Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86433272-8233-4231-82ff-92246d0a41a5.roa
File: 86433272-8233-4231-82ff-92246d0a41a5.roa (raw, json)
Hash identifier: I+UgrrDGDUAbR72W64C1bXJN8uzzQPLKY0jgs8GPiMA=
Subject key identifier: 01:CE:22:5B:02:FE:BD:AA:11:B9:07:DE:42:1B:7A:7E:76:AE:81:DA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 200EF5655ED36B3E2982FCE34098AF6C762E743A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86433272-8233-4231-82ff-92246d0a41a5.roa
Signing time: Fri 25 Apr 2025 18:50:14 +0000
ROA not before: Fri 25 Apr 2025 18:50:14 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:40c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:0e:f5:65:5e:d3:6b:3e:29:82:fc:e3:40:98:af:6c:76:2e:74:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:50:14 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=ba6fb080e9f664f0248d20c7ee07fce84902476b53746f467dcbd8b03fbe4d34, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:0e:d1:6c:f6:27:02:43:c7:97:43:b4:27:89:
5a:82:be:e9:5e:ce:07:67:ef:83:cd:74:15:30:58:
c1:56:93:22:56:c3:95:ff:41:fc:3e:56:05:d9:3f:
b3:1a:17:4e:ae:2b:3e:02:7a:e7:0a:66:89:cc:84:
92:f4:1c:88:d2:89:53:e3:e0:ba:ca:d7:8a:b7:61:
8d:cd:fa:d3:7f:49:97:de:e9:8e:a1:55:88:7e:0c:
7d:ea:f1:e3:2e:98:f6:4b:f6:9a:d0:c3:17:f1:d2:
55:83:7f:e3:08:47:df:88:99:18:fb:d5:48:23:ec:
c6:82:88:74:f4:bf:6f:4e:b1:a6:8b:4a:7e:ed:54:
3c:0d:36:4f:71:c5:66:78:b6:fb:58:ac:d5:7c:9c:
15:33:b6:78:fa:19:7b:f7:4f:ad:54:26:55:92:86:
ff:17:36:b5:ce:19:0c:94:2f:ae:a3:c1:13:e9:03:
ab:45:73:c1:3a:d8:a7:6d:9e:7d:8f:c1:c2:96:f6:
09:02:1f:fa:98:46:f1:c7:fe:1b:20:ed:58:dd:5d:
39:c8:4e:4b:a3:ad:92:d9:7d:75:9e:f3:a6:ab:da:
3f:29:0a:22:01:ab:21:5b:c0:3c:17:19:8e:b3:b8:
66:98:e7:0f:ae:e0:63:74:d8:ec:69:2a:a1:cd:7b:
3d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:CE:22:5B:02:FE:BD:AA:11:B9:07:DE:42:1B:7A:7E:76:AE:81:DA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86433272-8233-4231-82ff-92246d0a41a5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:40c0::/48
Signature Algorithm: sha256WithRSAEncryption
0d:ec:39:22:16:44:37:cb:fc:b9:33:0d:8e:d3:1a:fe:ca:a9:
85:a3:9a:33:1c:3e:8c:6a:88:5b:fb:f5:42:ea:fc:68:ce:2c:
21:df:5b:9a:ad:f8:87:85:ca:1e:5c:db:ff:73:a6:20:1f:2d:
c6:af:c9:bf:cf:2c:01:20:4c:d5:93:07:70:96:5c:82:de:67:
1b:c8:74:ee:b8:f2:6d:5c:ac:b4:b1:13:92:82:ce:c0:24:38:
f0:57:53:08:bf:d8:15:01:77:73:8a:17:c7:fe:28:7f:5c:7c:
33:c2:21:98:e9:28:0d:ab:e4:5f:07:f9:fd:2d:d9:41:0a:8a:
51:1e:33:36:21:74:b0:08:a2:d3:5b:06:76:7b:fc:08:18:b6:
8f:35:ac:b0:14:66:59:57:91:3e:23:f4:ae:4b:d1:f6:7a:00:
fc:0f:f8:77:6e:e1:ae:d5:31:ca:f3:ed:41:95:3c:9c:4e:a7:
f3:51:9f:20:62:5a:b6:3f:1b:ac:f6:67:20:47:e7:b3:74:3b:
03:4c:cf:ac:f4:89:50:01:67:0e:3e:46:27:cc:00:b7:d2:df:
c7:3f:e8:88:2c:de:de:12:2f:2c:ce:e9:07:e8:67:7f:ef:a4:
33:2b:74:8e:d4:b6:1a:45:9f:dc:4a:4d:42:79:e4:05:01:e3:
3b:55:07:c0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIA71ZV7Taz4pgvzjQJivbHYudDowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODUwMTRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGJhNmZiMDgwZTlmNjY0ZjAyNDhkMjBjN2VlMDdmY2U4NDkwMjQ3NmI1Mzc0
NmY0NjdkY2JkOGIwM2ZiZTRkMzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOwO0Wz2JwJDx5dDtCeJWoK+6V7OB2fvg810FTBYwVaTIlbDlf9B/D5WBdk/
sxoXTq4rPgJ65wpmicyEkvQciNKJU+PgusrXirdhjc36039Jl97pjqFViH4Mferx
4y6Y9kv2mtDDF/HSVYN/4whH34iZGPvVSCPsxoKIdPS/b06xpotKfu1UPA02T3HF
Zni2+1is1XycFTO2ePoZe/dPrVQmVZKG/xc2tc4ZDJQvrqPBE+kDq0VzwTrYp22e
fY/Bwpb2CQIf+phG8cf+GyDtWN1dOchOS6Otktl9dZ7zpqvaPykKIgGrIVvAPBcZ
jrO4ZpjnD67gY3TY7Gkqoc17PU8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQBziJb
Av69qhG5B95CG3p+dq6B2jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODY0MzMyNzItODIzMy00MjMxLTgyZmYtOTIyNDZkMGE0MWE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFA
wDANBgkqhkiG9w0BAQsFAAOCAQEADew5IhZEN8v8uTMNjtMa/sqphaOaMxw+jGqI
W/v1Qur8aM4sId9bmq34h4XKHlzb/3OmIB8txq/Jv88sASBM1ZMHcJZcgt5nG8h0
7rjybVystLETkoLOwCQ48FdTCL/YFQF3c4oXx/4of1x8M8IhmOkoDavkXwf5/S3Z
QQqKUR4zNiF0sAii01sGdnv8CBi2jzWssBRmWVeRPiP0rkvR9noA/A/4d27hrtUx
yvPtQZU8nE6n81GfIGJatj8brPZnIEfns3Q7A0zPrPSJUAFnDj5GJ8wAt9Lfxz/o
iCze3hIvLM7pB+hnf++kMyt0jtS2GkWf3EpNQnnkBQHjO1UHwA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:48:06 2025 by rpki-client