Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9cdad1cc-641a-4187-9b79-fc696cb535f5.roa
File: 9cdad1cc-641a-4187-9b79-fc696cb535f5.roa (raw, json)
Hash identifier: y5krYGyuaHKrlxC1lH3sE9Lu58awW7F/YEhTn5k+odM=
Subject key identifier: CE:02:C3:9E:B4:E1:08:3B:6F:15:57:81:4B:0E:C1:9C:7E:45:6E:3D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 749436A92D54ADA0EC40CFDD7E088FE49507BABC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9cdad1cc-641a-4187-9b79-fc696cb535f5.roa
Signing time: Mon 21 Apr 2025 18:31:04 +0000
ROA not before: Mon 21 Apr 2025 18:31:04 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:94:36:a9:2d:54:ad:a0:ec:40:cf:dd:7e:08:8f:e4:95:07:ba:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 21 18:31:04 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=837cf4a39833d2a1c15c4aae126065692c91f09beaa16148829a8a5ffb06fcf7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:65:83:3b:6a:1c:28:e4:19:b7:19:16:0e:21:
e5:c0:03:26:a0:01:3c:de:87:de:aa:12:5f:2e:53:
23:1a:f7:b4:63:59:2d:49:8a:01:b2:15:74:3f:d7:
9e:91:e1:07:35:b2:88:85:6e:0c:51:a5:5c:4a:1d:
77:da:4e:95:4b:57:aa:71:ce:0f:8a:9c:1d:df:f9:
6b:1c:0b:2f:94:a7:74:7e:34:66:f5:a6:89:3c:53:
96:12:53:f1:4c:87:fd:82:6d:48:41:40:df:fc:a6:
d7:c9:59:a8:fe:c3:f5:16:aa:d3:2c:87:41:e2:ea:
b9:3a:70:d6:ba:84:49:c0:66:cd:a2:f9:bc:ea:82:
2c:11:a2:4d:df:3a:e8:55:09:5a:db:9f:5c:d2:99:
e9:fa:dc:cc:29:76:cb:1f:19:d0:d1:da:45:c8:93:
0e:d8:95:66:a0:3f:e4:c2:eb:89:09:06:07:94:8d:
2f:60:3c:47:d2:d7:35:5b:bb:33:f7:ba:c9:09:91:
73:83:4c:5b:92:cc:b9:a4:25:37:f7:1a:88:66:22:
12:3e:d0:01:dd:28:9d:a5:08:3f:29:fc:cd:5e:a9:
04:a8:d6:bd:59:c4:e9:74:1b:5a:26:d7:c8:a3:80:
25:c1:88:24:52:60:97:35:52:94:5e:09:07:36:40:
f6:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:02:C3:9E:B4:E1:08:3B:6F:15:57:81:4B:0E:C1:9C:7E:45:6E:3D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9cdad1cc-641a-4187-9b79-fc696cb535f5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:800::/40
Signature Algorithm: sha256WithRSAEncryption
79:e1:93:76:fe:1e:76:34:91:c1:e2:15:db:98:4f:0b:5e:e5:
c8:ff:66:a9:5a:b6:5a:2f:0e:0a:1e:94:cc:bd:aa:c9:c9:91:
73:6d:18:f4:92:73:bd:59:8f:1e:1d:a1:17:35:3f:c2:47:1b:
82:c4:06:3d:5c:78:34:26:1d:ef:ba:c7:c8:75:24:cb:37:60:
fb:37:b5:7d:42:a5:25:e0:b0:8e:6c:66:85:8b:c3:ad:48:a0:
89:70:6f:24:04:bf:4b:aa:4c:a5:6a:bf:4b:a6:74:75:78:97:
db:6b:cd:ba:fc:02:58:d1:06:85:3d:15:8f:08:f5:aa:70:75:
07:fa:37:d8:fd:a3:a2:d9:92:64:ec:58:f7:ad:12:01:9b:46:
ca:09:7d:83:1f:34:4a:52:eb:3b:41:41:28:6c:b7:eb:41:d6:
7c:2c:ff:23:04:e2:f7:0a:57:c0:28:18:3c:40:24:43:ce:1d:
0a:c3:3f:ad:b5:73:42:1f:c6:86:56:b3:6b:52:9e:04:c3:66:
0f:57:9f:94:46:f1:a4:e8:2c:cb:f0:76:f1:3b:78:c8:0a:80:
84:4e:93:3b:6a:c2:21:fa:84:e8:f8:ae:1e:7b:11:bb:e8:42:
3b:55:53:d4:ef:1b:c2:7c:40:5e:1e:b7:b6:bf:9f:ae:52:97:
71:90:b3:ba
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdJQ2qS1UraDsQM/dfgiP5JUHurwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjExODMxMDRaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDgzN2NmNGEzOTgzM2QyYTFjMTVjNGFhZTEyNjA2NTY5MmM5MWYwOWJlYWEx
NjE0ODgyOWE4YTVmZmIwNmZjZjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPhlgztqHCjkGbcZFg4h5cADJqABPN6H3qoSXy5TIxr3tGNZLUmKAbIVdD/X
npHhBzWyiIVuDFGlXEodd9pOlUtXqnHOD4qcHd/5axwLL5SndH40ZvWmiTxTlhJT
8UyH/YJtSEFA3/ym18lZqP7D9Raq0yyHQeLquTpw1rqEScBmzaL5vOqCLBGiTd86
6FUJWtufXNKZ6frczCl2yx8Z0NHaRciTDtiVZqA/5MLriQkGB5SNL2A8R9LXNVu7
M/e6yQmRc4NMW5LMuaQlN/caiGYiEj7QAd0onaUIPyn8zV6pBKjWvVnE6XQbWibX
yKOAJcGIJFJglzVSlF4JBzZA9kMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTOAsOe
tOEIO28VV4FLDsGcfkVuPTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWNkYWQxY2MtNjQxYS00MTg3LTliNzktZmM2OTZjYjUzNWY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H8I
MA0GCSqGSIb3DQEBCwUAA4IBAQB54ZN2/h52NJHB4hXbmE8LXuXI/2apWrZaLw4K
HpTMvarJyZFzbRj0knO9WY8eHaEXNT/CRxuCxAY9XHg0Jh3vusfIdSTLN2D7N7V9
QqUl4LCObGaFi8OtSKCJcG8kBL9Lqkylar9LpnR1eJfba826/AJY0QaFPRWPCPWq
cHUH+jfY/aOi2ZJk7Fj3rRIBm0bKCX2DHzRKUus7QUEobLfrQdZ8LP8jBOL3ClfA
KBg8QCRDzh0Kwz+ttXNCH8aGVrNrUp4Ew2YPV5+URvGk6CzL8HbxO3jICoCETpM7
asIh+oTo+K4eexG76EI7VVPU7xvCfEBeHre2v5+uUpdxkLO6
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:47:17 2025 by rpki-client