Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a025e69-9e3e-460c-9734-42e9bd14485c.roa
File: 7a025e69-9e3e-460c-9734-42e9bd14485c.roa (raw, json)
Hash identifier: 7zUbKJjBK1/mFPPmJXOXHK3tRq71e1KP3LVkp0hhCM0=
Subject key identifier: 82:3F:B2:A2:B5:EA:E0:9A:C0:2D:65:E1:45:F2:6D:5B:9C:F8:58:F4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2B4EBAA222090384D712E4BBCD79FDACB97B3C41
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a025e69-9e3e-460c-9734-42e9bd14485c.roa
Signing time: Tue 15 Apr 2025 15:00:12 +0000
ROA not before: Tue 15 Apr 2025 15:00:12 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:4e:ba:a2:22:09:03:84:d7:12:e4:bb:cd:79:fd:ac:b9:7b:3c:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:00:12 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=6df82799e30f7e0ceb1afdd9f7613b7eaa276a2fc472ddaaa19b36aaafcd861c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b3:ad:d0:f7:4f:45:57:3b:95:43:ad:dc:8d:
cf:8d:fe:38:6d:56:29:23:ba:d2:42:c2:a8:96:89:
cf:a2:cf:28:63:30:04:1a:f5:36:5e:d9:f6:d1:51:
7f:57:1d:e8:9b:1d:f2:f5:68:f1:9e:25:e6:ae:e4:
36:75:93:b7:51:34:5b:77:69:0b:1b:1c:d2:dc:9d:
b3:63:de:47:eb:85:0b:14:5b:0c:e0:e1:ad:8f:ba:
c0:31:75:d9:01:5a:41:f1:4c:b8:fe:07:35:15:9e:
27:27:60:ff:ec:29:d5:76:ac:36:25:da:aa:f1:7b:
86:53:73:56:b8:5f:3e:90:2c:d5:0c:c5:d2:aa:a4:
eb:da:7b:db:10:94:e5:c2:f9:e2:73:8b:23:1e:d2:
04:13:58:f4:2b:d9:77:35:e3:49:4c:c8:73:e7:05:
9d:19:31:50:56:4a:ab:cc:a1:7a:ea:28:7e:a2:ff:
65:e9:24:2b:61:06:8f:31:80:70:cf:eb:7d:11:f3:
b7:69:1e:1e:79:0e:3e:70:98:aa:27:2f:6a:dc:0f:
1b:e8:f5:17:be:52:bf:3c:ff:a9:06:a8:10:84:8c:
4e:04:11:43:53:4c:88:44:3f:12:ad:cf:08:87:ba:
69:f5:92:21:e0:fa:44:2a:7b:6c:4a:5a:88:93:c2:
36:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:3F:B2:A2:B5:EA:E0:9A:C0:2D:65:E1:45:F2:6D:5B:9C:F8:58:F4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a025e69-9e3e-460c-9734-42e9bd14485c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:6000::/40
Signature Algorithm: sha256WithRSAEncryption
54:1c:15:ce:c6:64:d8:b7:63:bc:e3:33:df:73:d5:f9:ab:04:
00:00:9a:5b:0d:a0:33:80:79:ee:fa:ba:61:07:a8:1b:ce:05:
28:06:25:33:0c:71:42:ec:41:87:4f:f0:cd:56:cd:06:f1:5d:
36:d6:b5:73:a7:5b:c6:2a:97:53:bf:60:f4:30:a3:8b:40:26:
32:3f:54:bc:a4:01:0c:52:24:ff:87:39:f4:27:e6:ab:1d:92:
f3:76:a4:a1:e8:1c:aa:dd:6e:72:2b:fd:de:44:71:c4:75:47:
bf:96:a0:a7:4c:44:6a:cd:02:c3:1f:b4:12:da:00:da:27:45:
31:c9:61:9f:df:9e:dc:a7:ee:4d:9e:19:7c:10:69:18:ae:44:
b1:70:35:3f:e4:08:dc:7e:57:25:1b:12:a2:3e:50:81:7a:2a:
e8:c7:82:59:3c:bb:31:c4:da:d9:9b:63:a4:41:15:96:e8:83:
3e:ee:a9:d5:25:22:0c:3a:6e:35:14:34:51:8b:84:6e:9e:69:
a4:2a:9f:92:34:a4:63:a6:df:c1:27:ae:f0:d1:2f:fb:5b:9b:
93:35:3d:c3:df:bc:83:b4:fe:cb:f8:9c:52:e0:fd:b3:0d:f3:
0c:b0:d3:b5:c9:bc:01:46:5a:0c:e7:9f:81:19:de:a9:09:d8:
77:17:64:3f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUK066oiIJA4TXEuS7zXn9rLl7PEEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTAwMTJaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDZkZjgyNzk5ZTMwZjdlMGNlYjFhZmRkOWY3NjEzYjdlYWEyNzZhMmZjNDcy
ZGRhYWExOWIzNmFhYWZjZDg2MWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMCzrdD3T0VXO5VDrdyNz43+OG1WKSO60kLCqJaJz6LPKGMwBBr1Nl7Z9tFR
f1cd6Jsd8vVo8Z4l5q7kNnWTt1E0W3dpCxsc0tyds2PeR+uFCxRbDODhrY+6wDF1
2QFaQfFMuP4HNRWeJydg/+wp1XasNiXaqvF7hlNzVrhfPpAs1QzF0qqk69p72xCU
5cL54nOLIx7SBBNY9CvZdzXjSUzIc+cFnRkxUFZKq8yheuoofqL/ZekkK2EGjzGA
cM/rfRHzt2keHnkOPnCYqicvatwPG+j1F75Svzz/qQaoEISMTgQRQ1NMiEQ/Eq3P
CIe6afWSIeD6RCp7bEpaiJPCNncCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSCP7Ki
tergmsAtZeFF8m1bnPhY9DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2EwMjVlNjktOWUzZS00NjBjLTk3MzQtNDJlOWJkMTQ0ODVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBg
MA0GCSqGSIb3DQEBCwUAA4IBAQBUHBXOxmTYt2O84zPfc9X5qwQAAJpbDaAzgHnu
+rphB6gbzgUoBiUzDHFC7EGHT/DNVs0G8V021rVzp1vGKpdTv2D0MKOLQCYyP1S8
pAEMUiT/hzn0J+arHZLzdqSh6Byq3W5yK/3eRHHEdUe/lqCnTERqzQLDH7QS2gDa
J0UxyWGf357cp+5Nnhl8EGkYrkSxcDU/5AjcflclGxKiPlCBeirox4JZPLsxxNrZ
m2OkQRWW6IM+7qnVJSIMOm41FDRRi4RunmmkKp+SNKRjpt/BJ67w0S/7W5uTNT3D
37yDtP7L+JxS4P2zDfMMsNO1ybwBRloM55+BGd6pCdh3F2Q/
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:52 2025 by rpki-client