Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab7811c0-f548-43b8-897d-fac68de3433a.roa
File: ab7811c0-f548-43b8-897d-fac68de3433a.roa (raw, json)
Hash identifier: spAPqxHeyn3FyXHOeFtTgQSeNesSlUhamcn5m3o84BA=
Subject key identifier: BA:CF:50:9B:0C:4E:9A:D9:1B:7A:4B:A8:89:C8:EA:C4:03:C1:72:5A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 738EF46CFD48E7164EB09518D3110CB458B56559
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab7811c0-f548-43b8-897d-fac68de3433a.roa
Signing time: Fri 25 Apr 2025 20:21:17 +0000
ROA not before: Fri 25 Apr 2025 20:21:17 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01c::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:8e:f4:6c:fd:48:e7:16:4e:b0:95:18:d3:11:0c:b4:58:b5:65:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:21:17 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=11410645de092765491cc0c0f1dac7b553a5188ef27af2cc545a02c41a2ee48f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:8a:15:92:38:2b:97:4f:5f:aa:6e:bd:19:06:
8e:31:39:d7:f2:fa:6d:09:e7:80:fb:b3:fd:2f:4f:
80:0c:e3:cc:20:02:1d:06:21:81:c2:f4:b4:6a:7b:
dc:54:e5:d8:9a:35:99:13:09:02:1f:d0:73:b7:d9:
50:f3:a1:ce:a4:fe:2c:55:eb:f8:02:a0:c3:ee:42:
03:5b:c3:b0:db:22:f3:e9:77:16:ac:87:1b:9d:4a:
90:36:57:21:d3:81:59:14:32:b2:bd:53:ad:05:be:
99:68:59:86:8e:6f:5e:06:24:8b:63:e1:78:71:fa:
32:cd:03:cb:f6:87:03:42:ed:20:a5:6e:d7:38:cf:
d6:53:60:59:2e:35:7e:64:74:2e:19:6a:8d:be:46:
95:77:bc:c8:54:33:87:23:7e:6c:b9:dd:ec:aa:e6:
42:5b:24:4b:ea:1b:5c:a8:9a:8c:7c:07:8e:ea:ee:
f2:da:e3:06:84:5c:d4:34:3f:89:21:b1:50:2d:91:
43:ad:2e:7c:e1:ea:ac:87:7e:b5:71:66:af:23:c8:
65:79:68:3d:4b:a1:20:d1:de:f8:33:66:7c:c8:d3:
ca:92:13:b1:c7:fa:69:02:9c:6b:fd:c7:89:16:5a:
48:d0:5a:b8:01:d6:0a:00:4e:93:76:05:e1:10:87:
22:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:CF:50:9B:0C:4E:9A:D9:1B:7A:4B:A8:89:C8:EA:C4:03:C1:72:5A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab7811c0-f548-43b8-897d-fac68de3433a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01c::/36
Signature Algorithm: sha256WithRSAEncryption
43:53:9d:93:58:13:08:92:5b:e6:62:45:a1:d9:84:d2:53:9d:
85:cf:03:d7:62:8b:ce:1d:fc:6d:d0:3b:9a:9e:f1:9f:11:90:
7a:50:6c:85:96:bc:5a:d8:f6:bc:fb:64:95:61:69:64:73:27:
00:65:18:1d:4b:08:c1:b0:54:a5:03:1f:94:8d:af:3d:f6:23:
03:d3:6e:df:3d:65:b1:bd:1e:82:30:5c:c5:e3:36:fa:eb:2e:
d1:e2:84:72:9e:de:d9:6d:28:54:9e:82:ab:1d:c7:e9:28:13:
3b:fe:99:2a:d8:2a:b0:2e:3a:fd:98:db:04:e3:84:9e:f7:63:
6d:16:5c:1b:54:48:45:73:97:11:2d:cc:60:70:ad:85:5c:82:
c7:e7:e8:56:c2:90:9a:7c:a9:e6:ff:70:09:26:1f:98:7f:ea:
93:fe:ea:54:c5:ea:e9:56:aa:51:b4:1d:89:94:51:a2:83:ab:
95:2e:ca:52:82:76:a1:7f:d3:1d:65:77:3d:83:07:38:6d:08:
bf:c9:76:0f:24:bb:47:a8:b3:38:e9:1b:40:b3:b4:67:0f:80:
23:2c:53:00:a4:d8:51:73:9f:8c:f3:0a:e4:9c:10:3a:66:f8:
e8:41:a4:3a:ac:00:82:39:ef:cb:c9:a7:be:3e:f5:61:e4:44:
ef:10:81:55
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUc470bP1I5xZOsJUY0xEMtFi1ZVkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDIxMTdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDExNDEwNjQ1ZGUwOTI3NjU0OTFjYzBjMGYxZGFjN2I1NTNhNTE4OGVmMjdh
ZjJjYzU0NWEwMmM0MWEyZWU0OGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANSKFZI4K5dPX6puvRkGjjE51/L6bQnngPuz/S9PgAzjzCACHQYhgcL0tGp7
3FTl2Jo1mRMJAh/Qc7fZUPOhzqT+LFXr+AKgw+5CA1vDsNsi8+l3FqyHG51KkDZX
IdOBWRQysr1TrQW+mWhZho5vXgYki2PheHH6Ms0Dy/aHA0LtIKVu1zjP1lNgWS41
fmR0Lhlqjb5GlXe8yFQzhyN+bLnd7KrmQlskS+obXKiajHwHjuru8trjBoRc1DQ/
iSGxUC2RQ60ufOHqrId+tXFmryPIZXloPUuhINHe+DNmfMjTypITscf6aQKca/3H
iRZaSNBauAHWCgBOk3YF4RCHIikCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS6z1Cb
DE6a2Rt6S6iJyOrEA8FyWjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWI3ODExYzAtZjU0OC00M2I4LTg5N2QtZmFjNjhkZTM0MzNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BwA
MA0GCSqGSIb3DQEBCwUAA4IBAQBDU52TWBMIklvmYkWh2YTSU52FzwPXYovOHfxt
0DuanvGfEZB6UGyFlrxa2Pa8+2SVYWlkcycAZRgdSwjBsFSlAx+Uja899iMD027f
PWWxvR6CMFzF4zb66y7R4oRynt7ZbShUnoKrHcfpKBM7/pkq2CqwLjr9mNsE44Se
92NtFlwbVEhFc5cRLcxgcK2FXILH5+hWwpCafKnm/3AJJh+Yf+qT/upUxerpVqpR
tB2JlFGig6uVLspSgnahf9MdZXc9gwc4bQi/yXYPJLtHqLM46RtAs7RnD4AjLFMA
pNhRc5+M8wrknBA6ZvjoQaQ6rACCOe/Lyae+PvVh5ETvEIFV
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:06 2025 by rpki-client