Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9926a15e-d7fd-4d7b-ad1e-d0df98f546cb.roa
File: 9926a15e-d7fd-4d7b-ad1e-d0df98f546cb.roa (raw, json)
Hash identifier: 7T78FdgBkecSmDSGgpYoH/0gnuSF/2VwosRNe6HGfzQ=
Subject key identifier: 6A:56:78:90:84:AC:23:09:C5:86:12:FA:FB:66:0D:14:AB:D0:F4:CD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0187B6F97E096A5FD1B4F54ADB5D509F101F83BA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9926a15e-d7fd-4d7b-ad1e-d0df98f546cb.roa
Signing time: Fri 25 Apr 2025 18:10:45 +0000
ROA not before: Fri 25 Apr 2025 18:10:45 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:9080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b6:f9:7e:09:6a:5f:d1:b4:f5:4a:db:5d:50:9f:10:1f:83:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:10:45 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=7eb8b3e972e89e3b8a0348a3fcd9e135666420729bf75d5f9ff9941b685ffffb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:31:fb:84:08:68:75:f2:6b:5f:93:c3:45:78:
26:02:45:32:67:b5:dd:c3:8b:d0:ba:58:62:0c:84:
d4:0e:4b:57:9b:f3:a3:6d:74:08:06:e5:5d:56:ea:
70:1e:ad:3b:41:f1:f0:6f:52:1e:e5:5d:52:b9:02:
e8:81:26:b1:e9:a3:1b:0b:d7:8c:1d:b5:12:0b:b9:
fa:8c:73:9e:f3:4d:fd:e5:c4:c9:8a:80:37:31:eb:
19:28:6f:f5:5d:91:97:67:79:cb:14:d2:62:9e:dd:
71:34:85:bc:4c:17:66:dc:75:1f:25:54:8d:16:27:
9b:3c:b3:00:1a:c8:bf:69:58:15:a5:1a:c7:9c:b3:
3f:6f:4d:58:1b:4f:e3:7f:d4:dc:37:80:dd:24:8e:
6c:a7:78:cb:94:65:7b:5a:c8:1e:cd:4b:9b:bb:2b:
cb:b9:e1:78:94:33:59:c9:15:0c:40:c1:58:b6:ff:
a7:96:df:9c:a1:ac:83:c2:0b:c8:86:6f:43:66:80:
fa:d0:29:1e:5c:04:e4:71:96:2c:ca:0a:c2:01:ab:
de:bb:3f:2f:ba:ee:83:46:1a:ad:8d:db:74:75:a9:
be:26:ae:50:f8:bb:1f:0a:f4:6d:98:e3:5f:a4:6c:
29:3b:cb:ad:32:3c:50:2a:7f:b9:1d:80:fc:d6:23:
e3:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:56:78:90:84:AC:23:09:C5:86:12:FA:FB:66:0D:14:AB:D0:F4:CD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9926a15e-d7fd-4d7b-ad1e-d0df98f546cb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:9080::/48
Signature Algorithm: sha256WithRSAEncryption
35:40:00:60:d5:eb:a2:b5:f7:98:f4:a4:ad:d6:3e:f0:b9:b2:
12:f4:d5:5f:c6:d5:85:07:48:c5:ea:8c:d8:b6:e7:4d:d1:8d:
f5:f4:93:53:ab:43:a7:71:ea:a7:a1:2e:fa:62:bd:ce:78:43:
1c:6a:30:ed:6e:2d:d2:43:5b:1a:b0:1c:bf:13:9a:fa:2e:7b:
c2:30:2f:a2:a1:26:2d:22:9a:6d:f5:be:f0:52:c6:d2:2e:a6:
8d:03:75:dc:a0:fd:4d:20:55:24:d2:e0:3f:a9:59:1a:a5:06:
e2:ff:cb:99:06:42:03:a9:05:1d:01:7d:03:6c:87:7b:c9:9c:
29:48:a2:5d:cd:57:14:2b:5f:72:10:a9:1c:c4:f3:f0:7c:e2:
2e:58:a0:8f:fa:d5:03:e2:af:2d:72:89:62:ee:2a:96:32:23:
35:7a:cf:6b:76:8e:7f:8a:21:f8:f2:5b:dc:8d:ff:fe:16:65:
fc:b3:c7:ab:11:aa:54:14:e3:5d:63:c4:18:e1:8d:84:4d:18:
74:e3:19:21:33:42:02:5d:0c:59:32:57:4c:84:85:ae:d3:92:
e6:68:70:dd:f2:44:17:d9:e9:f8:f9:53:76:74:10:e3:8c:7f:
19:1e:ca:96:36:72:3c:8e:10:23:a1:c4:4a:92:5f:0f:9e:89:
47:42:33:02
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUAYe2+X4Jal/RtPVK211QnxAfg7owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODEwNDVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDdlYjhiM2U5NzJlODllM2I4YTAzNDhhM2ZjZDllMTM1NjY2NDIwNzI5YmY3
NWQ1ZjlmZjk5NDFiNjg1ZmZmZmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMMx+4QIaHXya1+Tw0V4JgJFMme13cOL0LpYYgyE1A5LV5vzo210CAblXVbq
cB6tO0Hx8G9SHuVdUrkC6IEmsemjGwvXjB21Egu5+oxznvNN/eXEyYqANzHrGShv
9V2Rl2d5yxTSYp7dcTSFvEwXZtx1HyVUjRYnmzyzABrIv2lYFaUax5yzP29NWBtP
43/U3DeA3SSObKd4y5Rle1rIHs1Lm7sry7nheJQzWckVDEDBWLb/p5bfnKGsg8IL
yIZvQ2aA+tApHlwE5HGWLMoKwgGr3rs/L7rug0YarY3bdHWpviauUPi7Hwr0bZjj
X6RsKTvLrTI8UCp/uR2A/NYj4+cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRqVniQ
hKwjCcWGEvr7Zg0Uq9D0zTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTkyNmExNWUtZDdmZC00ZDdiLWFkMWUtZDBkZjk4ZjU0NmNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+Q
gDANBgkqhkiG9w0BAQsFAAOCAQEANUAAYNXrorX3mPSkrdY+8LmyEvTVX8bVhQdI
xeqM2LbnTdGN9fSTU6tDp3Hqp6Eu+mK9znhDHGow7W4t0kNbGrAcvxOa+i57wjAv
oqEmLSKabfW+8FLG0i6mjQN13KD9TSBVJNLgP6lZGqUG4v/LmQZCA6kFHQF9A2yH
e8mcKUiiXc1XFCtfchCpHMTz8HziLligj/rVA+KvLXKJYu4qljIjNXrPa3aOf4oh
+PJb3I3//hZl/LPHqxGqVBTjXWPEGOGNhE0YdOMZITNCAl0MWTJXTISFrtOS5mhw
3fJEF9np+PlTdnQQ44x/GR7KljZyPI4QI6HESpJfD56JR0IzAg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:57 2025 by rpki-client