Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/898dbcab-881e-4370-98c6-9b1ac5214cd0.roa
File: 898dbcab-881e-4370-98c6-9b1ac5214cd0.roa (raw, json)
Hash identifier: Ydgpe2DO+riMjfqLHn48QnRAa8XKTP8+jvWJ/nVDuB0=
Subject key identifier: E0:FD:0E:3C:40:73:9F:DA:EF:2A:5A:02:06:21:DA:AA:93:59:D6:08
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0FEBB45C426E443EBAEA64505A33278592C1E48F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/898dbcab-881e-4370-98c6-9b1ac5214cd0.roa
Signing time: Fri 25 Apr 2025 19:21:28 +0000
ROA not before: Fri 25 Apr 2025 19:21:28 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:e040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:eb:b4:5c:42:6e:44:3e:ba:ea:64:50:5a:33:27:85:92:c1:e4:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:21:28 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=295ad54393d60058893e7c4cfad1bbf7239a9d7c93eb95a0e182f84b2e3a1474, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d2:d4:5b:91:b1:9d:d8:9e:fd:12:a5:67:4d:
90:29:5a:af:5c:ad:6a:a3:1f:aa:23:a0:11:ac:2b:
fb:32:0e:e3:77:c5:8d:92:89:61:7c:3f:7a:26:78:
bb:76:a4:49:cb:6d:ee:49:3b:9f:b9:ad:9d:20:7c:
15:a0:bf:a0:70:cf:a4:e2:51:78:05:98:b6:33:35:
e3:89:b1:f5:6e:21:95:8c:a9:89:c9:68:aa:3d:16:
b0:b3:86:38:f9:2b:ce:e0:20:d7:8e:01:77:f0:ab:
37:7d:8f:bb:37:6a:b5:01:42:f5:a6:ff:4f:8d:b4:
e9:b0:f8:32:d5:d0:b0:6d:2f:2e:12:98:cb:0c:10:
6d:fc:8a:1d:72:15:6f:79:05:2d:51:8e:17:02:a8:
93:2d:ee:85:bc:d9:d4:3a:d2:bd:d7:5d:a6:8d:bf:
97:f0:7c:3d:be:44:24:c8:e9:37:d9:a8:c9:97:07:
e4:1d:2e:1f:21:72:0e:3d:74:f1:76:41:f6:c6:04:
3b:e4:a3:1c:4b:d1:82:b3:f0:31:5a:5f:9e:01:d5:
7b:cd:2f:ec:f8:20:9d:21:24:5c:ba:90:82:c8:2c:
93:62:d6:c2:94:32:a0:4e:01:d1:de:53:f9:e7:83:
03:6e:82:53:8c:70:08:94:f9:6a:80:22:5e:13:ce:
ef:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:FD:0E:3C:40:73:9F:DA:EF:2A:5A:02:06:21:DA:AA:93:59:D6:08
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/898dbcab-881e-4370-98c6-9b1ac5214cd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:e040::/46
Signature Algorithm: sha256WithRSAEncryption
68:6b:28:54:b7:1c:8d:68:09:5a:8b:d6:6a:ef:7d:e6:b2:44:
b1:4f:a4:4f:65:a7:39:a4:db:93:28:d6:ac:b3:4b:65:db:4b:
f1:f9:9b:bd:b0:28:f9:c4:2b:71:80:be:95:ae:b3:95:4c:80:
24:05:ec:f0:fe:3d:d4:8a:2a:01:c6:47:3e:c4:b7:00:5c:b8:
87:fa:88:ad:7a:63:8f:d7:ac:fc:3f:ed:a6:de:d8:c7:85:63:
c8:dc:6f:c8:fb:be:01:22:7c:ef:da:bf:be:1f:c8:aa:b7:d1:
13:1b:1e:38:ff:e6:73:e4:e2:f8:77:b3:d1:4f:99:af:d1:22:
71:e7:49:97:d8:d0:3e:f9:f8:ff:99:57:b6:2c:4c:4d:18:9e:
de:0e:ef:77:d8:75:a3:5e:fc:80:26:3f:41:99:09:85:be:2f:
79:ed:9f:2d:35:7d:5c:51:df:1a:01:c3:b7:7d:ff:e8:1b:70:
56:3d:05:30:8a:12:0a:7e:5c:72:bc:7d:4c:d2:bd:c4:6c:b6:
65:36:d5:83:03:3f:27:f8:85:82:0d:29:d5:f1:d1:c9:d8:7e:
cb:15:1a:71:ab:fd:dd:a3:9b:94:14:35:0a:1d:f2:36:30:48:
3b:e1:b0:b0:f8:55:d8:21:a6:57:00:a5:c7:28:68:cf:ad:b4:
45:9b:91:d2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUD+u0XEJuRD666mRQWjMnhZLB5I8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTIxMjhaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDI5NWFkNTQzOTNkNjAwNTg4OTNlN2M0Y2ZhZDFiYmY3MjM5YTlkN2M5M2Vi
OTVhMGUxODJmODRiMmUzYTE0NzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJnS1FuRsZ3Ynv0SpWdNkClar1ytaqMfqiOgEawr+zIO43fFjZKJYXw/eiZ4
u3akSctt7kk7n7mtnSB8FaC/oHDPpOJReAWYtjM144mx9W4hlYypicloqj0WsLOG
OPkrzuAg144Bd/CrN32PuzdqtQFC9ab/T4206bD4MtXQsG0vLhKYywwQbfyKHXIV
b3kFLVGOFwKoky3uhbzZ1DrSvdddpo2/l/B8Pb5EJMjpN9moyZcH5B0uHyFyDj10
8XZB9sYEO+SjHEvRgrPwMVpfngHVe80v7PggnSEkXLqQgsgsk2LWwpQyoE4B0d5T
+eeDA26CU4xwCJT5aoAiXhPO700CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTg/Q48
QHOf2u8qWgIGIdqqk1nWCDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODk4ZGJjYWItODgxZS00MzcwLTk4YzYtOWIxYWM1MjE0Y2QwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hvg
QDANBgkqhkiG9w0BAQsFAAOCAQEAaGsoVLccjWgJWovWau995rJEsU+kT2WnOaTb
kyjWrLNLZdtL8fmbvbAo+cQrcYC+la6zlUyAJAXs8P491IoqAcZHPsS3AFy4h/qI
rXpjj9es/D/tpt7Yx4VjyNxvyPu+ASJ879q/vh/IqrfRExseOP/mc+Ti+Hez0U+Z
r9EicedJl9jQPvn4/5lXtixMTRie3g7vd9h1o178gCY/QZkJhb4vee2fLTV9XFHf
GgHDt33/6BtwVj0FMIoSCn5ccrx9TNK9xGy2ZTbVgwM/J/iFgg0p1fHRydh+yxUa
cav93aOblBQ1Ch3yNjBIO+GwsPhV2CGmVwClxyhoz620RZuR0g==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:18 2025 by rpki-client