Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8cfa3133-8fd4-4816-ad14-c49146075f82.roa
File: 8cfa3133-8fd4-4816-ad14-c49146075f82.roa (raw, json)
Hash identifier: 8CjTjeG3OHlGEA+DB2Fe/MdJ4WX2uefrM4BhnWRaKXI=
Subject key identifier: B3:4F:2C:F7:6F:09:DE:26:76:14:6B:9E:3A:57:87:F1:EC:28:68:CB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 795ECF6DC303D501238C0112A19AF9F7DD74BAFA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8cfa3133-8fd4-4816-ad14-c49146075f82.roa
Signing time: Fri 25 Apr 2025 18:51:23 +0000
ROA not before: Fri 25 Apr 2025 18:51:23 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:5e:cf:6d:c3:03:d5:01:23:8c:01:12:a1:9a:f9:f7:dd:74:ba:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:51:23 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=7f5126e9e37889821d712ce2ab1f1c4054d7dc6536e73ec4ecd1e642c5a338d0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b3:03:25:87:2c:1f:17:68:d8:e3:f1:5b:e7:
fe:74:3e:1b:0e:32:a1:d4:d0:74:d8:43:8a:59:47:
0b:eb:ed:e9:d2:55:e4:bd:e3:65:e0:c4:46:6b:c2:
63:bf:96:cc:17:15:d3:02:72:e7:22:78:0a:82:1d:
6f:1e:d7:f8:51:b5:a9:3c:40:84:7a:5a:f0:1b:27:
80:e4:ec:e9:9b:1b:28:00:b7:a6:b6:84:e7:19:5b:
df:c7:d5:de:2b:b4:76:1c:18:e1:90:a9:50:75:a0:
4f:cf:e6:dd:fc:13:a5:53:ec:14:9a:cf:62:a2:9c:
70:b2:73:ce:b5:48:55:11:41:16:60:db:c1:dc:df:
ce:f1:45:c9:a0:d5:51:b0:36:54:ce:7c:7e:c4:25:
9d:3e:ad:28:8b:ca:69:26:4b:06:1b:3f:3c:6d:41:
2e:9a:a4:d6:a0:ab:a8:77:a6:aa:53:b5:3b:07:d5:
f1:8a:4a:a5:5f:9b:1a:6d:72:9d:d8:11:29:43:dd:
49:78:8d:36:a3:45:b9:cf:87:31:64:3b:74:c6:d5:
4f:a3:7f:51:98:15:2b:f9:28:8a:19:bd:53:9d:a3:
a1:97:1a:e4:92:e1:c6:04:bf:b8:d5:28:e3:83:60:
b9:5a:1e:84:42:26:88:3a:83:46:c3:cc:6c:1d:1e:
34:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:4F:2C:F7:6F:09:DE:26:76:14:6B:9E:3A:57:87:F1:EC:28:68:CB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8cfa3133-8fd4-4816-ad14-c49146075f82.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:6000::/40
Signature Algorithm: sha256WithRSAEncryption
46:f8:57:88:90:d7:2d:16:b0:00:15:39:dd:72:90:de:d2:4f:
d6:fa:76:7f:82:15:33:67:12:3a:11:2c:8b:02:25:29:0c:f0:
57:48:97:2c:ee:b6:25:54:e7:1f:57:62:7c:c4:76:13:3f:af:
e7:2c:d7:b2:4d:e0:d1:c2:74:4a:7d:0b:cd:42:36:d9:f6:08:
14:4d:f6:84:ae:83:f4:78:2e:14:21:ca:48:5a:b0:b4:b3:e7:
93:89:98:b5:a1:87:55:ee:73:b4:4b:e4:1a:d4:88:c3:9b:34:
03:54:14:8b:cf:8b:f0:66:92:0e:01:e7:46:12:e0:8c:f4:ef:
a5:aa:aa:a6:03:f0:42:ce:27:e0:00:73:94:5f:3a:87:75:b3:
6e:bf:bd:b5:4c:49:5e:4a:35:9e:bf:34:ec:11:36:fe:4d:71:
0b:9c:3d:40:42:c1:f0:59:bf:51:0e:11:e0:68:62:08:3b:6e:
e5:6f:ae:2c:25:58:ae:94:88:cc:42:70:3d:7b:f8:eb:6b:fb:
e9:f4:4a:1e:12:c2:d4:bc:30:aa:38:ac:40:d7:52:c3:c8:57:
ba:25:d2:e6:b1:96:1b:54:03:20:c8:2b:b9:ce:5a:6d:9e:60:
e1:59:cf:7b:56:17:60:c2:b6:7c:15:3f:16:a1:34:0e:5f:ab:
f3:8b:4a:23
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeV7PbcMD1QEjjAESoZr59910uvowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODUxMjNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmNTEyNmU5ZTM3ODg5ODIxZDcxMmNlMmFiMWYxYzQwNTRkN2RjNjUzNmU3
M2VjNGVjZDFlNjQyYzVhMzM4ZDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALGzAyWHLB8XaNjj8Vvn/nQ+Gw4yodTQdNhDillHC+vt6dJV5L3jZeDERmvC
Y7+WzBcV0wJy5yJ4CoIdbx7X+FG1qTxAhHpa8BsngOTs6ZsbKAC3praE5xlb38fV
3iu0dhwY4ZCpUHWgT8/m3fwTpVPsFJrPYqKccLJzzrVIVRFBFmDbwdzfzvFFyaDV
UbA2VM58fsQlnT6tKIvKaSZLBhs/PG1BLpqk1qCrqHemqlO1OwfV8YpKpV+bGm1y
ndgRKUPdSXiNNqNFuc+HMWQ7dMbVT6N/UZgVK/koihm9U52joZca5JLhxgS/uNUo
44NguVoehEImiDqDRsPMbB0eNFkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSzTyz3
bwneJnYUa546V4fx7ChoyzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGNmYTMxMzMtOGZkNC00ODE2LWFkMTQtYzQ5MTQ2MDc1ZjgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HJg
MA0GCSqGSIb3DQEBCwUAA4IBAQBG+FeIkNctFrAAFTndcpDe0k/W+nZ/ghUzZxI6
ESyLAiUpDPBXSJcs7rYlVOcfV2J8xHYTP6/nLNeyTeDRwnRKfQvNQjbZ9ggUTfaE
roP0eC4UIcpIWrC0s+eTiZi1oYdV7nO0S+Qa1IjDmzQDVBSLz4vwZpIOAedGEuCM
9O+lqqqmA/BCzifgAHOUXzqHdbNuv721TEleSjWevzTsETb+TXELnD1AQsHwWb9R
DhHgaGIIO27lb64sJViulIjMQnA9e/jra/vp9EoeEsLUvDCqOKxA11LDyFe6JdLm
sZYbVAMgyCu5zlptnmDhWc97VhdgwrZ8FT8WoTQOX6vzi0oj
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:18 2025 by rpki-client