Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa
File: 84822380-4084-4c46-8745-4e82faaddd84.roa (raw, json)
Hash identifier: GEz0VlCogOPQijr85U864e00KBtppIm0SzDsseq1UeY=
Subject key identifier: 4C:4B:2C:FC:B1:3E:57:16:32:04:97:BF:BE:FF:82:8F:BD:72:21:65
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6C737C481FC9AE216739BB35139661E48087C0F9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa
Signing time: Fri 25 Apr 2025 20:10:13 +0000
ROA not before: Fri 25 Apr 2025 20:10:13 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:73:7c:48:1f:c9:ae:21:67:39:bb:35:13:96:61:e4:80:87:c0:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:10:13 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=03aec1e3563cfa8807d3281b456da8a8cd4a930d29aaac08e4b945b05020d46f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:2e:76:45:c4:e1:28:e0:3c:55:09:b2:e8:06:
a7:20:63:a8:63:7b:28:31:ba:e8:aa:cb:5c:50:04:
ca:d6:af:6e:03:7d:1c:f0:3a:6e:29:67:1e:cb:ac:
6a:57:71:32:4e:08:3b:c6:c4:3b:fc:e0:9c:72:c0:
be:c5:ea:12:c5:a2:19:ca:ed:9a:d5:6f:9e:06:2b:
dd:78:b0:5d:7a:3e:07:4d:53:60:48:ac:aa:8b:4d:
d9:20:86:a7:a7:85:8e:27:05:72:10:b2:f5:e4:ad:
d7:f7:e6:12:a5:91:89:31:6d:b1:d1:f3:d6:d9:47:
2b:4f:bf:21:ae:2d:c1:6e:67:1e:20:94:a8:10:e5:
55:64:22:6d:55:57:b6:0b:2d:a6:d7:36:69:71:5b:
e3:3e:c4:71:4d:16:8a:43:c7:fe:04:0a:f7:ef:23:
10:3f:38:de:d3:18:50:05:77:1e:80:b0:41:53:b5:
6f:59:a2:92:52:e5:60:a7:52:75:3e:c6:ec:99:26:
25:9c:52:77:7b:b3:28:4e:9a:72:91:56:29:4e:f2:
03:8d:37:59:5b:ae:38:05:15:af:e4:b8:01:10:18:
53:95:9b:b3:68:a6:15:d2:e1:a3:64:d2:86:61:39:
a8:a1:f0:4d:87:10:68:60:88:80:dd:9e:a7:7a:bd:
3a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:4B:2C:FC:B1:3E:57:16:32:04:97:BF:BE:FF:82:8F:BD:72:21:65
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:800::/38
Signature Algorithm: sha256WithRSAEncryption
84:c2:da:a1:33:27:70:7c:77:d8:57:52:e4:6e:3c:01:bd:58:
2c:38:a2:63:a6:a0:41:9a:cd:24:c6:be:0d:dd:fa:65:cc:b2:
c2:35:95:36:c9:04:47:e0:9b:3b:49:fa:cf:cc:1c:b3:c2:75:
26:ed:df:29:6b:56:52:9a:2f:ea:f6:67:0c:71:bc:2e:8b:91:
44:bd:57:93:9f:31:cc:d1:7d:7c:b3:46:f7:92:9f:62:e0:c4:
ec:84:48:8d:0c:fd:87:79:f1:3a:d0:35:c3:99:b5:37:40:be:
8a:65:33:05:7f:08:83:d0:44:06:7f:ed:61:ab:c5:80:b5:96:
08:7f:6e:c3:6d:97:11:82:8f:7b:84:94:73:5c:53:69:33:00:
69:41:17:1d:4c:ec:f3:fe:83:6a:39:08:bc:9a:d3:f5:02:7b:
44:9a:97:f7:6c:96:52:11:38:21:d2:af:08:22:78:51:10:95:
59:01:75:3f:d6:c3:82:4e:63:a8:87:f1:27:a6:6d:88:9c:14:
06:a2:74:95:86:3c:7d:b4:27:ff:94:4c:00:86:cd:60:93:ce:
e4:c8:4f:49:6b:86:b8:43:68:1a:8f:93:54:58:d5:6d:a0:9b:
e5:bb:d6:1b:c4:da:7e:b7:df:41:ab:2d:82:a3:61:f7:fd:7e:
3c:77:0b:f1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbHN8SB/JriFnObs1E5Zh5ICHwPkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDEwMTNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzYWVjMWUzNTYzY2ZhODgwN2QzMjgxYjQ1NmRhOGE4Y2Q0YTkzMGQyOWFh
YWMwOGU0Yjk0NWIwNTAyMGQ0NmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJIudkXE4SjgPFUJsugGpyBjqGN7KDG66KrLXFAEytavbgN9HPA6bilnHsus
aldxMk4IO8bEO/zgnHLAvsXqEsWiGcrtmtVvngYr3XiwXXo+B01TYEisqotN2SCG
p6eFjicFchCy9eSt1/fmEqWRiTFtsdHz1tlHK0+/Ia4twW5nHiCUqBDlVWQibVVX
tgstptc2aXFb4z7EcU0WikPH/gQK9+8jED843tMYUAV3HoCwQVO1b1miklLlYKdS
dT7G7JkmJZxSd3uzKE6acpFWKU7yA403WVuuOAUVr+S4ARAYU5Wbs2imFdLho2TS
hmE5qKHwTYcQaGCIgN2ep3q9Og0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRMSyz8
sT5XFjIEl7++/4KPvXIhZTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODQ4MjIzODAtNDA4NC00YzQ2LTg3NDUtNGU4MmZhYWRkZDg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQI
MA0GCSqGSIb3DQEBCwUAA4IBAQCEwtqhMydwfHfYV1LkbjwBvVgsOKJjpqBBms0k
xr4N3fplzLLCNZU2yQRH4Js7SfrPzByzwnUm7d8pa1ZSmi/q9mcMcbwui5FEvVeT
nzHM0X18s0b3kp9i4MTshEiNDP2HefE60DXDmbU3QL6KZTMFfwiD0EQGf+1hq8WA
tZYIf27DbZcRgo97hJRzXFNpMwBpQRcdTOzz/oNqOQi8mtP1AntEmpf3bJZSETgh
0q8IInhREJVZAXU/1sOCTmOoh/Enpm2InBQGonSVhjx9tCf/lEwAhs1gk87kyE9J
a4a4Q2gaj5NUWNVtoJvlu9YbxNp+t99Bqy2Co2H3/X48dwvx
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:49:03 2025 by rpki-client