Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a25c5c84-0f08-47bb-96ab-7ab46c85a8e8.roa
File: a25c5c84-0f08-47bb-96ab-7ab46c85a8e8.roa (raw, json)
Hash identifier: wwE9U03vIO7MEJwqP3nvd7geg+HMEzaUDBKcqCyYXYs=
Subject key identifier: 71:0F:63:E4:26:29:2C:95:D9:7D:D9:3D:AF:B4:FD:D0:EB:5B:DE:17
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 16441DE6C88F02EF6489817534CC9B05C7CCC0C5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a25c5c84-0f08-47bb-96ab-7ab46c85a8e8.roa
Signing time: Fri 25 Apr 2025 19:41:18 +0000
ROA not before: Fri 25 Apr 2025 19:41:18 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:44:1d:e6:c8:8f:02:ef:64:89:81:75:34:cc:9b:05:c7:cc:c0:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:41:18 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=e235ef76d2b69908f2c31002021c05f007e5071f024584fa71efc00add0e018a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:cc:a3:f3:96:ea:b8:88:dd:3f:33:53:0c:38:
48:4b:35:62:7d:14:83:33:fe:b8:80:d9:43:09:d0:
15:89:2f:5d:d3:63:41:6a:c7:aa:8b:5d:55:a2:ce:
34:cb:b9:b8:9e:cb:98:35:75:9d:e5:a3:3a:71:87:
53:16:01:a5:de:5a:a5:89:46:9e:81:69:9b:a8:fe:
68:62:e5:98:91:37:dc:5f:08:3b:77:ee:e5:db:6e:
9b:56:ed:f5:26:69:61:34:ca:61:1a:ad:09:b3:a6:
57:b4:33:c9:c8:d2:fe:3c:78:6c:06:ad:85:9a:3b:
9f:22:26:eb:ac:8a:3a:4c:16:2a:3f:ee:3d:4f:3b:
7e:e7:12:1c:b7:e3:6d:b5:d4:2c:21:f5:3e:1e:ba:
ff:7b:5b:e7:58:8c:fd:63:aa:a1:f0:26:40:04:07:
52:c9:5e:ad:65:fa:1f:2a:dd:69:50:e2:4d:d7:df:
c5:5f:09:77:a8:aa:ce:fa:c3:0e:fb:d4:df:6e:76:
65:48:70:28:6f:34:31:7d:b9:8c:c6:60:cd:11:2f:
fd:fd:e4:e3:5f:d3:7b:18:be:1b:85:e4:e5:7c:84:
1a:52:68:ca:f3:35:75:d3:c2:6e:10:a9:e4:6a:6e:
9b:07:26:d3:88:ae:35:0b:26:23:f9:28:84:af:a5:
1e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:0F:63:E4:26:29:2C:95:D9:7D:D9:3D:AF:B4:FD:D0:EB:5B:DE:17
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a25c5c84-0f08-47bb-96ab-7ab46c85a8e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:a000::/40
Signature Algorithm: sha256WithRSAEncryption
21:fa:b1:5a:01:2b:ca:c4:bf:26:55:b8:1d:96:46:8e:e6:da:
0c:b7:cd:e9:57:ed:81:98:3f:a8:bf:cb:9a:19:a8:13:ae:51:
3c:42:48:73:a5:71:95:f4:eb:e6:df:be:ff:54:1c:86:74:28:
f0:40:ac:c0:51:db:d5:aa:ba:05:81:ef:1d:24:57:03:53:b2:
66:dc:71:bd:bd:7d:2d:ce:fb:ba:d1:1b:25:ae:5f:56:b4:23:
ac:cb:bb:56:c0:72:a7:1d:e6:bc:e7:96:94:ea:71:bb:e8:02:
2b:07:d6:50:fd:ed:48:03:00:a4:bc:72:fe:d5:67:e3:7a:e6:
21:e8:eb:7d:a4:00:c4:6b:2d:1b:eb:75:b2:9a:06:a9:50:e2:
ff:da:58:58:cb:3a:cb:80:9b:d5:e5:7c:c2:22:d6:35:69:5f:
77:1a:5f:48:dc:b5:4f:3e:23:02:6e:dc:19:8f:6d:88:b6:26:
b4:8a:0e:ca:cf:0e:09:dc:c1:34:f6:01:c9:e6:d8:9b:64:6d:
cc:72:35:4b:08:cf:8f:b8:1b:57:70:e7:66:8d:d7:96:60:ae:
02:da:43:b9:73:9c:5b:ff:77:82:ff:98:1a:4c:df:71:7d:b9:
37:d7:e0:ae:d5:e5:7e:e2:16:0d:0c:06:d7:53:a6:b3:97:a5:
53:8c:0f:9d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFkQd5siPAu9kiYF1NMybBcfMwMUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTQxMThaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyMzVlZjc2ZDJiNjk5MDhmMmMzMTAwMjAyMWMwNWYwMDdlNTA3MWYwMjQ1
ODRmYTcxZWZjMDBhZGQwZTAxOGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAObMo/OW6riI3T8zUww4SEs1Yn0UgzP+uIDZQwnQFYkvXdNjQWrHqotdVaLO
NMu5uJ7LmDV1neWjOnGHUxYBpd5apYlGnoFpm6j+aGLlmJE33F8IO3fu5dtum1bt
9SZpYTTKYRqtCbOmV7QzycjS/jx4bAathZo7nyIm66yKOkwWKj/uPU87fucSHLfj
bbXULCH1Ph66/3tb51iM/WOqofAmQAQHUslerWX6HyrdaVDiTdffxV8Jd6iqzvrD
DvvU3252ZUhwKG80MX25jMZgzREv/f3k41/Texi+G4Xk5XyEGlJoyvM1ddPCbhCp
5Gpumwcm04iuNQsmI/kohK+lHrUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRxD2Pk
Jiksldl92T2vtP3Q61veFzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTI1YzVjODQtMGYwOC00N2JiLTk2YWItN2FiNDZjODVhOGU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hug
MA0GCSqGSIb3DQEBCwUAA4IBAQAh+rFaASvKxL8mVbgdlkaO5toMt83pV+2BmD+o
v8uaGagTrlE8QkhzpXGV9Ovm377/VByGdCjwQKzAUdvVqroFge8dJFcDU7Jm3HG9
vX0tzvu60Rslrl9WtCOsy7tWwHKnHea855aU6nG76AIrB9ZQ/e1IAwCkvHL+1Wfj
euYh6Ot9pADEay0b63WymgapUOL/2lhYyzrLgJvV5XzCItY1aV93Gl9I3LVPPiMC
btwZj22Itia0ig7Kzw4J3ME09gHJ5tibZG3McjVLCM+PuBtXcOdmjdeWYK4C2kO5
c5xb/3eC/5gaTN9xfbk31+Cu1eV+4hYNDAbXU6azl6VTjA+d
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:49 2025 by rpki-client