Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa
File: 91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa (raw, json)
Hash identifier: vAFA5FfbPMg2WLA+glFWNYIJLuDGKUCkRYIkT7aWPrs=
Subject key identifier: 46:D5:90:53:09:55:46:AE:CA:1C:FE:32:05:91:10:00:CA:F4:CC:5F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 23957322FBF7E4497FBA293C2CF881CEE7147958
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa
Signing time: Fri 25 Apr 2025 18:20:46 +0000
ROA not before: Fri 25 Apr 2025 18:20:46 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:95:73:22:fb:f7:e4:49:7f:ba:29:3c:2c:f8:81:ce:e7:14:79:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:20:46 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=631c6a0b860704eec469cfffe26cf2088c117ed6a0b0b964d18eb7086bb5dcf0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:9e:e1:4f:de:67:61:e5:af:02:7a:f7:a0:cc:
63:9f:fa:8f:42:92:61:a4:16:9d:85:07:f3:7c:7f:
66:b6:19:3a:1a:45:b6:75:62:d8:86:4e:ea:eb:3a:
b0:02:df:26:3c:ae:af:35:bd:11:52:2f:88:7b:b5:
2c:e2:ce:90:f7:e9:c4:01:a0:6d:2d:2f:8a:6e:84:
88:8e:7c:32:37:3e:f2:c5:c3:73:67:98:94:ec:74:
f6:0c:57:20:75:e4:9b:73:f2:59:56:0a:75:82:f7:
26:9b:52:30:a8:a8:05:35:14:9c:2c:15:55:eb:42:
35:ca:a6:b2:6c:8f:6c:bb:e1:07:f0:d9:f2:b6:c6:
ce:84:6e:95:8e:8f:37:76:da:c7:43:fc:44:6b:c0:
5b:33:a3:31:7d:ce:1d:d1:fe:b1:50:31:02:14:1b:
2d:5a:c9:64:2a:f0:ae:34:45:7b:70:1a:12:84:4b:
17:39:aa:fe:9d:72:40:14:71:a5:e9:d2:eb:ab:92:
fa:8c:f1:81:24:b0:b7:89:3d:16:ad:7a:4f:4b:32:
1c:df:27:72:4f:83:28:50:b9:f9:b6:09:dd:a4:87:
78:3a:ed:f2:29:c8:3e:3f:fe:7c:a2:cc:be:b2:cf:
d4:bc:a4:06:dd:5a:da:a2:ed:da:b8:12:98:d5:85:
2f:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:D5:90:53:09:55:46:AE:CA:1C:FE:32:05:91:10:00:CA:F4:CC:5F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8080::/48
Signature Algorithm: sha256WithRSAEncryption
64:b7:c4:c6:73:02:f3:fe:e9:92:3d:8a:fc:f3:83:d5:c4:65:
08:97:19:af:28:ec:50:f2:77:3e:65:ef:de:44:b9:8b:4e:f7:
b5:27:f5:24:eb:21:da:95:db:91:96:30:33:b1:6a:6b:ab:f6:
42:db:11:28:53:87:9b:80:c6:2a:25:16:2c:b7:3c:18:9c:10:
47:18:dd:24:58:38:97:8e:3d:06:6a:7e:44:22:46:3a:42:a0:
07:e9:d1:7b:8e:8a:ce:48:75:32:6d:66:58:1d:f6:0c:80:0a:
3b:0c:33:7d:dd:0b:ec:52:56:21:1c:09:70:85:0d:73:0e:19:
54:39:38:b8:28:a9:b5:e7:ad:ed:97:bf:ec:38:2b:b0:22:66:
08:02:5d:a1:92:7c:02:ea:ee:93:54:88:20:f3:09:1a:64:fb:
19:0f:a4:ae:5b:2b:23:35:fa:61:93:d9:c5:06:d8:9a:3e:cd:
d6:7b:98:c6:c2:62:64:c7:b7:b9:d4:1b:d6:f6:ba:fe:75:3d:
37:26:af:30:a3:21:46:5d:10:8c:1f:87:4a:f3:e2:b6:ac:35:
3c:e9:af:e4:73:97:a7:5a:87:19:ad:87:ec:dc:cc:97:d0:f6:
14:99:d6:b9:5e:36:ca:76:ba:9b:93:13:8e:81:14:7c:53:04:
e0:b6:23:82
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUI5VzIvv35El/uik8LPiBzucUeVgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODIwNDZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDYzMWM2YTBiODYwNzA0ZWVjNDY5Y2ZmZmUyNmNmMjA4OGMxMTdlZDZhMGIw
Yjk2NGQxOGViNzA4NmJiNWRjZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALue4U/eZ2HlrwJ696DMY5/6j0KSYaQWnYUH83x/ZrYZOhpFtnVi2IZO6us6
sALfJjyurzW9EVIviHu1LOLOkPfpxAGgbS0vim6EiI58Mjc+8sXDc2eYlOx09gxX
IHXkm3PyWVYKdYL3JptSMKioBTUUnCwVVetCNcqmsmyPbLvhB/DZ8rbGzoRulY6P
N3bax0P8RGvAWzOjMX3OHdH+sVAxAhQbLVrJZCrwrjRFe3AaEoRLFzmq/p1yQBRx
penS66uS+ozxgSSwt4k9Fq16T0syHN8nck+DKFC5+bYJ3aSHeDrt8inIPj/+fKLM
vrLP1LykBt1a2qLt2rgSmNWFL88CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRG1ZBT
CVVGrsoc/jIFkRAAyvTMXzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTFlZTM2NTUtZGNiNC00MWM2LWI0YTQtMjcwY2E1Y2FjZjdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA
gDANBgkqhkiG9w0BAQsFAAOCAQEAZLfExnMC8/7pkj2K/POD1cRlCJcZryjsUPJ3
PmXv3kS5i073tSf1JOsh2pXbkZYwM7Fqa6v2QtsRKFOHm4DGKiUWLLc8GJwQRxjd
JFg4l449Bmp+RCJGOkKgB+nRe46Kzkh1Mm1mWB32DIAKOwwzfd0L7FJWIRwJcIUN
cw4ZVDk4uCipteet7Ze/7DgrsCJmCAJdoZJ8Auruk1SIIPMJGmT7GQ+krlsrIzX6
YZPZxQbYmj7N1nuYxsJiZMe3udQb1va6/nU9NyavMKMhRl0QjB+HSvPitqw1POmv
5HOXp1qHGa2H7NzMl9D2FJnWuV42yna6m5MTjoEUfFME4LYjgg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:06 2025 by rpki-client