Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a6d5c4d-40dd-4577-9520-a2ac286c8194.roa
File: 7a6d5c4d-40dd-4577-9520-a2ac286c8194.roa (raw, json)
Hash identifier: BLYyijC90HDZcx1IT1LV4DIC2oGewb3lUupd/42P+p0=
Subject key identifier: 83:47:E9:AA:0E:67:6F:3B:47:AD:E6:12:63:B2:13:F5:6F:88:68:4A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 43CE3C01F80B47348DACE5DBC916D57D50AC5A78
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a6d5c4d-40dd-4577-9520-a2ac286c8194.roa
Signing time: Fri 25 Apr 2025 18:11:18 +0000
ROA not before: Fri 25 Apr 2025 18:11:18 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:c0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:ce:3c:01:f8:0b:47:34:8d:ac:e5:db:c9:16:d5:7d:50:ac:5a:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:11:18 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=8eb5e35343a9bbc487fc68021832e545911364d0a1da1d4e1a58c7a6c47b90f0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:de:1f:8b:cb:01:2e:cb:12:6a:f1:1b:da:5c:
a7:c1:9b:0c:be:75:56:98:8d:a6:39:ac:45:6d:fc:
48:c3:97:bd:bb:d5:57:9f:ca:53:8a:a3:fa:69:e8:
34:78:70:53:07:2b:82:4a:d4:61:fb:40:94:ac:d8:
17:8c:78:be:4c:4b:d0:54:23:cd:a0:64:59:2a:1b:
d4:f9:9a:89:d4:2b:2d:40:98:dc:d9:3b:32:ec:a4:
36:cc:fd:dd:2f:6f:b7:ee:bf:ec:cb:9d:ab:7d:8d:
76:93:f5:96:f1:c5:4c:2d:4f:49:5b:36:ca:1c:a4:
89:1d:e6:e5:a3:b9:ad:55:9e:51:37:9c:92:ba:1d:
35:f2:fc:83:83:1f:ce:ed:20:04:8a:a7:fe:5f:eb:
7a:c3:9a:6b:7a:6b:19:eb:bc:33:fa:6f:4d:7c:9e:
3f:25:4b:33:a3:ff:c4:58:dc:c2:99:5e:1e:43:a5:
cd:3e:3e:59:fd:7b:b2:30:28:b9:fb:1c:5b:7a:0a:
28:df:ec:4f:32:27:e4:4f:8e:07:66:b3:e5:bc:aa:
5c:9b:b5:a0:4c:3f:3e:4e:f5:2b:79:d9:11:0b:f4:
98:f3:0f:b3:63:cc:5d:00:bc:59:80:85:b9:56:5a:
13:3e:54:c6:07:da:cd:bc:6c:31:0e:30:3e:56:36:
fb:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:47:E9:AA:0E:67:6F:3B:47:AD:E6:12:63:B2:13:F5:6F:88:68:4A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a6d5c4d-40dd-4577-9520-a2ac286c8194.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
b9:03:8f:f0:bf:09:1c:55:61:6b:df:b0:f2:3c:27:20:48:c1:
40:21:89:53:f9:fd:08:c0:f5:74:63:a9:37:2e:13:6d:2d:d1:
dc:6b:ff:cd:ab:70:aa:b9:69:00:33:92:03:81:c8:a9:bb:c5:
10:fa:8f:f5:e3:2d:57:85:9b:21:89:91:cd:8e:ba:99:61:31:
10:cf:2f:fc:33:5d:49:46:a9:84:34:c8:45:c7:6b:06:91:74:
14:71:d6:ec:fe:91:a5:f5:a2:ee:ea:5e:66:aa:bd:6b:21:99:
d5:1c:f3:b1:7b:e4:3d:ab:8b:05:63:e7:fb:7c:57:1d:60:5f:
4c:4d:9c:8d:a7:d2:2a:d2:06:8d:c3:68:1c:10:50:a2:c2:95:
25:7c:11:ca:5f:09:c0:b2:7c:c2:39:80:de:69:a5:2e:37:3e:
c9:32:79:92:47:83:1e:3f:3d:f4:1a:f0:1f:bf:8b:3c:19:04:
8c:dd:14:1a:b0:3e:a8:34:74:8a:93:bc:94:9b:77:b6:c3:26:
c6:f2:3e:e6:a1:ab:d2:d9:fe:3a:c7:88:f1:d4:4f:9c:f0:1f:
17:01:57:3e:05:fe:0b:3a:ab:71:49:e4:b5:20:01:a7:b7:f9:
04:b4:67:67:90:96:cb:ca:16:3e:62:fe:16:8d:cc:3c:47:10:
62:03:af:92
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQ848AfgLRzSNrOXbyRbVfVCsWngwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODExMThaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlYjVlMzUzNDNhOWJiYzQ4N2ZjNjgwMjE4MzJlNTQ1OTExMzY0ZDBhMWRh
MWQ0ZTFhNThjN2E2YzQ3YjkwZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOfeH4vLAS7LEmrxG9pcp8GbDL51VpiNpjmsRW38SMOXvbvVV5/KU4qj+mno
NHhwUwcrgkrUYftAlKzYF4x4vkxL0FQjzaBkWSob1PmaidQrLUCY3Nk7MuykNsz9
3S9vt+6/7Mudq32NdpP1lvHFTC1PSVs2yhykiR3m5aO5rVWeUTeckrodNfL8g4Mf
zu0gBIqn/l/resOaa3prGeu8M/pvTXyePyVLM6P/xFjcwpleHkOlzT4+Wf17sjAo
ufscW3oKKN/sTzIn5E+OB2az5byqXJu1oEw/Pk71K3nZEQv0mPMPs2PMXQC8WYCF
uVZaEz5UxgfazbxsMQ4wPlY2+78CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSDR+mq
DmdvO0et5hJjshP1b4hoSjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2E2ZDVjNGQtNDBkZC00NTc3LTk1MjAtYTJhYzI4NmM4MTk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/A
wDANBgkqhkiG9w0BAQsFAAOCAQEAuQOP8L8JHFVha9+w8jwnIEjBQCGJU/n9CMD1
dGOpNy4TbS3R3Gv/zatwqrlpADOSA4HIqbvFEPqP9eMtV4WbIYmRzY66mWExEM8v
/DNdSUaphDTIRcdrBpF0FHHW7P6RpfWi7upeZqq9ayGZ1RzzsXvkPauLBWPn+3xX
HWBfTE2cjafSKtIGjcNoHBBQosKVJXwRyl8JwLJ8wjmA3mmlLjc+yTJ5kkeDHj89
9BrwH7+LPBkEjN0UGrA+qDR0ipO8lJt3tsMmxvI+5qGr0tn+OseI8dRPnPAfFwFX
PgX+CzqrcUnktSABp7f5BLRnZ5CWy8oWPmL+Fo3MPEcQYgOvkg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:25 2025 by rpki-client