Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6ca14a4-0087-442a-b673-75cc23375cdf.roa
File: a6ca14a4-0087-442a-b673-75cc23375cdf.roa (raw, json)
Hash identifier: 02jSLGN2XSqlpke39kRMGz6diZBIJ/Cr26loSMHHvos=
Subject key identifier: FF:4F:99:14:9B:A9:7E:77:CF:49:05:6D:83:6A:17:40:31:A9:72:16
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7A2A71B64EDEE366A04DB6718879944307632A0E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6ca14a4-0087-442a-b673-75cc23375cdf.roa
Signing time: Fri 25 Apr 2025 19:21:03 +0000
ROA not before: Fri 25 Apr 2025 19:21:03 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:9080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:2a:71:b6:4e:de:e3:66:a0:4d:b6:71:88:79:94:43:07:63:2a:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:21:03 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=15b044465cf553b414fd7bea4737af0db4b8dd3417fbb533eed45fec34db790d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:51:0f:1e:81:cf:6c:95:9a:75:bf:59:41:1e:
56:79:9e:04:5e:a2:9d:76:46:d2:e2:20:ce:72:36:
a3:3d:28:fe:4b:9c:b5:63:1f:d5:f8:83:8e:e4:0e:
99:d0:3e:a0:15:f3:15:8e:5f:7b:5a:4e:de:d3:46:
c6:25:12:b6:b8:24:8b:b9:e7:d5:57:f1:12:09:bc:
0a:cc:cb:df:43:e9:bf:56:f8:cc:ea:70:f2:f2:2f:
fb:51:32:58:be:b6:1e:93:c3:a5:a1:84:ee:6f:c8:
ec:19:f9:8e:48:b2:f9:3f:72:b5:9b:3c:2b:1c:5f:
be:a1:17:18:5b:8f:ac:0c:75:e7:f8:ae:ab:9c:a5:
98:ca:93:6e:ab:ae:bf:81:6a:18:e2:63:fa:3a:72:
6b:4b:a4:92:c6:28:ab:54:33:b7:fc:cd:59:44:c3:
42:fb:fc:7a:fe:db:d4:f6:aa:1b:08:2c:8a:11:2f:
de:32:2a:9f:9c:d3:a1:5e:7c:0e:9f:e3:09:8e:03:
e6:2e:1a:c8:21:31:de:43:5d:67:6f:c3:94:7c:ff:
d3:e0:a8:8c:bb:41:03:f8:13:40:8b:8b:97:c8:22:
2e:6f:32:9e:b9:95:11:9e:cc:5b:47:6f:5e:de:56:
8a:56:6d:1b:00:cf:81:0e:f1:67:cf:99:8e:b6:5c:
cd:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:4F:99:14:9B:A9:7E:77:CF:49:05:6D:83:6A:17:40:31:A9:72:16
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6ca14a4-0087-442a-b673-75cc23375cdf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:9080::/46
Signature Algorithm: sha256WithRSAEncryption
28:7c:44:99:99:9a:e5:b0:38:d6:a3:7f:2d:59:88:4c:fa:1c:
de:27:df:aa:45:85:eb:8c:b4:44:e6:19:f1:d2:94:b9:4a:e9:
b0:f2:fc:77:5e:e6:34:b8:ca:05:cd:04:ba:31:37:1d:eb:4c:
f5:65:d9:c4:00:3a:d9:59:ce:72:e0:d0:83:42:fd:48:b5:68:
5d:b6:de:f4:a9:a5:64:ea:cb:0e:70:67:42:5c:a6:61:1c:2e:
a6:a9:39:1a:d7:bf:7f:8b:37:7d:ce:a4:aa:c5:d6:f5:eb:f7:
9a:0d:b2:2f:ee:f1:f0:da:25:c6:7c:1a:dc:e9:02:f9:14:4a:
44:80:7e:4c:45:61:92:11:4b:5e:37:a0:62:c8:a0:e9:9f:43:
15:4b:46:48:43:ae:44:06:f1:e7:39:96:f7:21:4d:a8:b7:c2:
d2:17:b0:55:6b:a4:b4:e3:ad:48:1b:08:c1:50:b7:3a:bb:aa:
a8:5d:87:10:a3:24:5a:fa:7a:c6:ca:ad:06:4d:07:49:f8:25:
9e:bf:85:d6:cc:dc:9c:7b:72:a7:98:c0:16:7b:97:25:01:18:
e9:d8:df:56:86:6a:c7:8f:51:9c:4b:03:9f:64:b5:f3:3e:3c:
15:a9:a8:08:4a:47:64:ea:04:3d:7e:6e:e0:b4:fa:fe:f5:9b:
3e:dd:2a:7c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeipxtk7e42agTbZxiHmUQwdjKg4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTIxMDNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1YjA0NDQ2NWNmNTUzYjQxNGZkN2JlYTQ3MzdhZjBkYjRiOGRkMzQxN2Zi
YjUzM2VlZDQ1ZmVjMzRkYjc5MGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALRRDx6Bz2yVmnW/WUEeVnmeBF6inXZG0uIgznI2oz0o/kuctWMf1fiDjuQO
mdA+oBXzFY5fe1pO3tNGxiUStrgki7nn1VfxEgm8CszL30Ppv1b4zOpw8vIv+1Ey
WL62HpPDpaGE7m/I7Bn5jkiy+T9ytZs8KxxfvqEXGFuPrAx15/iuq5ylmMqTbquu
v4FqGOJj+jpya0ukksYoq1Qzt/zNWUTDQvv8ev7b1PaqGwgsihEv3jIqn5zToV58
Dp/jCY4D5i4ayCEx3kNdZ2/DlHz/0+CojLtBA/gTQIuLl8giLm8ynrmVEZ7MW0dv
Xt5WilZtGwDPgQ7xZ8+ZjrZczWECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT/T5kU
m6l+d89JBW2DahdAMalyFjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTZjYTE0YTQtMDA4Ny00NDJhLWI2NzMtNzVjYzIzMzc1Y2RmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HeQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAKHxEmZma5bA41qN/LVmITPoc3iffqkWF64y0
ROYZ8dKUuUrpsPL8d17mNLjKBc0EujE3HetM9WXZxAA62VnOcuDQg0L9SLVoXbbe
9KmlZOrLDnBnQlymYRwupqk5Gte/f4s3fc6kqsXW9ev3mg2yL+7x8Nolxnwa3OkC
+RRKRIB+TEVhkhFLXjegYsig6Z9DFUtGSEOuRAbx5zmW9yFNqLfC0hewVWuktOOt
SBsIwVC3OruqqF2HEKMkWvp6xsqtBk0HSfglnr+F1szcnHtyp5jAFnuXJQEY6djf
VoZqx49RnEsDn2S18z48FamoCEpHZOoEPX5u4LT6/vWbPt0qfA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:36:26 2025 by rpki-client