Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa
File: 7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa (raw, json)
Hash identifier: rnGiA1C3xVZSfaz5YmI19OTqN0PrSpn6/KEXhDrEpxU=
Subject key identifier: 42:AB:E6:9E:F0:E3:88:CB:5E:D3:5F:D7:B3:6C:A5:94:50:7D:FD:4D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 28AA2B124E644150FDDD46D36CDBCCC9CD0CCFFF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa
Signing time: Tue 01 Apr 2025 15:01:11 +0000
ROA not before: Tue 01 Apr 2025 15:01:11 +0000
ROA not after: Tue 06 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:aa:2b:12:4e:64:41:50:fd:dd:46:d3:6c:db:cc:c9:cd:0c:cf:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 1 15:01:11 2025 GMT
Not After : May 6 23:59:59 2025 GMT
Subject: serialNumber=ffbba30dce6ae4572200867b666667e83fc37f9f59254f2a375e45935b89afe0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:bb:e1:86:7e:36:0e:b6:13:ad:14:98:f4:35:
8d:87:0d:38:6a:c4:78:1c:74:0f:f5:c4:63:e0:46:
47:55:bc:f8:03:0f:7b:87:13:77:d6:fe:3d:7c:40:
fb:09:bc:1f:f5:51:e7:e4:3d:47:dd:78:9b:36:e4:
6e:c1:98:82:1d:e1:5d:02:45:50:43:06:9b:4e:3d:
d7:e4:d8:e5:47:28:47:85:44:af:3a:07:24:fb:cb:
22:4c:8b:e5:07:57:14:1d:46:a6:b5:7d:12:a2:98:
03:00:90:79:d3:d7:af:3f:8c:c2:e9:ac:a0:3c:ac:
a0:7f:67:0c:e9:c5:4c:06:84:fd:cf:03:1c:86:bb:
19:31:68:b7:06:b4:f0:71:4c:72:6b:44:4b:ff:c5:
6e:9f:c0:ca:f7:c2:b4:fe:c1:05:b8:e8:ad:d4:e2:
f4:c8:34:23:2e:31:09:be:ff:1f:20:b3:cf:1f:44:
34:ee:52:70:14:c9:b6:7c:c3:99:a7:67:c4:f4:68:
70:5b:78:2d:dd:8f:4d:bd:9d:d3:a1:35:2d:ec:07:
84:b0:01:5d:c6:57:50:54:84:f9:60:29:0c:15:9c:
ac:25:e9:d7:50:28:96:f6:42:3c:07:61:e0:51:28:
3b:5c:71:df:11:b4:ac:b7:57:9b:ed:b5:36:2b:8c:
4c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:AB:E6:9E:F0:E3:88:CB:5E:D3:5F:D7:B3:6C:A5:94:50:7D:FD:4D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:e000::/40
Signature Algorithm: sha256WithRSAEncryption
17:3c:f3:da:bd:14:69:d1:bd:cc:49:f8:67:bc:22:66:ce:c2:
f6:d5:be:ee:eb:81:c9:c6:40:82:46:53:ec:d1:0a:9f:ab:47:
1a:e3:90:e9:76:a8:29:92:a4:7c:60:f4:4b:6f:12:9c:25:18:
2c:ed:83:49:b1:fc:27:0b:32:0e:e4:1c:cd:91:fb:b2:67:58:
dd:78:6b:b7:b9:57:6a:69:1a:28:07:bd:d8:61:34:42:0d:73:
e6:c3:8c:4a:92:55:29:e8:10:ee:2a:86:8f:c0:b0:3c:11:21:
5d:0b:b8:af:74:fa:7e:be:73:f2:0d:0b:7c:2d:17:ca:79:17:
f8:0f:eb:6a:3c:a7:b5:d8:42:40:6c:e8:e4:28:ce:67:b0:94:
61:fb:c1:77:52:0b:af:aa:aa:89:cf:a4:16:26:99:49:bd:2e:
8d:65:fb:e8:a9:cd:df:88:d1:6f:18:4b:ae:fc:ee:08:15:9c:
77:02:96:e9:28:ad:7d:d5:19:02:d6:ed:f8:f9:0c:cd:a7:32:
49:53:81:cd:98:4a:19:2c:11:3a:f2:7e:b4:a1:4a:b8:60:cb:
2e:e2:ce:d4:0c:02:21:f7:7c:f0:1e:62:d9:c1:f4:33:45:77:
aa:6c:83:71:e6:c7:8d:56:32:c4:04:39:99:d0:93:34:38:11:
c4:94:ae:3f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKKorEk5kQVD93UbTbNvMyc0Mz/8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MDExNTAxMTFaFw0yNTA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmYmJhMzBkY2U2YWU0NTcyMjAwODY3YjY2NjY2N2U4M2ZjMzdmOWY1OTI1
NGYyYTM3NWU0NTkzNWI4OWFmZTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJm74YZ+Ng62E60UmPQ1jYcNOGrEeBx0D/XEY+BGR1W8+AMPe4cTd9b+PXxA
+wm8H/VR5+Q9R914mzbkbsGYgh3hXQJFUEMGm0491+TY5UcoR4VErzoHJPvLIkyL
5QdXFB1GprV9EqKYAwCQedPXrz+MwumsoDysoH9nDOnFTAaE/c8DHIa7GTFotwa0
8HFMcmtES//Fbp/AyvfCtP7BBbjordTi9Mg0Iy4xCb7/HyCzzx9ENO5ScBTJtnzD
madnxPRocFt4Ld2PTb2d06E1LewHhLABXcZXUFSE+WApDBWcrCXp11AolvZCPAdh
4FEoO1xx3xG0rLdXm+21NiuMTJMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRCq+ae
8OOIy17TX9ezbKWUUH39TTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2EyMjE1ZTctNWVlMi00MjBiLThmOTgtNWUwZmFlZjRjYmVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Djg
MA0GCSqGSIb3DQEBCwUAA4IBAQAXPPPavRRp0b3MSfhnvCJmzsL21b7u64HJxkCC
RlPs0Qqfq0ca45DpdqgpkqR8YPRLbxKcJRgs7YNJsfwnCzIO5BzNkfuyZ1jdeGu3
uVdqaRooB73YYTRCDXPmw4xKklUp6BDuKoaPwLA8ESFdC7ivdPp+vnPyDQt8LRfK
eRf4D+tqPKe12EJAbOjkKM5nsJRh+8F3UguvqqqJz6QWJplJvS6NZfvoqc3fiNFv
GEuu/O4IFZx3ApbpKK191RkC1u34+QzNpzJJU4HNmEoZLBE68n60oUq4YMsu4s7U
DAIh93zwHmLZwfQzRXeqbINx5seNVjLEBDmZ0JM0OBHElK4/
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:24 2025 by rpki-client