Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82612ca1-cd90-4772-9e6c-3237a9225105.roa
File: 82612ca1-cd90-4772-9e6c-3237a9225105.roa (raw, json)
Hash identifier: lMTsYtvvqKyVoGhIdxX+406qf5wbA0Qq0gK7JQI5HIY=
Subject key identifier: 5F:D6:A5:E1:86:8A:CE:D9:62:D9:67:58:3E:5D:3B:A1:F5:F7:6C:1B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 662048A238C4B5E182C8E8E7ACCC68E2DD642E23
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82612ca1-cd90-4772-9e6c-3237a9225105.roa
Signing time: Fri 25 Apr 2025 19:41:04 +0000
ROA not before: Fri 25 Apr 2025 19:41:04 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:20:48:a2:38:c4:b5:e1:82:c8:e8:e7:ac:cc:68:e2:dd:64:2e:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:41:04 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=7970d5557e6288e493c2061214032ef2977a9f480a3480d6743a3536cd7e706b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:26:e6:8d:39:67:d9:13:38:df:51:a6:14:3d:
f2:8c:df:d4:c7:59:7f:4b:dc:86:a4:4a:c1:ef:33:
2f:a3:da:cf:2f:2e:41:93:d6:2a:b1:85:b9:4d:2a:
e2:7c:1c:0e:10:d4:e6:0f:14:c0:d0:99:fd:38:13:
ca:04:d9:29:43:80:8b:d8:a9:c8:f2:4c:43:6d:1d:
05:c5:67:30:35:41:38:42:d0:aa:af:ed:37:f3:41:
c2:e6:d2:75:b1:dc:9e:f3:df:9f:69:32:72:6b:9b:
fa:1c:f6:2f:da:e9:de:1d:1f:9e:2f:ff:d6:d8:4d:
3f:3c:88:1a:10:e8:20:3b:d8:16:dd:44:4c:06:e7:
f3:84:cd:5c:ec:81:99:da:6a:40:4a:f6:8f:89:fe:
6f:23:43:73:bd:c6:26:06:86:71:06:d5:ca:9c:01:
3e:be:23:5c:dd:ff:a5:7f:f7:36:15:05:52:d5:5b:
6b:bb:57:80:48:3a:07:f1:1e:56:6f:b4:28:b6:71:
7a:28:84:36:01:15:4e:a6:6f:a5:ab:77:16:e7:8d:
53:87:10:07:5e:e6:a5:e4:29:74:53:84:f4:10:d0:
30:75:b2:47:f8:56:0f:59:f6:6e:97:3f:9b:97:3c:
8b:70:24:9a:e7:16:13:7d:b5:e1:c7:25:59:e8:79:
ce:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:D6:A5:E1:86:8A:CE:D9:62:D9:67:58:3E:5D:3B:A1:F5:F7:6C:1B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82612ca1-cd90-4772-9e6c-3237a9225105.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:4000::/40
Signature Algorithm: sha256WithRSAEncryption
14:ec:0d:d9:56:d0:b0:28:81:e6:a0:77:0a:58:f9:0b:c4:28:
65:f2:65:f3:29:c4:9d:9b:34:c2:67:5e:42:07:27:b1:30:8c:
84:e7:e6:f4:19:de:d0:9f:7e:b9:d2:99:97:d1:07:67:6e:27:
ae:91:c2:96:22:d5:4c:04:94:c5:36:c8:7d:3f:ed:77:40:26:
8f:de:87:8a:67:43:b3:43:d5:88:15:ca:89:b6:6e:13:2d:4e:
d4:cc:e6:2a:4c:68:a6:f6:e4:f6:4e:95:e8:0a:ba:b4:cd:f6:
c7:b6:bf:67:3f:68:68:c6:fd:a9:bb:f5:84:73:4f:88:0b:ad:
d0:77:8f:a8:0a:6f:9c:63:8c:0a:69:84:53:9f:9d:10:b6:df:
be:f9:9a:69:30:ac:9b:de:bf:09:aa:0a:fb:86:4f:34:04:8e:
1d:0b:4d:c4:27:a9:76:89:e9:8e:67:86:50:db:a3:0c:34:ef:
79:6a:6a:e3:17:76:e0:f4:71:09:44:8b:ad:c5:81:fa:38:70:
27:49:f3:ee:8c:bb:96:c8:69:5c:ff:e7:9f:bc:e8:1b:50:e4:
8b:05:e5:ee:d9:71:8c:e5:7b:11:99:56:e6:b2:d6:3f:2d:76:
77:ba:6e:9a:51:52:79:57:3b:73:bf:03:0a:f5:4c:94:15:0c:
7c:10:ee:7b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZiBIojjEteGCyOjnrMxo4t1kLiMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTQxMDRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDc5NzBkNTU1N2U2Mjg4ZTQ5M2MyMDYxMjE0MDMyZWYyOTc3YTlmNDgwYTM0
ODBkNjc0M2EzNTM2Y2Q3ZTcwNmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJQm5o05Z9kTON9RphQ98ozf1MdZf0vchqRKwe8zL6Pazy8uQZPWKrGFuU0q
4nwcDhDU5g8UwNCZ/TgTygTZKUOAi9ipyPJMQ20dBcVnMDVBOELQqq/tN/NBwubS
dbHcnvPfn2kycmub+hz2L9rp3h0fni//1thNPzyIGhDoIDvYFt1ETAbn84TNXOyB
mdpqQEr2j4n+byNDc73GJgaGcQbVypwBPr4jXN3/pX/3NhUFUtVba7tXgEg6B/Ee
Vm+0KLZxeiiENgEVTqZvpat3FueNU4cQB17mpeQpdFOE9BDQMHWyR/hWD1n2bpc/
m5c8i3AkmucWE3214cclWeh5zoMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRf1qXh
horO2WLZZ1g+XTuh9fdsGzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODI2MTJjYTEtY2Q5MC00NzcyLTllNmMtMzIzN2E5MjI1MTA1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DVA
MA0GCSqGSIb3DQEBCwUAA4IBAQAU7A3ZVtCwKIHmoHcKWPkLxChl8mXzKcSdmzTC
Z15CByexMIyE5+b0Gd7Qn3650pmX0QdnbieukcKWItVMBJTFNsh9P+13QCaP3oeK
Z0OzQ9WIFcqJtm4TLU7UzOYqTGim9uT2TpXoCrq0zfbHtr9nP2hoxv2pu/WEc0+I
C63Qd4+oCm+cY4wKaYRTn50Qtt+++ZppMKyb3r8Jqgr7hk80BI4dC03EJ6l2iemO
Z4ZQ26MMNO95amrjF3bg9HEJRIutxYH6OHAnSfPujLuWyGlc/+efvOgbUOSLBeXu
2XGM5XsRmVbmstY/LXZ3um6aUVJ5VztzvwMK9UyUFQx8EO57
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:27 2025 by rpki-client