Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c1a10cc-5dc9-44bc-a4d2-9396bd9bc959.roa
File: 9c1a10cc-5dc9-44bc-a4d2-9396bd9bc959.roa (raw, json)
Hash identifier: EZIllMJhsPHBkun2nz6LgjJ7ahA5tt+ArzGIpZsd2ho=
Subject key identifier: 80:C5:8D:F0:D7:AA:4D:93:3F:A1:50:F6:E0:89:84:E9:0A:12:F8:1E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 16C26DE03A53335B1A25C3093EDC64341DF1D241
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c1a10cc-5dc9-44bc-a4d2-9396bd9bc959.roa
Signing time: Fri 18 Apr 2025 18:30:15 +0000
ROA not before: Fri 18 Apr 2025 18:30:15 +0000
ROA not after: Fri 23 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:a000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:c2:6d:e0:3a:53:33:5b:1a:25:c3:09:3e:dc:64:34:1d:f1:d2:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 18 18:30:15 2025 GMT
Not After : May 23 23:59:59 2025 GMT
Subject: serialNumber=8a08cbb2079fea56c0e01f32faeb98739f16d176aa68b345da2d6a567b9b982d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:3a:53:c2:eb:33:dc:e5:48:b4:0a:20:55:d7:
9b:88:f7:7b:8c:f7:6f:40:a0:cd:35:2e:8a:83:c1:
25:80:d0:de:2e:1d:ea:58:13:52:88:d8:4a:76:db:
39:a6:5e:c5:96:85:f4:87:70:5a:6e:a9:22:b2:1f:
94:38:ec:54:04:62:08:22:c8:29:d8:a4:86:c2:45:
29:79:aa:96:b8:2c:0d:f0:16:94:ff:c6:6b:7a:a0:
ae:c1:e5:c6:78:ad:e6:dc:cb:67:34:0c:41:44:bd:
2b:05:e9:a4:66:bc:75:b7:39:ad:44:0f:a5:44:49:
d6:96:09:98:1c:28:64:5b:5f:fc:b7:cc:10:78:4a:
65:fa:35:c1:bf:be:f3:a1:7b:cc:51:2a:3f:89:f5:
0a:aa:c8:cb:ef:10:3b:c1:d4:e4:42:61:74:72:16:
b7:f0:6a:bd:18:39:fe:73:ef:e4:be:e5:15:70:7b:
c0:99:7c:4c:f0:d3:e7:cd:c3:16:e3:5f:1b:0b:bd:
4e:56:86:45:11:5a:b9:2b:f1:8a:c5:3c:f9:0a:84:
ca:02:23:32:29:40:e0:4e:94:63:8e:fa:b9:5c:2a:
89:2e:7f:4e:22:97:ca:b8:eb:e5:1f:f8:89:c2:95:
36:f4:74:23:c0:37:e2:ec:ff:d2:42:08:f4:2b:2e:
ce:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:C5:8D:F0:D7:AA:4D:93:3F:A1:50:F6:E0:89:84:E9:0A:12:F8:1E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c1a10cc-5dc9-44bc-a4d2-9396bd9bc959.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:a000::/48
Signature Algorithm: sha256WithRSAEncryption
0a:e4:a1:01:77:a7:38:10:67:2a:82:18:b7:bd:64:3f:80:0a:
01:a3:2f:53:5d:8a:5a:0d:5c:d0:3b:3f:5e:fa:9c:0e:09:42:
ba:e8:e3:33:ec:f1:41:a6:0b:6b:86:d6:ad:d4:7e:f3:d4:65:
f3:3f:06:d5:9d:e5:15:63:32:8e:12:52:9c:27:56:63:35:63:
c3:f7:42:b3:bf:b8:57:65:70:d9:cd:4a:35:95:5c:e1:f0:28:
9b:ed:b5:75:f3:81:6c:0c:f4:9b:04:c5:bb:ed:07:fd:15:b4:
5e:a2:c1:84:61:26:50:25:f5:6c:12:2e:92:c9:24:17:f8:2e:
79:ce:2b:e9:aa:73:46:f1:2c:a5:b6:32:96:d7:0e:a3:83:7b:
48:3f:1b:7f:f8:e7:09:f1:d8:7c:6a:5d:90:3d:92:b7:1b:8a:
8f:39:22:a4:c8:af:df:38:40:ac:20:e6:d8:40:fc:21:91:a1:
6f:33:58:75:34:6f:a2:6c:8b:aa:bb:f7:a4:40:39:c0:07:0c:
d0:f0:bb:dc:64:42:45:de:fc:da:d4:20:d2:88:e9:c9:35:ed:
27:62:58:a2:15:e0:9e:3c:d5:3e:88:89:5b:72:7d:dc:b6:6e:
a0:ca:9e:57:df:56:ce:be:7c:20:10:8d:a6:31:5d:86:fc:07:
ac:cb:49:24
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFsJt4DpTM1saJcMJPtxkNB3x0kEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTgxODMwMTVaFw0yNTA1MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDhhMDhjYmIyMDc5ZmVhNTZjMGUwMWYzMmZhZWI5ODczOWYxNmQxNzZhYTY4
YjM0NWRhMmQ2YTU2N2I5Yjk4MmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMs6U8LrM9zlSLQKIFXXm4j3e4z3b0CgzTUuioPBJYDQ3i4d6lgTUojYSnbb
OaZexZaF9IdwWm6pIrIflDjsVARiCCLIKdikhsJFKXmqlrgsDfAWlP/Ga3qgrsHl
xnit5tzLZzQMQUS9KwXppGa8dbc5rUQPpURJ1pYJmBwoZFtf/LfMEHhKZfo1wb++
86F7zFEqP4n1CqrIy+8QO8HU5EJhdHIWt/BqvRg5/nPv5L7lFXB7wJl8TPDT583D
FuNfGwu9TlaGRRFauSvxisU8+QqEygIjMilA4E6UY476uVwqiS5/TiKXyrjr5R/4
icKVNvR0I8A34uz/0kII9CsuzikCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSAxY3w
16pNkz+hUPbgiYTpChL4HjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWMxYTEwY2MtNWRjOS00NGJjLWE0ZDItOTM5NmJkOWJjOTU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Hag
ADANBgkqhkiG9w0BAQsFAAOCAQEACuShAXenOBBnKoIYt71kP4AKAaMvU12KWg1c
0Ds/XvqcDglCuujjM+zxQaYLa4bWrdR+89Rl8z8G1Z3lFWMyjhJSnCdWYzVjw/dC
s7+4V2Vw2c1KNZVc4fAom+21dfOBbAz0mwTFu+0H/RW0XqLBhGEmUCX1bBIukskk
F/guec4r6apzRvEspbYyltcOo4N7SD8bf/jnCfHYfGpdkD2StxuKjzkipMiv3zhA
rCDm2ED8IZGhbzNYdTRvomyLqrv3pEA5wAcM0PC73GRCRd782tQg0ojpyTXtJ2JY
ohXgnjzVPoiJW3J93LZuoMqeV99Wzr58IBCNpjFdhvwHrMtJJA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:24 2025 by rpki-client