Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7975abe-0cd8-4590-b58b-703fa5f4bdfd.roa
File: a7975abe-0cd8-4590-b58b-703fa5f4bdfd.roa (raw, json)
Hash identifier: FPsu/pxXRdsSB083rB701NN5PNXC335bg1KcaBrYBpU=
Subject key identifier: 55:75:13:21:E3:D0:6E:9C:54:1A:B1:5B:AE:E1:2D:C9:72:66:BA:AE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0CF5B69EFC8D4B0A29EB12C55B74A27D2B58340A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7975abe-0cd8-4590-b58b-703fa5f4bdfd.roa
Signing time: Tue 15 Apr 2025 15:00:02 +0000
ROA not before: Tue 15 Apr 2025 15:00:02 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:2000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:f5:b6:9e:fc:8d:4b:0a:29:eb:12:c5:5b:74:a2:7d:2b:58:34:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:00:02 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=76ac6aac0b4e68fa157bf1fc26c1dfa7ca319e3d8981bf755baa3e46c2bff2b7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:e9:32:2a:9c:f7:71:0c:57:27:a6:6b:8a:5e:
1c:65:55:86:03:53:0d:71:88:cc:04:09:90:5c:68:
c9:26:03:23:42:94:97:b0:10:ac:dc:bf:60:27:8a:
06:b4:a4:e4:27:97:b2:f6:7a:3d:48:c7:42:72:18:
bd:14:66:c1:ac:28:45:08:e1:e9:a5:3c:3a:4a:ac:
42:cc:6e:46:1c:cb:17:e3:5e:8e:21:a3:64:b9:92:
3f:2f:8f:c8:61:8d:2e:7a:20:27:2d:fa:98:37:91:
43:e0:ea:1f:c2:95:f5:e5:19:0d:72:0d:63:ac:d8:
a3:cf:f7:ee:97:07:2d:10:a9:04:3b:06:4a:42:77:
16:49:06:58:e4:6c:ff:3f:10:dd:58:05:83:8c:8f:
30:64:a7:83:8f:4b:25:67:95:84:a0:c4:28:39:4b:
ac:1c:de:5c:fc:28:a6:a8:8d:e4:4e:7d:cb:71:f9:
5b:86:0d:10:b4:1a:a2:12:57:d8:01:a5:67:57:7c:
33:93:b4:83:29:5f:f8:e6:31:1c:c0:51:7a:9a:82:
46:12:c5:e8:b2:4c:91:e8:f9:dd:77:6e:6c:6c:80:
0d:39:14:c1:77:3e:17:b4:d8:30:2a:52:b6:9d:b1:
50:c9:95:4d:df:b3:44:f2:e1:44:db:cb:6b:0c:fb:
42:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:75:13:21:E3:D0:6E:9C:54:1A:B1:5B:AE:E1:2D:C9:72:66:BA:AE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7975abe-0cd8-4590-b58b-703fa5f4bdfd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:2000::/48
Signature Algorithm: sha256WithRSAEncryption
42:6a:3c:27:b0:37:be:a8:43:99:29:f4:90:41:0d:01:6a:b0:
66:85:54:b4:2f:f9:9c:14:7b:b7:65:e8:b7:53:38:a3:db:c1:
14:11:02:c6:30:ba:a2:71:9d:3d:dc:2f:6a:33:03:40:45:48:
45:93:3e:f2:bb:29:64:6f:9f:28:b0:5f:1e:35:4f:f5:6a:50:
23:0a:65:9e:44:04:a7:18:22:e6:0a:24:4c:27:a4:27:20:dd:
30:56:b8:21:19:ae:5f:9e:39:42:7c:4e:2b:63:fa:16:57:15:
3b:71:7e:65:db:2f:df:46:e9:4e:3a:02:c0:cf:7d:4c:23:37:
23:4f:7b:89:f0:de:d2:1e:fe:50:82:34:cc:5b:bc:f5:cc:34:
92:a3:9e:bf:88:a3:8d:89:65:1f:ac:3e:d3:3b:ec:bd:fd:43:
fc:d9:c2:99:ce:d2:fa:dc:cb:ea:92:63:df:45:b5:89:7e:37:
49:11:6b:d4:b4:4c:1b:59:0b:5f:8e:eb:6e:1d:ef:02:7c:7c:
dd:59:13:77:fd:53:52:ce:01:04:f5:ed:01:0f:a3:e9:53:ad:
b7:b0:df:4e:a8:36:e4:96:d9:09:34:73:54:7f:ca:dd:e2:7e:
a9:03:0a:dc:f2:b9:cc:be:28:ce:a5:8f:a4:fe:56:04:a1:a7:
cc:e5:cb:48
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDPW2nvyNSwop6xLFW3SifStYNAowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTAwMDJaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2YWM2YWFjMGI0ZTY4ZmExNTdiZjFmYzI2YzFkZmE3Y2EzMTllM2Q4OTgx
YmY3NTViYWEzZTQ2YzJiZmYyYjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN3pMiqc93EMVyema4peHGVVhgNTDXGIzAQJkFxoySYDI0KUl7AQrNy/YCeK
BrSk5CeXsvZ6PUjHQnIYvRRmwawoRQjh6aU8OkqsQsxuRhzLF+NejiGjZLmSPy+P
yGGNLnogJy36mDeRQ+DqH8KV9eUZDXINY6zYo8/37pcHLRCpBDsGSkJ3FkkGWORs
/z8Q3VgFg4yPMGSng49LJWeVhKDEKDlLrBzeXPwopqiN5E59y3H5W4YNELQaohJX
2AGlZ1d8M5O0gylf+OYxHMBRepqCRhLF6LJMkej53XdubGyADTkUwXc+F7TYMCpS
tp2xUMmVTd+zRPLhRNvLawz7QvECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRVdRMh
49BunFQasVuu4S3Jcma6rjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTc5NzVhYmUtMGNkOC00NTkwLWI1OGItNzAzZmE1ZjRiZGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HYg
ADANBgkqhkiG9w0BAQsFAAOCAQEAQmo8J7A3vqhDmSn0kEENAWqwZoVUtC/5nBR7
t2Xot1M4o9vBFBECxjC6onGdPdwvajMDQEVIRZM+8rspZG+fKLBfHjVP9WpQIwpl
nkQEpxgi5gokTCekJyDdMFa4IRmuX545QnxOK2P6FlcVO3F+Zdsv30bpTjoCwM99
TCM3I097ifDe0h7+UII0zFu89cw0kqOev4ijjYllH6w+0zvsvf1D/NnCmc7S+tzL
6pJj30W1iX43SRFr1LRMG1kLX47rbh3vAnx83VkTd/1TUs4BBPXtAQ+j6VOtt7Df
Tqg25JbZCTRzVH/K3eJ+qQMK3PK5zL4ozqWPpP5WBKGnzOXLSA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:16 2025 by rpki-client