpki-client