Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a84526d7-5029-439b-9e16-14cd601eb5a1.roa
File: a84526d7-5029-439b-9e16-14cd601eb5a1.roa (raw, json)
Hash identifier: +FbW0rT72H0ahVcwd59hXGAbA0SfyD0mvA3CX6B8qis=
Subject key identifier: 7E:22:88:E5:94:77:17:57:90:E9:BD:4A:E0:7F:1A:BC:6C:C8:4F:0B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1763146C7292C349E804C092482CDB8F7E32B12E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a84526d7-5029-439b-9e16-14cd601eb5a1.roa
Signing time: Fri 25 Apr 2025 19:10:49 +0000
ROA not before: Fri 25 Apr 2025 19:10:49 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:63:14:6c:72:92:c3:49:e8:04:c0:92:48:2c:db:8f:7e:32:b1:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:10:49 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=e81569d820d1a4221bb65d30acdca306799ca372805c58faa0f5af524fc3b107, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:3a:79:0f:9c:7f:76:b8:67:f2:55:50:a4:46:
a0:d7:6c:65:91:cf:7a:12:fc:c2:63:0b:90:07:59:
ad:ea:64:b1:63:dd:f5:45:32:93:69:29:96:72:95:
9d:1b:cc:fb:d7:30:49:2a:20:3d:80:29:2a:19:de:
81:d1:8b:18:8e:5f:18:7e:7a:78:2c:24:c9:3f:22:
8e:64:14:8c:0e:45:72:c4:48:ca:bf:f5:cf:24:5b:
b4:ed:a6:ee:cf:01:a1:e6:c5:f6:d8:59:fe:79:67:
33:96:45:dd:ce:a2:c7:67:25:1c:63:b2:f7:44:83:
04:7e:3b:c3:64:00:90:12:c2:c2:59:1c:1a:2d:72:
e0:00:f4:d8:eb:dd:bd:3c:8b:76:54:1b:5f:9e:1a:
6f:d1:ca:0e:1d:6b:0e:61:b7:42:13:49:4d:22:71:
6f:af:41:02:bb:d4:57:8d:3b:7b:09:cf:05:93:bb:
a1:6c:bf:6f:3b:a6:32:76:bb:8f:22:16:7d:ee:18:
05:55:12:07:e1:f2:78:6a:7f:87:69:69:d1:c2:14:
41:99:59:c3:47:9a:c5:ea:71:30:b1:9f:15:d7:97:
af:65:87:60:03:d6:f0:4a:f9:b8:2a:2e:6a:dc:04:
5f:62:f0:01:21:98:fb:74:c3:47:66:44:9d:47:9e:
8f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:22:88:E5:94:77:17:57:90:E9:BD:4A:E0:7F:1A:BC:6C:C8:4F:0B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a84526d7-5029-439b-9e16-14cd601eb5a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:6080::/48
Signature Algorithm: sha256WithRSAEncryption
3a:70:a9:47:83:48:67:e4:2b:41:6a:bf:13:99:5f:ab:0a:fd:
e4:93:2c:b8:36:f7:a2:95:61:d1:a0:b5:b6:c0:fd:4c:1c:ac:
f3:1d:6b:7b:ee:fe:e1:f5:85:8f:33:b5:62:8f:a0:1e:11:88:
cc:e7:11:69:b9:e9:f2:51:6f:e0:6b:9a:ba:66:c7:8a:5b:c7:
a1:93:6a:98:f2:f0:16:93:d6:0b:9a:60:a7:f7:1b:32:45:f4:
eb:38:e9:4d:43:d9:9a:e6:5a:56:a4:c6:58:9d:60:1b:1b:ac:
3d:f1:78:96:f6:19:3a:11:db:ba:de:f0:8d:ec:15:e5:c2:6c:
cc:aa:c2:9e:85:41:4f:73:85:4e:58:70:c6:f4:15:89:b9:f6:
29:54:92:40:83:fe:cb:50:ae:ad:f9:e6:56:1f:46:71:fe:dd:
cb:b6:8a:dc:40:e5:60:39:a6:6f:32:95:98:c8:40:8e:03:84:
c2:67:35:ed:ba:a1:a8:76:49:5c:13:85:6e:a3:e7:41:57:da:
e9:94:9e:69:c0:b1:23:cc:47:12:30:65:d3:e3:91:2e:45:c8:
83:7c:f4:1f:79:34:8c:ba:75:93:3e:35:14:20:e5:b3:6b:ed:
33:53:7b:a0:33:4d:0c:73:fd:15:1d:ea:f3:81:9b:e5:3c:0a:
26:c7:f6:f9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUF2MUbHKSw0noBMCSSCzbj34ysS4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTEwNDlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGU4MTU2OWQ4MjBkMWE0MjIxYmI2NWQzMGFjZGNhMzA2Nzk5Y2EzNzI4MDVj
NThmYWEwZjVhZjUyNGZjM2IxMDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ86eQ+cf3a4Z/JVUKRGoNdsZZHPehL8wmMLkAdZrepksWPd9UUyk2kplnKV
nRvM+9cwSSogPYApKhnegdGLGI5fGH56eCwkyT8ijmQUjA5FcsRIyr/1zyRbtO2m
7s8BoebF9thZ/nlnM5ZF3c6ix2clHGOy90SDBH47w2QAkBLCwlkcGi1y4AD02Ovd
vTyLdlQbX54ab9HKDh1rDmG3QhNJTSJxb69BArvUV407ewnPBZO7oWy/bzumMna7
jyIWfe4YBVUSB+HyeGp/h2lp0cIUQZlZw0eaxepxMLGfFdeXr2WHYAPW8Er5uCou
atwEX2LwASGY+3TDR2ZEnUeej4kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR+Iojl
lHcXV5DpvUrgfxq8bMhPCzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTg0NTI2ZDctNTAyOS00MzliLTllMTYtMTRjZDYwMWViNWExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABg
gDANBgkqhkiG9w0BAQsFAAOCAQEAOnCpR4NIZ+QrQWq/E5lfqwr95JMsuDb3opVh
0aC1tsD9TBys8x1re+7+4fWFjzO1Yo+gHhGIzOcRabnp8lFv4GuaumbHilvHoZNq
mPLwFpPWC5pgp/cbMkX06zjpTUPZmuZaVqTGWJ1gGxusPfF4lvYZOhHbut7wjewV
5cJszKrCnoVBT3OFTlhwxvQVibn2KVSSQIP+y1CurfnmVh9Gcf7dy7aK3EDlYDmm
bzKVmMhAjgOEwmc17bqhqHZJXBOFbqPnQVfa6ZSeacCxI8xHEjBl0+ORLkXIg3z0
H3k0jLp1kz41FCDls2vtM1N7oDNNDHP9FR3q84Gb5TwKJsf2+Q==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:47:17 2025 by rpki-client