Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa
File: 9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa (raw, json)
Hash identifier: ZQn2ixGgGwdsAVTvR/TwL0URSG4mm9+bwFcq/Ysv5GU=
Subject key identifier: 5F:8F:4D:8F:6A:51:50:25:F8:71:57:A2:AE:E0:32:18:4C:6A:A4:10
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 72BEB525ACC1C0984D6286F790B62C8D8EF43FE3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa
Signing time: Fri 25 Apr 2025 19:01:34 +0000
ROA not before: Fri 25 Apr 2025 19:01:34 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:be:b5:25:ac:c1:c0:98:4d:62:86:f7:90:b6:2c:8d:8e:f4:3f:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:01:34 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=b2e8bf053669a21fb6121289c801857cf11180501fa0fc9c02a5bdf8ae0a1a98, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:57:e9:90:43:fa:8c:de:37:d1:3a:0c:1c:6e:
43:34:df:95:de:22:72:c6:44:13:c6:4e:da:48:30:
27:cd:2b:ce:7c:3f:f4:90:58:ec:6c:33:a0:1f:e7:
67:97:07:f1:fa:44:7d:8e:9a:68:47:8b:33:92:c1:
e7:97:e0:83:a4:a7:c5:8e:f9:39:c8:d1:db:85:1e:
23:9b:28:ac:aa:e9:6a:66:7e:cc:40:e6:43:65:0f:
b5:a6:dc:27:10:a0:41:3a:8c:f1:bd:c4:28:8e:15:
78:5a:39:79:3d:9a:30:65:fe:84:b5:4e:d0:f2:ce:
83:76:bb:8e:1d:90:cb:34:3b:7a:ce:f0:80:da:d2:
60:b1:cf:74:7a:d4:14:ee:79:b6:b3:06:d7:0d:a1:
b2:3e:fa:a1:f3:d4:da:5c:90:38:f4:95:d5:98:6c:
8f:ad:28:8a:4b:98:30:8c:07:e7:c3:01:ed:cd:e9:
17:9e:eb:e0:d4:18:85:b3:9e:2b:d2:32:1e:ed:2e:
10:7c:f2:ba:a7:54:de:42:68:03:36:aa:85:91:17:
79:62:3e:bb:47:9d:41:42:d7:73:4e:ec:bc:09:66:
fb:0c:83:bd:d2:41:4f:a1:55:1a:bd:40:20:46:9a:
8f:ef:22:a0:98:e0:a3:05:35:5e:b2:84:f3:6c:c2:
e8:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:8F:4D:8F:6A:51:50:25:F8:71:57:A2:AE:E0:32:18:4C:6A:A4:10
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:a000::/40
Signature Algorithm: sha256WithRSAEncryption
ba:30:01:df:17:da:09:72:34:00:d6:21:a4:ac:63:ec:dd:11:
4f:8a:62:2c:90:49:b7:98:1d:52:d2:4c:61:d8:97:c0:27:72:
32:f2:9c:a1:20:a4:0a:73:6f:c7:53:6d:65:3a:f3:cd:c8:e1:
b6:57:2d:2b:b7:52:9b:b3:8b:9a:fc:76:79:ae:06:10:14:63:
45:3d:49:59:44:06:4c:69:ae:e5:23:18:19:89:b4:6f:cc:2e:
01:84:7d:5c:eb:8d:2b:9d:f9:6c:d9:87:d3:5c:d8:d6:83:d9:
be:0a:73:5b:13:5a:32:a8:13:18:f1:8f:56:2e:cc:25:2c:f8:
8b:39:aa:bf:9d:bf:c3:f2:52:c0:da:4a:25:e6:c8:eb:a0:73:
56:d6:23:99:8a:da:ac:61:32:f7:af:43:c4:13:62:fb:cf:99:
44:1f:c5:c0:9d:4d:65:dc:d8:0e:71:ee:8f:62:5a:dd:25:c8:
ae:b4:54:4b:70:dd:4a:6c:9a:5e:6d:72:bb:90:4e:71:d6:62:
57:fe:0f:cb:96:28:48:3d:5c:6e:2c:85:03:da:bb:f2:44:6c:
ba:c7:c3:b7:19:fd:9c:6b:68:2e:f5:b9:54:13:69:d4:1a:79:
78:8a:a2:0d:2c:ad:5e:b4:7a:95:ab:f4:77:82:40:27:a9:62:
e3:99:d0:10
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcr61JazBwJhNYob3kLYsjY70P+MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTAxMzRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGIyZThiZjA1MzY2OWEyMWZiNjEyMTI4OWM4MDE4NTdjZjExMTgwNTAxZmEw
ZmM5YzAyYTViZGY4YWUwYTFhOTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALpX6ZBD+ozeN9E6DBxuQzTfld4icsZEE8ZO2kgwJ80rznw/9JBY7GwzoB/n
Z5cH8fpEfY6aaEeLM5LB55fgg6SnxY75OcjR24UeI5sorKrpamZ+zEDmQ2UPtabc
JxCgQTqM8b3EKI4VeFo5eT2aMGX+hLVO0PLOg3a7jh2QyzQ7es7wgNrSYLHPdHrU
FO55trMG1w2hsj76ofPU2lyQOPSV1Zhsj60oikuYMIwH58MB7c3pF57r4NQYhbOe
K9IyHu0uEHzyuqdU3kJoAzaqhZEXeWI+u0edQULXc07svAlm+wyDvdJBT6FVGr1A
IEaaj+8ioJjgowU1XrKE82zC6B8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRfj02P
alFQJfhxV6Ku4DIYTGqkEDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWZkOTg3ZmEtMzBlOC00MGJjLTg5YzItZDg5NzA1ZDVmYjgzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ACg
MA0GCSqGSIb3DQEBCwUAA4IBAQC6MAHfF9oJcjQA1iGkrGPs3RFPimIskEm3mB1S
0kxh2JfAJ3Iy8pyhIKQKc2/HU21lOvPNyOG2Vy0rt1Kbs4ua/HZ5rgYQFGNFPUlZ
RAZMaa7lIxgZibRvzC4BhH1c640rnfls2YfTXNjWg9m+CnNbE1oyqBMY8Y9WLswl
LPiLOaq/nb/D8lLA2kol5sjroHNW1iOZitqsYTL3r0PEE2L7z5lEH8XAnU1l3NgO
ce6PYlrdJciutFRLcN1KbJpebXK7kE5x1mJX/g/LlihIPVxuLIUD2rvyRGy6x8O3
Gf2ca2gu9blUE2nUGnl4iqINLK1etHqVq/R3gkAnqWLjmdAQ
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:04 2025 by rpki-client