Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89a57214-0fc2-48c6-99d6-19852ea7a30e.roa
File: 89a57214-0fc2-48c6-99d6-19852ea7a30e.roa (raw, json)
Hash identifier: OGv0mamlM/X9Vz4Ihf3j5XK9CDqt9dSK035X/GtU8+M=
Subject key identifier: AB:0B:D6:CD:EC:C6:02:56:8A:C3:65:38:B7:A1:25:95:F5:73:94:FE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 22F07ED2A0CDB125AC4601B2F94DB7E6815A1531
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89a57214-0fc2-48c6-99d6-19852ea7a30e.roa
Signing time: Fri 25 Apr 2025 18:51:16 +0000
ROA not before: Fri 25 Apr 2025 18:51:16 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:1080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:f0:7e:d2:a0:cd:b1:25:ac:46:01:b2:f9:4d:b7:e6:81:5a:15:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:51:16 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=55b908ba6a7629a85525ca9558260dbda84b15f07212a2f9c09185c2c259e6ec, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1a:f4:c9:23:01:ad:ed:f5:9e:dd:6e:b9:3a:
20:ea:76:6f:b8:56:01:2e:62:e2:d5:42:a1:10:d8:
19:31:38:30:44:96:cd:40:73:d9:19:67:a9:90:ae:
05:f5:41:50:80:13:e4:8b:19:e1:f2:78:76:19:9d:
d0:db:c2:c1:95:f4:f1:f6:55:77:e9:7a:26:90:9e:
33:d4:bf:c2:6d:f5:4b:bb:ed:fb:32:27:9a:e8:2b:
2f:d6:c1:6c:55:41:b7:94:ee:a5:64:6a:4f:08:26:
e2:48:fb:a3:e1:21:c8:41:96:cd:18:2e:5e:ce:76:
6d:2a:f3:11:4c:30:12:43:e2:b3:b1:a4:1a:68:a6:
33:49:86:8e:8d:7b:06:01:43:f5:c1:81:45:c7:2c:
e6:7e:62:6c:4b:b7:47:b0:41:81:a4:18:ac:b4:5a:
9b:50:65:f5:22:0a:29:8e:8a:1f:03:51:d2:0a:76:
ce:83:d1:0a:a1:da:93:df:3e:6c:db:bb:4a:92:1a:
e5:4e:78:c7:dd:89:ed:68:fc:03:04:5b:aa:3a:25:
7f:70:da:b6:ef:f4:a1:e3:54:62:d2:ff:56:a6:16:
ea:a4:12:04:0f:eb:47:04:f0:e9:1a:ac:a4:49:aa:
61:23:8f:2d:2f:f8:cc:12:50:aa:0a:84:54:74:dc:
3b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:0B:D6:CD:EC:C6:02:56:8A:C3:65:38:B7:A1:25:95:F5:73:94:FE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89a57214-0fc2-48c6-99d6-19852ea7a30e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:1080::/48
Signature Algorithm: sha256WithRSAEncryption
73:b5:a1:9c:bd:25:40:1e:71:61:1c:12:1d:59:1c:24:c4:7e:
d6:3a:0b:0b:87:62:8b:7e:9a:df:f5:8c:78:df:c0:ba:ae:0e:
20:b2:8f:b5:49:3b:a3:81:91:40:d3:1c:23:84:2c:88:5e:10:
46:15:81:e6:e6:95:0d:f7:e5:e1:58:67:e6:4d:b8:65:8f:12:
f9:a5:fd:00:dd:4f:37:18:22:97:16:6a:17:07:79:34:30:ee:
30:43:38:ed:fc:05:fc:b0:b2:81:cb:0c:83:fd:a7:a8:e7:8c:
ea:78:ed:3a:3b:26:bb:7f:68:83:29:ba:86:41:30:df:a0:f3:
42:00:e5:05:b8:77:b8:27:1b:9f:6f:56:88:85:94:2a:d6:fa:
4d:57:21:5e:00:97:c9:73:52:5a:ca:cb:48:16:07:2b:0a:af:
fa:45:33:3c:7b:16:f3:c3:89:aa:0c:ce:ce:cb:26:be:db:40:
22:da:64:e7:ce:70:4d:1b:17:96:b0:60:4b:17:1a:74:bb:9e:
30:da:7c:4b:9a:51:68:d5:6c:d3:7e:70:1a:11:8b:a8:38:6e:
b2:7b:e5:1c:41:77:83:36:57:d0:53:fb:0e:32:12:d6:52:af:
79:ab:58:8b:e4:db:3c:aa:c5:68:41:25:c8:6d:4f:08:8d:be:
b8:52:71:b2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIvB+0qDNsSWsRgGy+U235oFaFTEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODUxMTZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDU1YjkwOGJhNmE3NjI5YTg1NTI1Y2E5NTU4MjYwZGJkYTg0YjE1ZjA3MjEy
YTJmOWMwOTE4NWMyYzI1OWU2ZWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALIa9MkjAa3t9Z7dbrk6IOp2b7hWAS5i4tVCoRDYGTE4MESWzUBz2RlnqZCu
BfVBUIAT5IsZ4fJ4dhmd0NvCwZX08fZVd+l6JpCeM9S/wm31S7vt+zInmugrL9bB
bFVBt5TupWRqTwgm4kj7o+EhyEGWzRguXs52bSrzEUwwEkPis7GkGmimM0mGjo17
BgFD9cGBRccs5n5ibEu3R7BBgaQYrLRam1Bl9SIKKY6KHwNR0gp2zoPRCqHak98+
bNu7SpIa5U54x92J7Wj8AwRbqjolf3Datu/0oeNUYtL/VqYW6qQSBA/rRwTw6Rqs
pEmqYSOPLS/4zBJQqgqEVHTcOxkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSrC9bN
7MYCVorDZTi3oSWV9XOU/jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODlhNTcyMTQtMGZjMi00OGM2LTk5ZDYtMTk4NTJlYTdhMzBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HQQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAc7WhnL0lQB5xYRwSHVkcJMR+1joLC4dii36a
3/WMeN/Auq4OILKPtUk7o4GRQNMcI4QsiF4QRhWB5uaVDffl4Vhn5k24ZY8S+aX9
AN1PNxgilxZqFwd5NDDuMEM47fwF/LCygcsMg/2nqOeM6njtOjsmu39ogym6hkEw
36DzQgDlBbh3uCcbn29WiIWUKtb6TVchXgCXyXNSWsrLSBYHKwqv+kUzPHsW88OJ
qgzOzssmvttAItpk585wTRsXlrBgSxcadLueMNp8S5pRaNVs035wGhGLqDhusnvl
HEF3gzZX0FP7DjIS1lKveatYi+TbPKrFaEElyG1PCI2+uFJxsg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:26 2025 by rpki-client