Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9207595e-3bbc-45f7-8f0a-813e1b01f9a1.roa
File: 9207595e-3bbc-45f7-8f0a-813e1b01f9a1.roa (raw, json)
Hash identifier: CRcd8iU0U1dtf+IqkIHrbZfBjwEDXoIsO4K3QXlTWMg=
Subject key identifier: 74:4C:D0:AE:21:7E:8A:A6:8F:7B:7D:ED:E3:F2:9C:78:AE:45:4B:D3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 609ADA35F76A078DA5B8A1C91EFD4E644BBB4044
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9207595e-3bbc-45f7-8f0a-813e1b01f9a1.roa
Signing time: Fri 25 Apr 2025 19:01:06 +0000
ROA not before: Fri 25 Apr 2025 19:01:06 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:9040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:9a:da:35:f7:6a:07:8d:a5:b8:a1:c9:1e:fd:4e:64:4b:bb:40:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:01:06 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=833e4c011ca04975bd3a4ece46e186062af0fb5962056b1830a9c53c1d0de690, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:fa:85:d7:1f:d5:79:43:8f:3e:8d:df:83:df:
05:34:2c:04:4c:d1:a0:29:47:1f:66:8b:a0:ab:d7:
df:cf:58:66:40:e4:33:7f:89:06:4f:8c:11:0e:9e:
10:22:bd:42:04:4c:5e:cf:88:e3:d0:c5:fd:45:70:
7b:a7:2b:17:58:0d:da:80:18:de:9b:c6:28:a2:71:
36:9a:9e:98:6b:64:b5:0e:2d:22:a9:25:9e:15:90:
32:41:53:cf:37:ee:ba:8e:9a:b3:3d:83:17:2d:a9:
fc:ac:82:80:33:4b:b7:e8:24:df:89:79:61:ff:d3:
85:d9:27:f0:af:be:96:aa:fb:7b:fe:60:f4:87:fc:
2c:59:53:c8:2d:0f:17:26:12:e5:e3:af:1f:8b:87:
e3:7c:56:d7:bf:39:4c:fd:59:23:28:2f:8d:34:72:
f9:05:e4:19:95:69:c7:d0:cf:3d:91:58:10:e0:3f:
3f:23:20:fc:2a:cd:59:75:60:04:16:82:17:32:d3:
96:89:f7:b9:8d:d8:ea:27:28:da:2a:7a:cf:98:84:
b6:f6:ce:c5:e2:e2:26:7c:62:5a:02:74:25:a4:c6:
c4:4e:fd:3d:ad:75:20:9e:d2:56:7b:80:88:13:50:
2e:af:37:b3:e9:1d:ff:63:62:fc:16:e2:79:2d:e0:
53:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:4C:D0:AE:21:7E:8A:A6:8F:7B:7D:ED:E3:F2:9C:78:AE:45:4B:D3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9207595e-3bbc-45f7-8f0a-813e1b01f9a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:9040::/48
Signature Algorithm: sha256WithRSAEncryption
b6:12:a5:3a:a0:09:8a:de:df:c2:c6:d1:fb:03:eb:73:cf:8d:
7b:54:d3:f9:29:dd:af:26:5d:87:0b:b4:3b:e2:b1:d2:54:c2:
f4:a3:e1:d0:e2:c0:81:32:8c:c1:2b:68:90:67:0c:e1:b3:83:
fc:e3:46:1f:fe:c0:8d:7f:d6:25:0b:99:50:a2:91:0c:bd:5e:
fa:da:0e:e3:4b:bf:50:f9:49:a8:94:2f:4b:49:a3:90:66:3b:
f7:b1:e7:74:b2:c6:59:c3:9a:e7:26:f6:d1:23:73:8a:4a:a1:
1f:99:64:fd:bb:d2:bf:47:b3:83:4f:51:84:d7:78:cc:cd:16:
3e:98:03:9a:43:19:5a:67:0e:ba:af:e1:ae:d1:41:1e:f2:14:
2a:c8:b7:8b:17:11:52:f7:71:66:f4:f0:39:24:da:11:b7:f3:
6d:20:cb:20:11:38:0c:f9:3b:f2:ed:a7:0c:df:71:8b:ae:ec:
4d:05:eb:e0:cb:82:a6:7a:e7:1d:a3:29:6f:c9:e4:d3:85:8e:
8c:67:9d:f0:23:35:16:45:8a:fb:5e:5c:fa:92:e9:25:b1:58:
52:e1:91:20:dd:d0:79:cb:a9:3a:4e:7e:b4:66:70:ba:db:31:
d1:d7:4e:60:4b:da:ba:90:44:2e:60:a7:95:a1:0c:78:14:d5:
62:2e:e4:1c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYJraNfdqB42luKHJHv1OZEu7QEQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTAxMDZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDgzM2U0YzAxMWNhMDQ5NzViZDNhNGVjZTQ2ZTE4NjA2MmFmMGZiNTk2MjA1
NmIxODMwYTljNTNjMWQwZGU2OTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOL6hdcf1XlDjz6N34PfBTQsBEzRoClHH2aLoKvX389YZkDkM3+JBk+MEQ6e
ECK9QgRMXs+I49DF/UVwe6crF1gN2oAY3pvGKKJxNpqemGtktQ4tIqklnhWQMkFT
zzfuuo6asz2DFy2p/KyCgDNLt+gk34l5Yf/Thdkn8K++lqr7e/5g9If8LFlTyC0P
FyYS5eOvH4uH43xW1785TP1ZIygvjTRy+QXkGZVpx9DPPZFYEOA/PyMg/CrNWXVg
BBaCFzLTlon3uY3Y6ico2ip6z5iEtvbOxeLiJnxiWgJ0JaTGxE79Pa11IJ7SVnuA
iBNQLq83s+kd/2Ni/BbieS3gU0ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR0TNCu
IX6Kpo97fe3j8px4rkVL0zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTIwNzU5NWUtM2JiYy00NWY3LThmMGEtODEzZTFiMDFmOWExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAthKlOqAJit7fwsbR+wPrc8+Ne1TT+SndryZd
hwu0O+Kx0lTC9KPh0OLAgTKMwStokGcM4bOD/ONGH/7AjX/WJQuZUKKRDL1e+toO
40u/UPlJqJQvS0mjkGY797HndLLGWcOa5yb20SNzikqhH5lk/bvSv0ezg09RhNd4
zM0WPpgDmkMZWmcOuq/hrtFBHvIUKsi3ixcRUvdxZvTwOSTaEbfzbSDLIBE4DPk7
8u2nDN9xi67sTQXr4MuCpnrnHaMpb8nk04WOjGed8CM1FkWK+15c+pLpJbFYUuGR
IN3QecupOk5+tGZwutsx0ddOYEvaupBELmCnlaEMeBTVYi7kHA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:09 2025 by rpki-client