Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/834ff2b2-55b6-4011-9d9b-451a7311335d.roa
File: 834ff2b2-55b6-4011-9d9b-451a7311335d.roa (raw, json)
Hash identifier: asHB9cAtd1jkIqTKbwcTZX9la8Lh8GUKxnFhyZr8AOw=
Subject key identifier: 6B:E4:8C:1C:89:3C:E5:E8:46:26:C7:F8:56:E3:C2:0D:5A:D2:36:B1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6C4A3A9ED3E372E52EBA4E002AFEA3647AD04F00
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/834ff2b2-55b6-4011-9d9b-451a7311335d.roa
Signing time: Fri 25 Apr 2025 19:40:15 +0000
ROA not before: Fri 25 Apr 2025 19:40:15 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:4a:3a:9e:d3:e3:72:e5:2e:ba:4e:00:2a:fe:a3:64:7a:d0:4f:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:40:15 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=b9b4228f8d54d48779afb17e5d2bbe226d82615eca142d088756d0ac21fde6ee, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:96:fa:7d:f7:2c:d0:fd:55:02:ab:69:39:ae:
64:b6:b7:71:12:94:e3:82:ee:37:c8:7e:51:1b:de:
05:88:2f:0d:81:7a:83:c9:1a:2d:3a:e8:67:45:93:
d7:0e:7f:ec:98:46:f5:5c:88:b4:f4:6d:c0:ea:b5:
53:6f:f9:de:03:54:03:b1:e4:52:df:86:a8:fa:99:
82:43:f3:09:7a:e3:c4:4a:64:74:30:04:d1:a5:27:
dc:a7:49:06:5d:ff:a1:05:0b:ba:30:0e:55:7e:5c:
93:36:b4:f9:97:30:0b:f5:78:87:31:f2:be:d4:8d:
f2:55:bd:6c:25:0a:db:bc:21:a5:6b:fc:a6:9b:70:
46:91:e0:05:d3:29:c9:d0:99:cb:c9:2d:c5:30:76:
30:83:0d:09:11:f0:6a:a6:cd:a7:6a:7f:61:56:3b:
60:bc:a9:9e:b3:9e:34:69:f7:f1:63:8c:77:e1:8f:
b8:0b:ac:74:8a:23:3c:bb:a2:f7:b5:bc:b2:38:7f:
04:7e:b1:1e:15:3c:95:23:5a:a4:7f:e0:38:6b:f7:
b8:21:49:e6:4d:d9:2e:0d:4d:4d:b6:44:ce:86:63:
19:91:7d:6d:93:fa:23:cc:27:8c:d8:48:14:ed:1b:
01:b8:89:95:ff:47:e4:99:5f:61:5f:36:80:7f:87:
9f:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:E4:8C:1C:89:3C:E5:E8:46:26:C7:F8:56:E3:C2:0D:5A:D2:36:B1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/834ff2b2-55b6-4011-9d9b-451a7311335d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:b000::/40
Signature Algorithm: sha256WithRSAEncryption
82:25:e6:4e:b2:59:c5:1b:f1:8b:8b:60:05:44:c3:86:34:2c:
90:a3:ee:7b:d9:01:dc:c1:a8:92:a6:27:d4:36:c2:e1:f4:b9:
f1:26:b1:46:32:c5:92:f4:07:83:ce:f3:e8:9a:61:21:4a:68:
6c:30:38:e8:fa:b1:e8:49:13:ca:30:68:79:86:cb:ad:06:9d:
59:2e:c8:92:0f:36:c9:5e:0b:95:76:5b:e4:d3:81:41:2c:df:
a6:7e:70:29:e2:09:7c:54:6a:cf:90:f8:d7:3a:3c:d5:59:0d:
0d:05:13:e3:2c:9e:c1:3b:d6:3e:34:a8:8d:eb:82:ba:f2:bf:
88:c5:53:7c:d1:27:eb:cd:ee:d6:7f:ad:67:91:54:53:5a:2f:
b1:e7:4a:57:62:60:5a:2f:46:c9:6e:33:ab:b1:df:c9:e3:d0:
3b:56:e7:f6:07:2e:bc:c3:25:2e:13:e0:34:58:d9:b9:f3:e8:
e3:77:86:29:dd:1c:68:62:c0:27:44:e6:7a:bf:04:56:ee:fb:
dd:60:85:6a:d3:83:5d:a4:80:14:ab:63:82:3c:c7:c9:76:ac:
21:2c:39:ab:3a:ea:11:4e:07:2b:83:19:9a:2f:c7:66:5c:2d:
f1:83:38:00:31:a2:f0:2c:eb:1d:a8:d9:2c:b2:46:47:2c:30:
60:72:96:53
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbEo6ntPjcuUuuk4AKv6jZHrQTwAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTQwMTVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5YjQyMjhmOGQ1NGQ0ODc3OWFmYjE3ZTVkMmJiZTIyNmQ4MjYxNWVjYTE0
MmQwODg3NTZkMGFjMjFmZGU2ZWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKyW+n33LND9VQKraTmuZLa3cRKU44LuN8h+URveBYgvDYF6g8kaLTroZ0WT
1w5/7JhG9VyItPRtwOq1U2/53gNUA7HkUt+GqPqZgkPzCXrjxEpkdDAE0aUn3KdJ
Bl3/oQULujAOVX5ckza0+ZcwC/V4hzHyvtSN8lW9bCUK27whpWv8pptwRpHgBdMp
ydCZy8ktxTB2MIMNCRHwaqbNp2p/YVY7YLypnrOeNGn38WOMd+GPuAusdIojPLui
97W8sjh/BH6xHhU8lSNapH/gOGv3uCFJ5k3ZLg1NTbZEzoZjGZF9bZP6I8wnjNhI
FO0bAbiJlf9H5JlfYV82gH+Hn/8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRr5Iwc
iTzl6EYmx/hW48INWtI2sTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODM0ZmYyYjItNTViNi00MDExLTlkOWItNDUxYTczMTEzMzVkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Daw
MA0GCSqGSIb3DQEBCwUAA4IBAQCCJeZOslnFG/GLi2AFRMOGNCyQo+572QHcwaiS
pifUNsLh9LnxJrFGMsWS9AeDzvPommEhSmhsMDjo+rHoSRPKMGh5hsutBp1ZLsiS
DzbJXguVdlvk04FBLN+mfnAp4gl8VGrPkPjXOjzVWQ0NBRPjLJ7BO9Y+NKiN64K6
8r+IxVN80Sfrze7Wf61nkVRTWi+x50pXYmBaL0bJbjOrsd/J49A7Vuf2By68wyUu
E+A0WNm58+jjd4Yp3RxoYsAnROZ6vwRW7vvdYIVq04NdpIAUq2OCPMfJdqwhLDmr
OuoRTgcrgxmaL8dmXC3xgzgAMaLwLOsdqNksskZHLDBgcpZT
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:36:21 2025 by rpki-client