Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/979bc73f-7d87-4cfa-93bd-0378cf1d6aef.roa
File: 979bc73f-7d87-4cfa-93bd-0378cf1d6aef.roa (raw, json)
Hash identifier: 6ILXOsf19daU7xuT8zdPA6RhBHJA6ub20QED67hPKQ0=
Subject key identifier: 27:00:EF:E4:5E:C7:08:08:12:67:29:81:45:49:B7:D2:8C:43:06:56
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 46FAF6FD5255D374177A8151C11D322166E306EA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/979bc73f-7d87-4cfa-93bd-0378cf1d6aef.roa
Signing time: Fri 25 Apr 2025 18:21:12 +0000
ROA not before: Fri 25 Apr 2025 18:21:12 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:8040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:fa:f6:fd:52:55:d3:74:17:7a:81:51:c1:1d:32:21:66:e3:06:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:21:12 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=a7d195bb71df5fd63b3de4a213dc926a06548f8aac79ebba68aa6da4024d5531, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c5:9f:79:db:c6:16:b1:52:49:b6:95:a0:c5:
36:67:34:b0:09:ca:01:63:dd:c3:d8:bf:63:8f:db:
3e:69:23:2c:56:26:ae:d1:0f:b8:a7:f0:2e:69:7b:
b7:5a:f6:71:e2:5e:f1:81:fd:b2:82:64:86:34:6f:
21:2e:2a:8f:82:56:2d:f5:1f:ca:4c:2a:8a:3e:bc:
a0:db:fe:f4:9f:1f:ab:93:81:d7:40:4e:cd:3c:7c:
f8:b4:fe:12:48:a4:23:16:98:19:20:87:4f:03:2c:
1a:da:82:1b:6a:a0:52:79:f5:22:0f:3a:5b:ec:ba:
fe:05:6f:33:cc:0c:89:9b:03:aa:7b:2c:7b:67:44:
e5:b6:55:8d:16:de:bb:46:de:3d:2f:d0:14:ff:18:
68:34:2f:a7:0b:09:a7:ae:0f:71:42:a0:60:ca:28:
29:49:06:f1:9a:02:1b:80:84:11:54:bc:c3:b2:1f:
bd:05:04:f9:fc:64:02:89:c4:6a:a1:5f:fc:62:1f:
5e:f2:86:30:fa:15:f8:07:69:8d:66:07:18:3a:ba:
0a:45:97:73:50:40:e8:00:05:75:65:68:27:f9:b5:
b0:2c:7d:a5:a2:af:09:0a:d1:3f:b2:6a:b5:93:71:
c1:14:d5:2e:07:c7:77:3b:c8:64:04:2b:d9:d3:6b:
95:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:00:EF:E4:5E:C7:08:08:12:67:29:81:45:49:B7:D2:8C:43:06:56
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/979bc73f-7d87-4cfa-93bd-0378cf1d6aef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:8040::/48
Signature Algorithm: sha256WithRSAEncryption
94:9e:38:bb:b4:36:ce:54:86:78:19:04:62:c0:a4:56:7d:ee:
5e:15:3c:c9:07:46:15:96:f7:20:71:ba:61:0e:c6:7d:8b:7e:
df:ae:57:ba:45:c4:7b:64:aa:95:1a:f4:5e:95:bc:29:d5:f7:
c2:b2:12:7e:87:a1:f6:a7:44:f3:9c:09:b9:f6:24:5d:ed:dc:
d4:85:7a:32:7f:53:1b:94:e1:db:bc:8b:e0:4e:e6:8f:97:70:
f1:c0:43:58:a9:aa:bc:f9:b9:f4:8d:89:6b:73:de:bd:01:ca:
80:69:ab:27:fd:d5:4e:61:2b:b5:d7:c9:81:80:74:b6:9b:bc:
7d:a5:08:dc:3d:8e:ee:89:06:9d:57:1c:ec:f1:26:f2:6e:b9:
c5:d8:06:1b:5d:d2:af:1d:95:cd:6c:c7:46:dc:cf:4c:24:a2:
94:05:fb:60:fb:11:43:ef:8c:30:2c:0a:e2:a1:78:16:34:24:
cc:2c:f0:0f:c9:79:29:cb:79:b1:90:08:13:af:8c:b7:38:38:
1f:5e:74:28:43:e7:4e:1c:14:d0:a8:fa:21:48:91:91:8e:01:
6d:0c:e6:17:e3:33:62:9a:34:35:b6:be:0b:6f:5b:db:e8:8f:
9e:e8:0f:95:69:64:47:9b:8d:f2:4b:ca:df:27:dd:98:1f:e1:
3b:f9:05:6a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURvr2/VJV03QXeoFRwR0yIWbjBuowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODIxMTJaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGE3ZDE5NWJiNzFkZjVmZDYzYjNkZTRhMjEzZGM5MjZhMDY1NDhmOGFhYzc5
ZWJiYTY4YWE2ZGE0MDI0ZDU1MzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJXFn3nbxhaxUkm2laDFNmc0sAnKAWPdw9i/Y4/bPmkjLFYmrtEPuKfwLml7
t1r2ceJe8YH9soJkhjRvIS4qj4JWLfUfykwqij68oNv+9J8fq5OB10BOzTx8+LT+
EkikIxaYGSCHTwMsGtqCG2qgUnn1Ig86W+y6/gVvM8wMiZsDqnsse2dE5bZVjRbe
u0bePS/QFP8YaDQvpwsJp64PcUKgYMooKUkG8ZoCG4CEEVS8w7IfvQUE+fxkAonE
aqFf/GIfXvKGMPoV+AdpjWYHGDq6CkWXc1BA6AAFdWVoJ/m1sCx9paKvCQrRP7Jq
tZNxwRTVLgfHdzvIZAQr2dNrld8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQnAO/k
XscICBJnKYFFSbfSjEMGVjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTc5YmM3M2YtN2Q4Ny00Y2ZhLTkzYmQtMDM3OGNmMWQ2YWVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGA
QDANBgkqhkiG9w0BAQsFAAOCAQEAlJ44u7Q2zlSGeBkEYsCkVn3uXhU8yQdGFZb3
IHG6YQ7GfYt+365XukXEe2SqlRr0XpW8KdX3wrISfoeh9qdE85wJufYkXe3c1IV6
Mn9TG5Th27yL4E7mj5dw8cBDWKmqvPm59I2Ja3PevQHKgGmrJ/3VTmErtdfJgYB0
tpu8faUI3D2O7okGnVcc7PEm8m65xdgGG13Srx2VzWzHRtzPTCSilAX7YPsRQ++M
MCwK4qF4FjQkzCzwD8l5Kct5sZAIE6+Mtzg4H150KEPnThwU0Kj6IUiRkY4BbQzm
F+MzYpo0Nba+C29b2+iPnugPlWlkR5uN8kvK3yfdmB/hO/kFag==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:47:12 2025 by rpki-client