Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6c61029-f559-411c-89fd-a1970cac6bc1.roa
File: a6c61029-f559-411c-89fd-a1970cac6bc1.roa (raw, json)
Hash identifier: HI75B5kiBcyqNILML0XOrQEbyKUZtJbb+AkbjEuZGFI=
Subject key identifier: 51:83:3E:19:BA:BD:EB:23:43:D1:06:81:72:8E:8B:30:5C:82:C5:72
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7C9C61D97BC40091301E2E9846B1C1D737ECA899
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6c61029-f559-411c-89fd-a1970cac6bc1.roa
Signing time: Fri 25 Apr 2025 20:01:36 +0000
ROA not before: Fri 25 Apr 2025 20:01:36 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:9c:61:d9:7b:c4:00:91:30:1e:2e:98:46:b1:c1:d7:37:ec:a8:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:01:36 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=f0c7dfd9ede5c8da941950c72355bee4d6bb8dddd08368100621c4ac31eaed63, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:8b:f9:c8:bf:8d:04:0d:6f:dc:c8:ca:ce:a9:
4e:46:d2:b9:3e:80:dd:90:3f:de:e0:e1:db:3c:9b:
87:a6:c8:52:e4:bf:67:07:54:57:ca:27:18:eb:85:
26:67:dc:65:d5:37:70:83:c9:98:9b:81:7b:47:5c:
10:74:22:8d:34:89:76:f2:7b:c8:61:a5:e2:45:8a:
d2:f4:10:ab:70:43:8a:3e:51:75:67:91:e9:c2:27:
6e:99:62:73:0e:5e:e4:04:8c:bd:8c:1f:16:b0:8a:
ef:dd:4b:aa:e8:29:a8:ed:76:9c:21:22:9a:2e:a1:
5d:8e:af:e8:f8:e7:a2:04:ae:c4:73:26:c5:ba:cd:
b4:70:6b:dd:91:ef:fb:1b:48:83:d3:1b:27:b8:b2:
8d:c4:5e:07:f7:97:73:83:79:95:54:09:b8:be:6f:
3f:e6:5f:9a:43:05:55:1e:b1:c7:69:4a:2f:66:23:
7e:83:e8:4e:db:7c:2f:f5:ff:68:e2:be:ab:9a:96:
85:83:77:45:17:91:1f:d2:1b:e7:7b:6f:78:53:6a:
9b:b9:45:0b:c8:5c:0d:ee:69:54:c1:4e:7d:e9:d6:
89:f1:56:a7:97:f1:46:d1:15:54:c0:30:49:f9:b5:
65:d2:ac:91:8f:80:d3:47:57:9b:8d:79:9d:fe:09:
92:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:83:3E:19:BA:BD:EB:23:43:D1:06:81:72:8E:8B:30:5C:82:C5:72
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6c61029-f559-411c-89fd-a1970cac6bc1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:9000::/40
Signature Algorithm: sha256WithRSAEncryption
72:09:0e:96:7b:fd:8e:02:74:29:51:d5:3a:16:b7:50:4b:dd:
ec:a0:ba:9a:8e:e6:54:fa:64:ba:18:e7:bc:11:6c:1f:e0:ca:
ab:66:08:fe:ba:64:1c:47:e3:17:40:b2:31:5c:23:fd:5d:86:
3a:11:33:86:d9:c7:0f:d3:94:c1:bf:1f:47:c3:3c:ae:d8:b4:
d7:a1:e3:11:2c:4b:a1:fa:36:ca:51:3a:da:6b:50:b9:1a:b5:
ae:dd:65:eb:da:36:f1:4d:e4:9f:8a:69:05:3a:63:35:62:d1:
5d:7a:84:99:b6:56:50:3d:e9:f2:3b:31:e5:6f:77:28:98:3d:
42:2e:b7:cd:31:a0:80:c4:d9:c1:9a:60:44:ba:8d:3c:db:b5:
37:d8:6f:e3:0d:e2:77:ac:f3:35:c5:6b:a2:d9:fa:bb:d8:38:
96:e8:f2:4c:f0:35:79:68:95:a6:be:b2:7a:5d:3b:4a:6d:76:
5f:0f:bb:39:d2:64:d1:1a:09:be:73:a5:bf:51:c4:87:81:46:
ee:35:f0:3d:38:dc:a8:37:38:db:00:9b:bf:e7:06:de:59:b6:
dc:c1:58:0f:fe:99:04:6b:a6:6a:03:a1:2a:48:7e:b6:c5:14:
3f:58:9d:42:57:46:1c:fc:2c:0d:5e:ed:6e:ad:cc:02:ba:03:
3e:e6:45:dd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfJxh2XvEAJEwHi6YRrHB1zfsqJkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDAxMzZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGYwYzdkZmQ5ZWRlNWM4ZGE5NDE5NTBjNzIzNTViZWU0ZDZiYjhkZGRkMDgz
NjgxMDA2MjFjNGFjMzFlYWVkNjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANaL+ci/jQQNb9zIys6pTkbSuT6A3ZA/3uDh2zybh6bIUuS/ZwdUV8onGOuF
JmfcZdU3cIPJmJuBe0dcEHQijTSJdvJ7yGGl4kWK0vQQq3BDij5RdWeR6cInbpli
cw5e5ASMvYwfFrCK791LqugpqO12nCEimi6hXY6v6PjnogSuxHMmxbrNtHBr3ZHv
+xtIg9MbJ7iyjcReB/eXc4N5lVQJuL5vP+ZfmkMFVR6xx2lKL2YjfoPoTtt8L/X/
aOK+q5qWhYN3RReRH9Ib53tveFNqm7lFC8hcDe5pVMFOfenWifFWp5fxRtEVVMAw
Sfm1ZdKskY+A00dXm415nf4JklMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRRgz4Z
ur3rI0PRBoFyjoswXILFcjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTZjNjEwMjktZjU1OS00MTFjLTg5ZmQtYTE5NzBjYWM2YmMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DaQ
MA0GCSqGSIb3DQEBCwUAA4IBAQByCQ6We/2OAnQpUdU6FrdQS93soLqajuZU+mS6
GOe8EWwf4MqrZgj+umQcR+MXQLIxXCP9XYY6ETOG2ccP05TBvx9Hwzyu2LTXoeMR
LEuh+jbKUTraa1C5GrWu3WXr2jbxTeSfimkFOmM1YtFdeoSZtlZQPenyOzHlb3co
mD1CLrfNMaCAxNnBmmBEuo0827U32G/jDeJ3rPM1xWui2fq72DiW6PJM8DV5aJWm
vrJ6XTtKbXZfD7s50mTRGgm+c6W/UcSHgUbuNfA9ONyoNzjbAJu/5wbeWbbcwVgP
/pkEa6ZqA6EqSH62xRQ/WJ1CV0Yc/CwNXu1urcwCugM+5kXd
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:19 2025 by rpki-client