Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/81574dff-feff-4992-98e4-f8b95431a28d.roa
File: 81574dff-feff-4992-98e4-f8b95431a28d.roa (raw, json)
Hash identifier: haRj/3A03a9MyywHgyYyMwSWk+14TV6XDn+Wyd9DWj8=
Subject key identifier: E8:0D:D0:4C:77:52:39:97:72:31:B8:D8:CF:E2:2E:6D:E5:91:CB:BD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 33C3E7EEB103A3845E4B2CF059C426E450F54D66
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/81574dff-feff-4992-98e4-f8b95431a28d.roa
Signing time: Fri 25 Apr 2025 19:20:08 +0000
ROA not before: Fri 25 Apr 2025 19:20:08 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:9040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:c3:e7:ee:b1:03:a3:84:5e:4b:2c:f0:59:c4:26:e4:50:f5:4d:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:20:08 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=9e78efec995f0e175e8fef86c3cecbe68bc27d5b12820b946bbb9dba38783e3e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:13:9c:bd:37:aa:28:a8:75:b9:42:c5:d1:6e:
cf:fa:5e:39:60:64:00:17:d0:ee:16:cf:24:94:93:
e1:09:88:34:c9:e7:52:03:0c:2b:37:d3:e6:d4:a9:
d8:97:58:f9:42:5d:24:b4:16:4e:f3:10:20:8b:a4:
d1:f9:c4:85:47:5d:73:d2:94:5b:76:21:ae:13:ba:
4d:37:9a:2c:85:b8:f5:e7:ae:45:74:7d:97:ca:05:
f8:46:7d:3f:3b:96:f3:93:41:43:6d:99:84:2a:5f:
3e:1f:0d:60:02:36:81:74:82:3c:e5:aa:e3:c9:f0:
46:b3:73:c7:d9:73:02:17:a4:4b:c1:b1:25:66:54:
7e:dd:59:e4:1f:90:22:6b:af:b7:b2:8d:cc:59:f9:
be:d8:34:98:97:85:59:d2:25:50:97:46:39:66:2c:
e5:9f:7f:ae:ba:0c:2e:af:27:43:b4:28:6b:06:d0:
f2:bc:31:d7:1f:8a:27:cc:fe:6c:cc:c8:72:5b:21:
1d:2c:b9:c1:80:b2:3e:be:b6:b9:f2:e9:f8:70:bc:
f5:b7:a6:e1:6e:17:0e:25:7a:b1:d9:c7:a1:0f:72:
8f:f3:8b:38:96:81:f9:47:ce:e0:64:64:11:6c:95:
a6:39:38:c9:5c:54:86:f0:3c:57:0a:63:e6:c0:dc:
80:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:0D:D0:4C:77:52:39:97:72:31:B8:D8:CF:E2:2E:6D:E5:91:CB:BD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/81574dff-feff-4992-98e4-f8b95431a28d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:9040::/46
Signature Algorithm: sha256WithRSAEncryption
3f:dd:cd:32:11:01:56:e8:88:5d:12:90:78:03:78:f5:47:b4:
e4:7f:4e:8b:28:c9:d2:7c:b0:f1:a0:2a:e9:96:34:4e:0c:2c:
7f:bc:4e:92:66:36:34:02:2d:14:72:7b:38:91:aa:a8:54:c0:
aa:d0:aa:b4:8e:a5:18:a3:68:86:99:d5:34:47:6a:08:ab:1b:
22:68:6f:48:e0:b1:18:d7:b3:ae:04:dc:ac:5a:6c:ca:85:49:
93:df:df:45:56:57:57:34:4c:e3:2d:b3:80:42:6a:ee:39:13:
ce:a2:a1:b4:99:2a:bf:3f:24:88:26:3d:70:7e:9e:56:7e:70:
dd:0c:0e:56:61:4d:0f:8c:b0:d6:13:0f:90:65:fb:1d:eb:d8:
b1:21:bd:80:8f:cc:a6:67:f4:20:c8:9c:fb:6a:81:45:ed:31:
92:2e:f6:75:a6:69:20:d7:3a:10:8c:9f:02:91:23:dc:63:b5:
d5:66:5f:2c:45:e7:46:7a:72:a3:95:8e:43:ee:cc:ea:a8:27:
f8:d6:e3:29:92:42:3f:68:f0:81:d9:ed:bd:f6:49:d8:a6:5a:
59:f6:60:bf:5a:40:10:a1:24:2b:5d:52:0e:1d:1c:c9:d1:c7:
60:09:97:aa:e1:69:25:8b:ef:85:a1:10:7d:66:f1:8c:81:b5:
ef:d8:63:7e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUM8Pn7rEDo4ReSyzwWcQm5FD1TWYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTIwMDhaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDllNzhlZmVjOTk1ZjBlMTc1ZThmZWY4NmMzY2VjYmU2OGJjMjdkNWIxMjgy
MGI5NDZiYmI5ZGJhMzg3ODNlM2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPMTnL03qiiodblCxdFuz/peOWBkABfQ7hbPJJST4QmINMnnUgMMKzfT5tSp
2JdY+UJdJLQWTvMQIIuk0fnEhUddc9KUW3YhrhO6TTeaLIW49eeuRXR9l8oF+EZ9
PzuW85NBQ22ZhCpfPh8NYAI2gXSCPOWq48nwRrNzx9lzAhekS8GxJWZUft1Z5B+Q
Imuvt7KNzFn5vtg0mJeFWdIlUJdGOWYs5Z9/rroMLq8nQ7QoawbQ8rwx1x+KJ8z+
bMzIclshHSy5wYCyPr62ufLp+HC89bem4W4XDiV6sdnHoQ9yj/OLOJaB+UfO4GRk
EWyVpjk4yVxUhvA8Vwpj5sDcgMUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBToDdBM
d1I5l3IxuNjP4i5t5ZHLvTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODE1NzRkZmYtZmVmZi00OTkyLTk4ZTQtZjhiOTU0MzFhMjhkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HeQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAP93NMhEBVuiIXRKQeAN49Ue05H9OiyjJ0nyw
8aAq6ZY0Tgwsf7xOkmY2NAItFHJ7OJGqqFTAqtCqtI6lGKNohpnVNEdqCKsbImhv
SOCxGNezrgTcrFpsyoVJk9/fRVZXVzRM4y2zgEJq7jkTzqKhtJkqvz8kiCY9cH6e
Vn5w3QwOVmFND4yw1hMPkGX7HevYsSG9gI/Mpmf0IMic+2qBRe0xki72daZpINc6
EIyfApEj3GO11WZfLEXnRnpyo5WOQ+7M6qgn+NbjKZJCP2jwgdntvfZJ2KZaWfZg
v1pAEKEkK11SDh0cydHHYAmXquFpJYvvhaEQfWbxjIG179hjfg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:26 2025 by rpki-client