Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/98d31ec0-4f9a-44c5-a7bb-227b31886812.roa
File: 98d31ec0-4f9a-44c5-a7bb-227b31886812.roa (raw, json)
Hash identifier: oApYekuaNhEWjUwCNSq/6koSZZFJZIwqqxKTiQG7A78=
Subject key identifier: 77:96:C9:54:CE:DF:29:36:D9:C0:48:DD:39:C9:86:65:0E:65:FD:CB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5FF0A0370CE67057FE9642D8358A33C5BED7E657
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/98d31ec0-4f9a-44c5-a7bb-227b31886812.roa
Signing time: Fri 25 Apr 2025 19:20:54 +0000
ROA not before: Fri 25 Apr 2025 19:20:54 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:90c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:f0:a0:37:0c:e6:70:57:fe:96:42:d8:35:8a:33:c5:be:d7:e6:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:20:54 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=d089a088faa8094f4fa27bf0c99eb0909c8b538ed9297ca079775a1258b885bf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:20:40:74:6a:e3:1e:7a:d0:d9:2e:95:e2:fb:
26:4b:77:8b:bf:a6:dd:bf:fb:a3:21:fe:36:e9:76:
19:c8:20:b3:97:17:3f:a4:ec:5d:ae:d8:aa:e2:39:
33:6c:40:5f:92:76:7d:40:07:be:de:09:cb:7a:e4:
04:75:b8:4b:eb:92:22:08:e3:e5:4d:4e:93:a7:b9:
d4:20:1c:7b:31:63:2d:68:34:13:0c:b7:dc:b4:3c:
d3:69:01:a5:92:a1:d0:99:3a:31:fc:50:53:29:bd:
4d:63:c7:e1:1d:98:39:1e:5a:35:92:f4:d1:60:19:
1d:ef:b7:2f:48:15:29:37:f3:56:ff:50:90:ee:79:
6d:35:89:17:23:a1:b5:54:d8:e6:5c:c0:c2:e2:bc:
e7:3c:e8:ec:69:b9:81:2e:b2:8c:dc:12:e4:e1:08:
41:55:60:b6:8e:d3:d9:2d:26:49:34:82:a5:37:f2:
0a:c5:91:74:bd:a4:98:1a:be:a1:16:8f:da:54:58:
06:a3:1b:d3:b7:17:97:b5:f0:18:ec:4d:9d:50:04:
f5:46:6b:e0:5e:4c:13:c3:ec:ed:08:3b:81:a4:50:
76:89:47:6a:2d:fb:a9:de:ea:0a:eb:05:dc:19:44:
da:ef:63:b8:9d:99:ae:b9:ca:e9:d6:e9:16:9e:5f:
8d:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:96:C9:54:CE:DF:29:36:D9:C0:48:DD:39:C9:86:65:0E:65:FD:CB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/98d31ec0-4f9a-44c5-a7bb-227b31886812.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:90c0::/46
Signature Algorithm: sha256WithRSAEncryption
6c:f9:99:79:85:fe:52:80:f4:7c:d8:07:dc:13:f4:31:47:dc:
12:7c:b2:78:8d:77:9f:fe:1e:03:bc:9e:e1:26:cf:5f:26:6b:
ce:e1:c5:b9:9b:e4:b3:f4:be:13:2c:63:0a:56:0c:8e:ab:9c:
d6:35:a0:cd:4d:7c:2b:1b:02:c0:6b:52:54:12:5b:8e:5f:bd:
74:55:59:9b:e3:56:12:99:df:80:ef:70:c0:62:95:5d:43:93:
0a:bd:2c:ac:ad:c8:70:54:45:b3:d5:06:d9:5d:f4:c0:55:b3:
f3:a1:f0:21:a0:a4:b9:0f:a9:31:e9:7d:b0:5b:f4:59:3f:66:
9e:8e:4f:7b:02:57:30:10:bf:57:ff:34:5e:aa:9b:03:a7:8d:
22:ee:6e:b6:f6:e1:76:ad:c6:23:38:e2:70:29:36:3e:72:76:
d6:e2:ca:65:b8:a2:41:8c:49:ca:78:00:ad:d3:38:4f:de:c0:
90:75:6d:d5:49:51:92:a5:2b:ed:bc:47:2b:af:e8:83:66:26:
53:b9:12:76:05:d6:f4:d3:6e:5f:81:9b:3a:06:c9:62:36:34:
ed:bb:db:dd:5f:f1:25:6f:c7:e9:26:52:1d:ec:1b:2f:9d:3d:
86:ee:0c:bc:5c:fe:9a:96:a3:91:89:95:88:f6:c9:8c:a4:d1:
34:43:b6:ea
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUX/CgNwzmcFf+lkLYNYozxb7X5lcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTIwNTRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQwODlhMDg4ZmFhODA5NGY0ZmEyN2JmMGM5OWViMDkwOWM4YjUzOGVkOTI5
N2NhMDc5Nzc1YTEyNThiODg1YmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANQgQHRq4x560NkuleL7Jkt3i7+m3b/7oyH+Nul2Gcggs5cXP6TsXa7YquI5
M2xAX5J2fUAHvt4Jy3rkBHW4S+uSIgjj5U1Ok6e51CAcezFjLWg0Ewy33LQ802kB
pZKh0Jk6MfxQUym9TWPH4R2YOR5aNZL00WAZHe+3L0gVKTfzVv9QkO55bTWJFyOh
tVTY5lzAwuK85zzo7Gm5gS6yjNwS5OEIQVVgto7T2S0mSTSCpTfyCsWRdL2kmBq+
oRaP2lRYBqMb07cXl7XwGOxNnVAE9UZr4F5ME8Ps7Qg7gaRQdolHai37qd7qCusF
3BlE2u9juJ2ZrrnK6dbpFp5fjQECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR3lslU
zt8pNtnASN05yYZlDmX9yzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OThkMzFlYzAtNGY5YS00NGM1LWE3YmItMjI3YjMxODg2ODEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HuQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAbPmZeYX+UoD0fNgH3BP0MUfcEnyyeI13n/4e
A7ye4SbPXyZrzuHFuZvks/S+EyxjClYMjquc1jWgzU18KxsCwGtSVBJbjl+9dFVZ
m+NWEpnfgO9wwGKVXUOTCr0srK3IcFRFs9UG2V30wFWz86HwIaCkuQ+pMel9sFv0
WT9mno5PewJXMBC/V/80XqqbA6eNIu5utvbhdq3GIzjicCk2PnJ21uLKZbiiQYxJ
yngArdM4T97AkHVt1UlRkqUr7bxHK6/og2YmU7kSdgXW9NNuX4GbOgbJYjY07bvb
3V/xJW/H6SZSHewbL509hu4MvFz+mpajkYmViPbJjKTRNEO26g==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:48:16 2025 by rpki-client