Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aaddf2de-fa05-4c5d-8b77-58a3d312e2a6.roa
File: aaddf2de-fa05-4c5d-8b77-58a3d312e2a6.roa (raw, json)
Hash identifier: wbAdhiFViYRhwIJw6q/piqm1Na33srANSm+iD/iuKZw=
Subject key identifier: 5A:1E:C1:4F:3B:8F:EE:5B:04:32:A2:92:07:1B:F5:8D:99:AA:E8:22
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7200E81C95198290D47894B2400E5E46E4A90D54
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aaddf2de-fa05-4c5d-8b77-58a3d312e2a6.roa
Signing time: Fri 25 Apr 2025 18:30:58 +0000
ROA not before: Fri 25 Apr 2025 18:30:58 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:a080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:00:e8:1c:95:19:82:90:d4:78:94:b2:40:0e:5e:46:e4:a9:0d:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:30:58 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=2585c0152979676ebd81611e3a6e852464f8c69052cf29a063d3b4910f76e0cf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:99:34:d6:34:1a:0e:c6:5b:f9:54:cd:fa:82:
f0:04:e3:44:c6:c9:a0:51:43:01:33:86:de:24:85:
8c:15:b9:ce:9c:82:d8:c6:54:c2:27:29:32:ae:2d:
44:72:9a:e6:4c:32:62:3f:76:75:bc:3b:9f:34:b7:
5b:a6:4d:bb:b1:73:e4:83:c8:5e:96:ef:b8:eb:01:
97:2c:d5:76:a0:31:a6:b6:6a:37:04:e8:6d:ab:74:
d8:ea:60:ee:47:ba:24:14:69:43:94:78:23:be:e1:
ee:71:8f:c1:44:5a:4d:92:a7:41:94:1c:1e:74:c8:
b0:b3:64:b0:fa:66:ca:12:db:c1:ae:e6:4f:ba:5f:
48:1e:5f:52:f0:d1:8b:97:65:47:23:20:16:7c:f6:
39:cd:1f:16:a3:52:59:17:01:34:25:f2:fe:c9:3d:
ed:b9:df:c3:52:1b:63:67:7a:bc:f5:52:be:54:6c:
2f:27:5d:d6:b1:86:11:39:05:e0:93:60:f4:70:98:
05:e2:48:3b:3f:79:58:14:25:ca:2b:30:6c:e2:61:
8a:2e:c7:80:9f:04:fc:00:99:e6:e1:3f:01:01:95:
91:49:5b:73:42:02:87:83:eb:69:52:88:1f:2e:53:
3c:99:91:c6:95:3f:78:a0:83:3a:a8:40:5b:91:81:
90:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:1E:C1:4F:3B:8F:EE:5B:04:32:A2:92:07:1B:F5:8D:99:AA:E8:22
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aaddf2de-fa05-4c5d-8b77-58a3d312e2a6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:a080::/48
Signature Algorithm: sha256WithRSAEncryption
84:90:71:85:19:ca:87:ab:32:0d:26:23:4a:26:e3:20:01:50:
3f:e7:b8:48:f9:aa:53:80:08:81:a0:e7:48:76:1a:a5:89:b9:
c2:17:f0:d0:20:3c:b9:14:2f:70:2e:f6:d7:92:2d:13:03:ff:
e7:27:ea:e5:1a:a8:f7:78:0f:76:c8:b0:85:73:d2:0f:27:ab:
2e:51:cc:f5:85:2c:fb:59:2e:7b:30:f3:73:4c:07:98:87:4d:
a8:50:cf:37:2d:6d:bc:77:c4:c7:18:a9:8c:ee:71:d8:d1:dd:
8f:46:2e:78:66:a2:84:8a:21:db:a1:0b:29:8e:f6:d6:c1:65:
f5:0b:22:c9:09:04:ea:17:f0:5e:12:fd:bf:6d:80:c1:c9:60:
6d:70:e0:8e:6f:e0:eb:ba:93:59:0a:49:07:6b:b1:7a:fa:f6:
c4:91:df:1c:d9:37:f9:b9:77:a8:b1:60:0e:74:a2:97:60:d8:
3b:f4:cf:e8:c7:71:19:cc:83:7b:38:d1:84:42:c2:69:9a:df:
90:ba:87:53:df:63:a0:94:fe:8b:54:d4:e1:8f:e8:64:5f:b1:
bb:b0:a6:21:04:05:0f:e7:95:45:7b:fc:65:ae:4b:d9:22:17:
95:ab:ab:aa:f5:1d:25:b4:27:61:07:02:e3:d0:75:00:83:1b:
09:6c:f4:35
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcgDoHJUZgpDUeJSyQA5eRuSpDVQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODMwNThaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1ODVjMDE1Mjk3OTY3NmViZDgxNjExZTNhNmU4NTI0NjRmOGM2OTA1MmNm
MjlhMDYzZDNiNDkxMGY3NmUwY2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANGZNNY0Gg7GW/lUzfqC8ATjRMbJoFFDATOG3iSFjBW5zpyC2MZUwicpMq4t
RHKa5kwyYj92dbw7nzS3W6ZNu7Fz5IPIXpbvuOsBlyzVdqAxprZqNwTobat02Opg
7ke6JBRpQ5R4I77h7nGPwURaTZKnQZQcHnTIsLNksPpmyhLbwa7mT7pfSB5fUvDR
i5dlRyMgFnz2Oc0fFqNSWRcBNCXy/sk97bnfw1IbY2d6vPVSvlRsLydd1rGGETkF
4JNg9HCYBeJIOz95WBQlyiswbOJhii7HgJ8E/ACZ5uE/AQGVkUlbc0ICh4PraVKI
Hy5TPJmRxpU/eKCDOqhAW5GBkBUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRaHsFP
O4/uWwQyopIHG/WNmaroIjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWFkZGYyZGUtZmEwNS00YzVkLThiNzctNThhM2QzMTJlMmE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACg
gDANBgkqhkiG9w0BAQsFAAOCAQEAhJBxhRnKh6syDSYjSibjIAFQP+e4SPmqU4AI
gaDnSHYapYm5whfw0CA8uRQvcC7215ItEwP/5yfq5Rqo93gPdsiwhXPSDyerLlHM
9YUs+1kuezDzc0wHmIdNqFDPNy1tvHfExxipjO5x2NHdj0YueGaihIoh26ELKY72
1sFl9QsiyQkE6hfwXhL9v22AwclgbXDgjm/g67qTWQpJB2uxevr2xJHfHNk3+bl3
qLFgDnSil2DYO/TP6MdxGcyDezjRhELCaZrfkLqHU99joJT+i1TU4Y/oZF+xu7Cm
IQQFD+eVRXv8Za5L2SIXlaurqvUdJbQnYQcC49B1AIMbCWz0NQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:22 2025 by rpki-client