Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a96d9971-6d4e-47a3-9408-d633699b643b.roa
File: a96d9971-6d4e-47a3-9408-d633699b643b.roa (raw, json)
Hash identifier: eL0N5qLvZyBGuLixrc/d8nwdsPlRMUilvt8BlBQSJ78=
Subject key identifier: 09:E6:A2:F8:0D:92:6E:15:A1:7D:4E:FD:FB:C2:35:21:B4:A0:54:71
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 030A1537A01F2A2FFF43BAE8A80DEC45247E1C82
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a96d9971-6d4e-47a3-9408-d633699b643b.roa
Signing time: Fri 25 Apr 2025 19:40:17 +0000
ROA not before: Fri 25 Apr 2025 19:40:17 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:0a:15:37:a0:1f:2a:2f:ff:43:ba:e8:a8:0d:ec:45:24:7e:1c:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:40:17 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=f2b09df0d8b83a1ac284fb378afbcbe821705504ef9f00485415fe604669c73f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:34:f3:0c:f1:ee:38:ee:74:34:2b:2e:dd:8a:
e8:48:88:d0:31:d4:29:0c:70:07:d3:66:ac:58:e1:
a1:b2:e7:19:c9:9b:44:54:7b:d2:e2:95:58:c3:2f:
ee:24:c9:e3:ea:1e:2a:bc:7c:36:aa:0c:94:23:3f:
94:34:a1:95:f9:5a:36:84:d2:26:59:e8:ea:d2:33:
95:3c:00:68:d9:2a:1e:8a:a4:94:41:79:45:ca:42:
38:5d:67:90:d7:3d:2f:76:2d:99:a9:8a:5a:cd:77:
8b:78:fe:58:9b:89:64:4a:6e:95:b1:b9:0d:3b:0f:
58:26:4b:88:06:25:fc:96:e0:0b:1b:99:62:e8:d4:
b8:72:e3:8f:3f:08:36:6e:7e:dd:be:dc:4c:05:47:
0e:1f:27:b0:d9:f6:fd:11:cf:57:45:6e:26:1d:95:
17:a1:ea:57:e6:f2:b5:b3:a4:10:35:d0:06:c4:f4:
ca:55:14:b9:de:56:bb:77:a8:fc:b7:e1:46:c5:34:
63:09:f2:f3:23:8f:67:37:7f:d5:0b:c4:53:20:0c:
7d:89:39:4f:a1:97:7c:31:06:ac:25:0b:0e:79:b7:
4f:03:0c:9b:41:c0:c6:e1:a7:a0:df:82:d1:a9:e4:
58:c1:3c:81:30:25:bc:56:61:4d:7e:ac:96:db:d9:
52:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:E6:A2:F8:0D:92:6E:15:A1:7D:4E:FD:FB:C2:35:21:B4:A0:54:71
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a96d9971-6d4e-47a3-9408-d633699b643b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:2000::/40
Signature Algorithm: sha256WithRSAEncryption
6e:30:e7:ad:78:15:a2:d7:38:c9:ba:6c:49:8a:d4:82:94:68:
3d:b0:3d:34:44:81:54:a8:2d:1a:4e:dd:32:eb:a3:f3:04:8c:
58:3d:95:f4:9e:ce:ab:aa:56:70:15:e0:d3:be:cc:4e:e6:4a:
d5:ed:e2:f3:c6:ee:09:c8:44:64:b6:42:53:d9:ea:0f:ba:b7:
b5:e5:cf:e8:43:97:79:8d:a7:b9:8b:d3:5f:91:40:22:33:72:
ae:b7:30:76:a7:b9:0b:aa:e2:84:13:d6:d8:a3:50:48:42:af:
ef:34:01:67:d8:67:c6:b8:6c:63:10:b0:07:77:2c:ab:51:14:
4c:ff:f2:91:63:f0:30:2a:2d:80:0c:8b:ac:4a:99:cd:6a:0a:
37:d4:ef:49:bb:f2:e7:c4:1e:f1:9c:6c:11:5b:be:6c:66:72:
21:34:a6:09:25:97:b3:34:84:0e:db:58:fb:54:ef:a2:e4:96:
4d:f0:08:16:27:30:87:fb:94:35:7e:91:6e:e3:61:e7:5f:29:
cc:7a:73:a4:57:13:18:c0:fc:a4:36:5e:08:30:32:f4:23:8f:
a0:7d:3b:73:d9:27:89:bb:3e:17:9a:a8:2c:37:96:d2:7a:76:
60:74:0d:97:0f:33:fd:ea:a6:e8:5e:b5:29:1e:0b:71:8d:58:
34:de:6f:7a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAwoVN6AfKi//Q7roqA3sRSR+HIIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTQwMTdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyYjA5ZGYwZDhiODNhMWFjMjg0ZmIzNzhhZmJjYmU4MjE3MDU1MDRlZjlm
MDA0ODU0MTVmZTYwNDY2OWM3M2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIk08wzx7jjudDQrLt2K6EiI0DHUKQxwB9NmrFjhobLnGcmbRFR70uKVWMMv
7iTJ4+oeKrx8NqoMlCM/lDShlflaNoTSJlno6tIzlTwAaNkqHoqklEF5RcpCOF1n
kNc9L3YtmamKWs13i3j+WJuJZEpulbG5DTsPWCZLiAYl/JbgCxuZYujUuHLjjz8I
Nm5+3b7cTAVHDh8nsNn2/RHPV0VuJh2VF6HqV+bytbOkEDXQBsT0ylUUud5Wu3eo
/LfhRsU0Ywny8yOPZzd/1QvEUyAMfYk5T6GXfDEGrCULDnm3TwMMm0HAxuGnoN+C
0ankWME8gTAlvFZhTX6sltvZUh0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQJ5qL4
DZJuFaF9Tv37wjUhtKBUcTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTk2ZDk5NzEtNmQ0ZS00N2EzLTk0MDgtZDYzMzY5OWI2NDNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H4g
MA0GCSqGSIb3DQEBCwUAA4IBAQBuMOeteBWi1zjJumxJitSClGg9sD00RIFUqC0a
Tt0y66PzBIxYPZX0ns6rqlZwFeDTvsxO5krV7eLzxu4JyERktkJT2eoPure15c/o
Q5d5jae5i9NfkUAiM3KutzB2p7kLquKEE9bYo1BIQq/vNAFn2GfGuGxjELAHdyyr
URRM//KRY/AwKi2ADIusSpnNago31O9Ju/LnxB7xnGwRW75sZnIhNKYJJZezNIQO
21j7VO+i5JZN8AgWJzCH+5Q1fpFu42HnXynMenOkVxMYwPykNl4IMDL0I4+gfTtz
2SeJuz4XmqgsN5bSenZgdA2XDzP96qboXrUpHgtxjVg03m96
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:02 2025 by rpki-client