Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87ec9982-c725-40e5-b829-ff0f06d939c8.roa
File: 87ec9982-c725-40e5-b829-ff0f06d939c8.roa (raw, json)
Hash identifier: YL9kbhbzkdbWE4/SWeeaizFFq1yPMBfDWNRn3Pwdfno=
Subject key identifier: 4E:9C:20:F4:58:79:EF:F8:F5:06:60:EB:57:FC:9D:66:21:AF:20:73
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E9A1BADA5317482FCC872D81AFC4822B0569AE9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87ec9982-c725-40e5-b829-ff0f06d939c8.roa
Signing time: Fri 25 Apr 2025 19:40:13 +0000
ROA not before: Fri 25 Apr 2025 19:40:13 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:9a:1b:ad:a5:31:74:82:fc:c8:72:d8:1a:fc:48:22:b0:56:9a:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:40:13 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=b79c6f197f796e21d09b91fff228fd7adb3a9e77ec512dc195e9f5e4f33ae00e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:92:5a:fc:59:00:96:93:59:cf:c2:b2:40:c4:
e4:b9:e4:36:45:3b:80:2a:f2:ae:2f:c8:fd:39:be:
d8:76:e4:f1:d9:90:1e:7e:ec:97:af:d3:0f:2b:16:
45:8a:1e:3d:e3:78:36:22:77:05:94:d5:5a:ac:3c:
f7:74:4e:f4:cc:1d:e9:e0:3a:6d:25:13:2d:43:da:
97:22:67:c6:6f:b8:94:ea:17:0c:8a:a6:1b:98:bb:
95:f5:d5:79:2d:2f:11:bc:ab:75:87:da:c1:d5:64:
3c:38:e2:e0:f0:5c:73:aa:fa:19:de:9b:33:dc:23:
78:7e:df:88:8a:4b:9f:2e:fd:72:a2:9b:d6:40:b6:
99:6a:91:32:e0:c6:40:7e:a4:a9:45:21:4e:be:f1:
24:76:80:e7:79:c7:92:0d:0f:6f:16:28:f8:14:25:
35:30:7b:e5:68:b7:13:a0:4b:5a:3b:c5:13:bb:2a:
bd:da:54:df:9f:b0:f5:7e:46:2a:15:9e:4b:13:3d:
a1:f8:e4:93:8f:35:b2:b4:0e:09:31:e6:ad:e2:c2:
68:1b:0c:55:e0:bb:ac:11:a1:1e:75:ac:e5:46:b2:
83:54:8e:4d:fe:1e:41:9b:f4:8f:46:b3:ca:c5:a9:
2d:f5:d6:38:66:23:c8:cf:0c:75:37:21:08:bf:22:
0f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:9C:20:F4:58:79:EF:F8:F5:06:60:EB:57:FC:9D:66:21:AF:20:73
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87ec9982-c725-40e5-b829-ff0f06d939c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:9000::/40
Signature Algorithm: sha256WithRSAEncryption
68:ff:50:ea:a6:51:71:34:1c:b0:50:e9:fb:38:c2:c1:9d:05:
e9:78:10:a8:31:2c:e4:17:ff:8c:cd:4f:9a:d3:6f:c6:5a:57:
7e:31:8a:1b:04:7a:6d:39:8b:a5:17:2a:99:b7:dc:77:dc:a1:
ad:cb:21:ab:66:e9:e7:51:83:2e:87:24:26:50:c0:15:76:a4:
09:68:7b:42:da:9c:9c:34:31:7b:d2:85:dd:f8:99:80:04:b8:
5e:b6:a9:05:05:d4:3b:eb:ba:af:6f:fa:1e:09:4c:50:48:af:
9e:47:85:c0:26:fd:9c:cb:d4:fe:54:8d:27:5e:d4:54:a7:6f:
3a:46:5d:ff:44:a5:69:0b:90:57:32:d2:7f:b6:2d:fa:49:12:
a0:d3:af:20:ca:85:00:d5:f3:fa:3d:3a:e0:9c:07:ac:54:60:
47:45:df:f3:d9:99:8c:0a:21:4e:40:3e:d8:df:d5:16:c0:15:
48:ea:ba:8b:ea:bc:b1:6b:41:85:51:5a:de:04:82:30:6b:f8:
ad:c9:7f:ac:5e:79:7a:56:19:84:30:2d:8e:12:73:ed:77:6a:
12:22:24:96:86:ce:55:2d:e2:f4:fb:c4:a4:bc:96:7d:06:60:
e0:96:10:1b:3e:5f:8a:45:c0:32:e2:d2:ef:f6:ea:16:21:dc:
6f:cc:a7:56
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfpobraUxdIL8yHLYGvxIIrBWmukwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTQwMTNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3OWM2ZjE5N2Y3OTZlMjFkMDliOTFmZmYyMjhmZDdhZGIzYTllNzdlYzUx
MmRjMTk1ZTlmNWU0ZjMzYWUwMGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANaSWvxZAJaTWc/CskDE5LnkNkU7gCryri/I/Tm+2Hbk8dmQHn7sl6/TDysW
RYoePeN4NiJ3BZTVWqw893RO9Mwd6eA6bSUTLUPalyJnxm+4lOoXDIqmG5i7lfXV
eS0vEbyrdYfawdVkPDji4PBcc6r6Gd6bM9wjeH7fiIpLny79cqKb1kC2mWqRMuDG
QH6kqUUhTr7xJHaA53nHkg0PbxYo+BQlNTB75Wi3E6BLWjvFE7sqvdpU35+w9X5G
KhWeSxM9ofjkk481srQOCTHmreLCaBsMVeC7rBGhHnWs5Uayg1SOTf4eQZv0j0az
ysWpLfXWOGYjyM8MdTchCL8iD8cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBROnCD0
WHnv+PUGYOtX/J1mIa8gczAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODdlYzk5ODItYzcyNS00MGU1LWI4MjktZmYwZjA2ZDkzOWM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FiQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBo/1DqplFxNBywUOn7OMLBnQXpeBCoMSzkF/+M
zU+a02/GWld+MYobBHptOYulFyqZt9x33KGtyyGrZunnUYMuhyQmUMAVdqQJaHtC
2pycNDF70oXd+JmABLhetqkFBdQ767qvb/oeCUxQSK+eR4XAJv2cy9T+VI0nXtRU
p286Rl3/RKVpC5BXMtJ/ti36SRKg068gyoUA1fP6PTrgnAesVGBHRd/z2ZmMCiFO
QD7Y39UWwBVI6rqL6ryxa0GFUVreBIIwa/ityX+sXnl6VhmEMC2OEnPtd2oSIiSW
hs5VLeL0+8SkvJZ9BmDglhAbPl+KRcAy4tLv9uoWIdxvzKdW
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:35:39 2025 by rpki-client