Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/85151a34-1ac3-4b9b-801b-33bd153ac88d.roa
File: 85151a34-1ac3-4b9b-801b-33bd153ac88d.roa (raw, json)
Hash identifier: 7ppODrWp/F9E35MyRlmsbFTdVohFS1sibD41Y3SfTG0=
Subject key identifier: 1B:67:37:94:AB:80:B1:AC:A6:3D:4F:21:40:27:E4:BB:84:65:D9:54
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 46F8811426B3946F646AFD71FF9E539058102CA3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/85151a34-1ac3-4b9b-801b-33bd153ac88d.roa
Signing time: Fri 25 Apr 2025 19:50:10 +0000
ROA not before: Fri 25 Apr 2025 19:50:10 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:f8:81:14:26:b3:94:6f:64:6a:fd:71:ff:9e:53:90:58:10:2c:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:50:10 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=a88f3c3f4c47ac22fc5178bf5b993cfa75dfa7d38aa6544fc31e939452fc7137, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:50:c3:48:88:22:39:bf:bb:d3:36:65:bc:50:
95:de:b9:b2:8b:4a:d8:9a:28:ba:40:8c:8c:90:03:
0a:40:da:78:bd:c2:53:a4:36:62:1e:94:81:73:52:
47:57:62:06:ab:63:ce:1d:43:2d:7e:16:0f:7d:b9:
76:ce:44:06:10:da:ce:09:6d:87:1e:09:ee:34:ee:
d5:77:07:7d:a9:01:1f:42:88:95:f7:43:fb:e0:37:
75:24:8d:af:7a:84:d5:6c:92:47:db:7e:bd:23:92:
7b:b2:1b:53:08:12:7c:0d:3f:2b:a5:0e:d4:24:1e:
1b:ac:e6:1e:d1:c0:a4:32:e1:69:ce:3e:12:65:e6:
0d:00:64:7d:42:dd:22:0d:ef:03:32:06:29:de:cc:
92:5c:c1:29:ee:79:bb:e3:31:00:e2:1c:a3:8f:3a:
b9:5c:af:8c:05:ac:f8:5a:0d:ee:2e:4f:02:4c:8e:
63:46:82:0d:2c:00:fe:aa:d4:99:18:e0:27:78:6f:
c1:18:d2:50:59:47:2e:96:e6:2a:ed:2f:fb:13:35:
cf:f7:af:b2:c0:c8:f8:60:99:a3:ec:8a:c4:88:93:
18:01:d8:d3:51:69:ea:e7:59:b9:e8:f6:d8:77:1c:
5b:62:fb:f3:7d:d0:27:23:4f:c4:7f:05:52:3c:eb:
37:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:67:37:94:AB:80:B1:AC:A6:3D:4F:21:40:27:E4:BB:84:65:D9:54
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/85151a34-1ac3-4b9b-801b-33bd153ac88d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:1000::/40
Signature Algorithm: sha256WithRSAEncryption
9d:ee:c4:d9:12:05:84:d3:e7:7e:c4:ad:a2:9c:75:a6:8f:71:
4d:52:11:61:77:53:be:b5:5c:e9:30:ac:8b:4e:8e:b2:d1:79:
d4:8e:f6:44:bc:f8:01:47:df:9a:48:69:62:ef:eb:16:10:7f:
66:b0:35:6b:fc:17:0b:d9:c3:ec:43:9c:a5:fa:2b:91:16:d0:
e7:9e:7e:17:ff:b7:bf:9b:70:07:cc:5f:77:6e:85:80:69:ce:
2c:ae:2e:51:42:94:44:6c:41:2b:13:34:24:c6:ab:5f:b6:4e:
c2:f8:9c:cc:6e:69:ff:78:1c:56:3a:f1:36:44:b6:f7:4e:3b:
a4:15:fd:b1:3c:53:59:0f:59:89:59:08:3a:92:48:7d:e5:02:
5a:5b:90:75:57:e8:16:fe:41:d1:2c:b8:bc:ef:ba:73:b9:f3:
f4:ea:32:75:ba:56:ce:1b:b2:90:d1:42:94:b8:02:7e:3d:2f:
ee:8c:34:51:1c:9d:79:0b:f1:72:52:ce:15:e0:ec:06:74:63:
2f:de:a7:b8:2b:38:12:ec:a8:78:a6:9b:c5:f7:96:7c:f7:25:
2a:48:e5:93:38:a7:bf:ee:06:41:13:0e:1d:ec:31:b5:fe:70:
70:80:e7:a9:1b:a3:d3:56:c0:7b:0e:66:85:a1:d9:d5:0a:c0:
4b:7d:d7:b0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURviBFCazlG9kav1x/55TkFgQLKMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTUwMTBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4OGYzYzNmNGM0N2FjMjJmYzUxNzhiZjViOTkzY2ZhNzVkZmE3ZDM4YWE2
NTQ0ZmMzMWU5Mzk0NTJmYzcxMzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOhQw0iIIjm/u9M2ZbxQld65sotK2JooukCMjJADCkDaeL3CU6Q2Yh6UgXNS
R1diBqtjzh1DLX4WD325ds5EBhDazglthx4J7jTu1XcHfakBH0KIlfdD++A3dSSN
r3qE1WySR9t+vSOSe7IbUwgSfA0/K6UO1CQeG6zmHtHApDLhac4+EmXmDQBkfULd
Ig3vAzIGKd7MklzBKe55u+MxAOIco486uVyvjAWs+FoN7i5PAkyOY0aCDSwA/qrU
mRjgJ3hvwRjSUFlHLpbmKu0v+xM1z/evssDI+GCZo+yKxIiTGAHY01Fp6udZuej2
2HccW2L7833QJyNPxH8FUjzrN9ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQbZzeU
q4CxrKY9TyFAJ+S7hGXZVDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODUxNTFhMzQtMWFjMy00YjliLTgwMWItMzNiZDE1M2FjODhkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCd7sTZEgWE0+d+xK2inHWmj3FNUhFhd1O+tVzp
MKyLTo6y0XnUjvZEvPgBR9+aSGli7+sWEH9msDVr/BcL2cPsQ5yl+iuRFtDnnn4X
/7e/m3AHzF93boWAac4sri5RQpREbEErEzQkxqtftk7C+JzMbmn/eBxWOvE2RLb3
TjukFf2xPFNZD1mJWQg6kkh95QJaW5B1V+gW/kHRLLi877pzufP06jJ1ulbOG7KQ
0UKUuAJ+PS/ujDRRHJ15C/FyUs4V4OwGdGMv3qe4KzgS7Kh4ppvF95Z89yUqSOWT
OKe/7gZBEw4d7DG1/nBwgOepG6PTVsB7DmaFodnVCsBLfdew
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:47:19 2025 by rpki-client