Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a5c899e-1564-4329-8939-7004d7b754c8.roa
File: 7a5c899e-1564-4329-8939-7004d7b754c8.roa (raw, json)
Hash identifier: qdMpb+E8RSWaQMEB+AiY2ox6fiMWdcVWpoxH397NclQ=
Subject key identifier: 88:01:9E:29:B2:BD:7C:86:9A:C6:43:38:26:D7:95:FC:47:87:02:9D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 14D05BF6C8FD7E9BB6E497D55B42B05490F115F4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a5c899e-1564-4329-8939-7004d7b754c8.roa
Signing time: Fri 25 Apr 2025 20:01:40 +0000
ROA not before: Fri 25 Apr 2025 20:01:40 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:d0:5b:f6:c8:fd:7e:9b:b6:e4:97:d5:5b:42:b0:54:90:f1:15:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:01:40 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=1351b832ea00b9e3f2fe55a8518412b515dbcad99d8e68a5517bcd528b6844d2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:d0:b7:c5:48:e9:6c:34:ec:65:fc:26:fa:0e:
cd:8b:9f:75:29:ff:e1:96:d2:cc:29:09:91:a7:ce:
89:06:45:31:79:23:24:ce:78:22:fc:fe:23:d9:2c:
6c:08:78:c8:f7:2b:b2:51:aa:1d:5b:fe:b5:f2:8d:
6e:12:8e:d7:0e:7d:a4:de:46:99:36:e0:77:74:61:
f6:cf:8f:a2:6c:30:cd:14:dd:48:c7:c0:92:f0:5d:
6f:0a:88:60:f0:87:23:05:2f:da:eb:43:0d:43:e8:
45:ea:22:95:64:03:fd:15:c6:6c:ff:e7:14:44:6c:
5d:e2:8d:27:56:27:05:46:ac:14:ad:a2:52:40:8c:
33:cd:9c:8f:67:34:12:88:76:8d:3f:f4:0f:b4:9c:
e0:d8:5e:71:72:4c:3a:b1:e2:c5:ff:4e:19:7f:68:
7e:b8:76:cf:08:09:37:e9:8e:df:ce:3d:90:4d:37:
06:97:4d:39:3b:0e:ed:ab:4e:2f:29:ca:a5:f0:af:
db:68:d8:c3:1e:f8:05:0a:7c:f3:82:af:15:0b:dd:
61:e9:75:c6:8d:00:34:fb:3d:85:f1:86:9f:58:18:
65:e2:fc:fa:36:d5:d6:79:54:44:eb:ac:a7:0f:92:
81:7d:6e:cd:82:6b:0b:ca:fe:9b:5a:65:b3:98:ee:
b6:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:01:9E:29:B2:BD:7C:86:9A:C6:43:38:26:D7:95:FC:47:87:02:9D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a5c899e-1564-4329-8939-7004d7b754c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:9000::/40
Signature Algorithm: sha256WithRSAEncryption
99:a8:3d:d8:8e:b7:52:d8:25:bb:5a:ce:4c:4b:33:0e:22:d8:
6c:d7:86:73:8e:7e:98:c5:03:d4:38:c4:19:a9:cd:ae:d8:3a:
5e:4d:5e:6f:ae:84:1b:ff:89:7f:f3:85:c7:9c:e6:3d:0e:bd:
2d:c5:03:23:30:9f:64:ba:02:95:20:81:16:16:ae:9d:c3:c9:
aa:23:ef:07:3d:d6:be:fe:06:09:de:9e:1c:a8:cf:39:82:56:
b3:13:7e:c1:57:8c:ec:5f:bc:5a:c6:92:6e:a8:b7:5f:c5:70:
04:08:bc:f4:22:24:9b:13:bb:a3:6a:cc:7d:f6:25:7a:7b:e8:
38:ef:b5:4e:1b:4c:09:33:39:d8:b5:bf:b7:ba:31:70:92:21:
00:4b:7b:ab:28:cb:52:3c:45:c8:6c:41:4e:98:21:2e:56:de:
4a:31:8c:81:62:04:ac:62:c5:5a:55:0e:3e:ef:b7:2e:a4:72:
08:d6:d4:d2:3d:50:9d:84:ed:9b:08:3d:16:ca:46:18:6a:d9:
1d:9a:a6:4f:11:4b:e2:23:67:5f:b4:94:59:5a:d4:6a:9e:61:
04:d3:87:ef:12:ab:90:f7:c7:a2:4a:99:79:9c:a9:aa:e5:3a:
a7:8c:97:b2:ba:52:69:a3:30:20:a7:71:70:31:cd:ea:eb:7c:
83:12:f5:dc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFNBb9sj9fpu25JfVW0KwVJDxFfQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDAxNDBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDEzNTFiODMyZWEwMGI5ZTNmMmZlNTVhODUxODQxMmI1MTVkYmNhZDk5ZDhl
NjhhNTUxN2JjZDUyOGI2ODQ0ZDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN7Qt8VI6Ww07GX8JvoOzYufdSn/4ZbSzCkJkafOiQZFMXkjJM54Ivz+I9ks
bAh4yPcrslGqHVv+tfKNbhKO1w59pN5GmTbgd3Rh9s+PomwwzRTdSMfAkvBdbwqI
YPCHIwUv2utDDUPoReoilWQD/RXGbP/nFERsXeKNJ1YnBUasFK2iUkCMM82cj2c0
Eoh2jT/0D7Sc4NhecXJMOrHixf9OGX9ofrh2zwgJN+mO3849kE03BpdNOTsO7atO
LynKpfCv22jYwx74BQp884KvFQvdYel1xo0ANPs9hfGGn1gYZeL8+jbV1nlUROus
pw+SgX1uzYJrC8r+m1pls5juttsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSIAZ4p
sr18hprGQzgm15X8R4cCnTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2E1Yzg5OWUtMTU2NC00MzI5LTg5MzktNzAwNGQ3Yjc1NGM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCZqD3YjrdS2CW7Ws5MSzMOIths14Zzjn6YxQPU
OMQZqc2u2DpeTV5vroQb/4l/84XHnOY9Dr0txQMjMJ9kugKVIIEWFq6dw8mqI+8H
Pda+/gYJ3p4cqM85glazE37BV4zsX7xaxpJuqLdfxXAECLz0IiSbE7ujasx99iV6
e+g477VOG0wJMznYtb+3ujFwkiEAS3urKMtSPEXIbEFOmCEuVt5KMYyBYgSsYsVa
VQ4+77cupHII1tTSPVCdhO2bCD0WykYYatkdmqZPEUviI2dftJRZWtRqnmEE04fv
EquQ98eiSpl5nKmq5TqnjJeyulJpozAgp3FwMc3q63yDEvXc
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:50:09 2025 by rpki-client