Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df76649-dcc0-4f8c-be6b-13fca27ec4f2.roa
File: 7df76649-dcc0-4f8c-be6b-13fca27ec4f2.roa (raw, json)
Hash identifier: CmbxOphf9VIIIAKhuVwNbcUpWDzhvIw4iN9AZva7Y2M=
Subject key identifier: 12:17:CB:FA:A0:40:DC:80:D4:9F:0F:C9:50:0A:C4:D9:60:36:66:FB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 747899860AEC0D870A2BC2F4DF763D146D34EB83
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df76649-dcc0-4f8c-be6b-13fca27ec4f2.roa
Signing time: Fri 25 Apr 2025 20:11:16 +0000
ROA not before: Fri 25 Apr 2025 20:11:16 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:78:99:86:0a:ec:0d:87:0a:2b:c2:f4:df:76:3d:14:6d:34:eb:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:11:16 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=3b7ee922a2ccba5d4cb3f08167f39b83bfcc63ab419c9cfeb76b9ef381cc5199, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:1a:03:f7:8a:ee:9d:c4:3b:26:a2:30:71:2e:
da:f0:3c:0d:24:ce:0b:34:41:98:fa:ad:d0:c7:14:
c9:d2:da:97:ee:5c:48:e2:ab:d9:ed:5d:2d:bc:13:
9d:86:eb:9f:4f:2b:38:92:c7:4c:21:39:b1:e8:23:
5d:99:fa:82:6d:41:d5:4f:3c:b8:60:c1:08:b9:c8:
33:78:ba:1c:8e:ab:3d:52:6d:27:c3:16:4d:40:a2:
6b:ce:e4:10:96:12:c0:a5:fb:80:1b:3c:c0:ba:c7:
3f:15:a6:74:03:40:ba:eb:5f:61:89:f6:59:aa:ec:
fe:ca:62:b7:55:9d:07:34:78:69:14:16:81:00:90:
7d:a8:31:0d:48:43:ee:b9:9c:f6:f2:9c:43:46:e1:
f6:dd:f6:5c:1d:30:5e:af:d9:ff:27:f4:46:fb:9d:
16:59:ca:9e:51:86:e1:fa:e8:28:9d:59:52:a0:d4:
6d:3b:f5:69:82:8a:6f:34:a3:1e:23:07:38:6e:a1:
09:1d:a6:81:fe:52:54:c4:5a:86:b2:a8:ed:72:2d:
f8:df:2f:1b:70:90:7c:8d:f4:fa:30:ae:29:3a:0c:
33:4d:79:10:48:e5:ec:c9:ce:9e:1b:ca:9a:2d:c0:
d5:2d:1f:34:b5:0a:1e:6b:84:60:45:e3:b4:20:12:
1e:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:17:CB:FA:A0:40:DC:80:D4:9F:0F:C9:50:0A:C4:D9:60:36:66:FB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df76649-dcc0-4f8c-be6b-13fca27ec4f2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012::/36
Signature Algorithm: sha256WithRSAEncryption
96:39:99:5d:32:b3:9c:5d:a5:65:49:69:58:39:dc:f9:78:c3:
af:08:8b:f3:9c:08:ef:cd:e4:ce:29:e8:66:d8:b7:d6:c7:93:
a5:79:fc:0c:25:79:6e:bb:ec:99:0d:2a:91:14:ab:49:71:4c:
49:dc:b4:48:91:43:90:3a:d7:32:86:f0:87:bf:e1:22:eb:17:
9e:4f:60:07:a9:65:37:5c:63:86:74:4c:13:db:38:f5:fd:04:
d2:6d:e9:06:13:7a:24:4a:80:db:3c:0c:2f:da:6e:96:80:02:
d5:6d:eb:72:6b:12:da:e7:6e:b3:dd:aa:6c:dd:f0:91:ba:0c:
a8:49:8f:96:b1:cb:6a:32:72:dc:ef:4b:d4:bf:73:89:15:83:
f3:00:c1:f4:3a:11:1c:d4:00:7e:c3:8c:37:40:e9:d8:b4:f4:
f8:ce:b4:9a:c0:67:d5:f2:e6:d4:0e:e3:1a:c3:17:6b:b0:d3:
b0:87:85:c5:12:56:9c:ce:8b:d5:69:3b:fe:cb:c7:d1:b6:7c:
00:c4:1e:25:3c:73:f5:ac:92:5e:44:01:c3:b2:f7:02:b6:64:
6e:6d:38:8b:78:f7:d3:23:85:34:65:3d:64:39:28:52:41:f4:
6f:ca:07:8b:4e:91:2e:2c:15:cc:93:86:ff:22:a6:9b:85:96:
b2:f7:d0:d5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdHiZhgrsDYcKK8L033Y9FG0064MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDExMTZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDNiN2VlOTIyYTJjY2JhNWQ0Y2IzZjA4MTY3ZjM5YjgzYmZjYzYzYWI0MTlj
OWNmZWI3NmI5ZWYzODFjYzUxOTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKAaA/eK7p3EOyaiMHEu2vA8DSTOCzRBmPqt0McUydLal+5cSOKr2e1dLbwT
nYbrn08rOJLHTCE5segjXZn6gm1B1U88uGDBCLnIM3i6HI6rPVJtJ8MWTUCia87k
EJYSwKX7gBs8wLrHPxWmdANAuutfYYn2Wars/spit1WdBzR4aRQWgQCQfagxDUhD
7rmc9vKcQ0bh9t32XB0wXq/Z/yf0RvudFlnKnlGG4froKJ1ZUqDUbTv1aYKKbzSj
HiMHOG6hCR2mgf5SVMRahrKo7XIt+N8vG3CQfI30+jCuKToMM015EEjl7MnOnhvK
mi3A1S0fNLUKHmuEYEXjtCASHscCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQSF8v6
oEDcgNSfD8lQCsTZYDZm+zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2RmNzY2NDktZGNjMC00ZjhjLWJlNmItMTNmY2EyN2VjNGYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BIA
MA0GCSqGSIb3DQEBCwUAA4IBAQCWOZldMrOcXaVlSWlYOdz5eMOvCIvznAjvzeTO
Kehm2LfWx5OlefwMJXluu+yZDSqRFKtJcUxJ3LRIkUOQOtcyhvCHv+Ei6xeeT2AH
qWU3XGOGdEwT2zj1/QTSbekGE3okSoDbPAwv2m6WgALVbetyaxLa526z3aps3fCR
ugyoSY+WsctqMnLc70vUv3OJFYPzAMH0OhEc1AB+w4w3QOnYtPT4zrSawGfV8ubU
DuMawxdrsNOwh4XFElaczovVaTv+y8fRtnwAxB4lPHP1rJJeRAHDsvcCtmRubTiL
ePfTI4U0ZT1kOShSQfRvygeLTpEuLBXMk4b/IqabhZay99DV
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:09 2025 by rpki-client