Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ac7d1653-2fa3-4817-8e00-87e6c3f2a9c2.roa
File: ac7d1653-2fa3-4817-8e00-87e6c3f2a9c2.roa (raw, json)
Hash identifier: cIhI1cnbmvUwVJ7tB9GirW1uRXA5lbpG8YYSdGNEuHo=
Subject key identifier: DF:E2:16:49:D8:2D:D2:9C:B7:B5:D4:FE:89:40:7A:A3:B8:E8:6D:81
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6C3064756B7B7DCD6F3A5CE0C02690D984438413
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ac7d1653-2fa3-4817-8e00-87e6c3f2a9c2.roa
Signing time: Wed 16 Apr 2025 19:22:29 +0000
ROA not before: Wed 16 Apr 2025 19:22:29 +0000
ROA not after: Wed 21 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:30:64:75:6b:7b:7d:cd:6f:3a:5c:e0:c0:26:90:d9:84:43:84:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 16 19:22:29 2025 GMT
Not After : May 21 23:59:59 2025 GMT
Subject: serialNumber=ed2aec61460048e6d830617833095ac42971d17a8212926f7949e4365b785606, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:00:f4:9f:3c:68:fb:14:a9:65:1e:8b:f6:1b:
c5:ea:90:69:69:eb:69:18:3c:6e:29:83:b4:b2:c5:
17:64:69:70:08:65:1e:98:50:61:95:6e:82:63:06:
5e:bd:09:58:20:58:c2:71:a6:3c:7f:6f:b8:82:c4:
9c:37:f8:38:c6:56:57:63:10:14:48:cc:8d:32:ed:
c4:59:0d:62:01:63:76:c0:36:ea:9c:68:17:9b:01:
78:bb:b1:1e:7e:3a:29:24:ba:0e:df:c5:a4:a0:8c:
a8:3b:6c:af:d6:75:5e:8f:34:3a:60:79:a1:10:16:
07:27:dd:42:54:01:51:cb:bf:99:91:2b:08:6f:34:
aa:d1:4e:b5:26:cc:db:e5:7f:5b:bb:0b:1c:8b:1f:
8c:af:20:10:5b:a5:b2:b7:93:c2:9a:d8:da:76:6b:
48:8c:ff:3f:36:57:9b:be:71:4e:0a:e9:4d:58:29:
56:7b:73:8b:ac:bc:99:30:8a:40:ad:1f:1b:be:1f:
cb:20:26:60:37:27:b1:12:4f:d3:47:84:66:03:a8:
44:2b:d0:70:80:25:9c:fe:69:29:c7:ad:00:23:34:
27:45:f4:ea:3d:a7:e4:6c:c3:16:82:6b:f6:e8:b3:
6a:8c:41:7a:69:75:dc:f7:07:f7:03:95:ad:07:6a:
91:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:E2:16:49:D8:2D:D2:9C:B7:B5:D4:FE:89:40:7A:A3:B8:E8:6D:81
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ac7d1653-2fa3-4817-8e00-87e6c3f2a9c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:8000::/40
Signature Algorithm: sha256WithRSAEncryption
25:4f:4b:7a:0c:2b:f7:10:a1:68:d2:4c:f8:d2:4b:00:7c:08:
4f:38:48:35:3e:e7:24:e3:18:2c:65:2d:b8:21:7b:13:c2:8d:
e6:b2:27:28:14:c0:a0:d4:7e:b8:f7:62:a1:79:81:c5:ea:99:
4d:42:6e:0f:fd:eb:27:d9:10:38:57:c5:55:f3:07:63:a6:fe:
28:71:7a:3f:ca:95:b2:25:df:c5:e4:02:34:e9:38:ac:00:80:
5d:bf:89:b1:09:6f:0e:bb:c5:54:cf:6b:76:da:ed:9d:79:10:
45:ee:44:03:73:b3:34:e0:1f:aa:47:36:bf:16:94:65:c5:f6:
0b:d2:df:31:48:e5:2a:11:cc:ec:ae:80:58:ee:27:5b:5b:f0:
71:67:6e:ad:53:eb:df:75:4a:51:31:89:7b:cd:b2:32:89:87:
d2:0d:6a:43:89:ca:7c:a9:42:c9:e5:1a:1f:81:a0:b9:da:95:
55:5a:93:15:58:58:61:67:c2:94:09:6c:38:7b:1b:d2:99:24:
2f:1b:ed:da:9a:fa:7f:9d:eb:7a:8c:41:20:fc:cb:7f:6e:23:
95:41:88:47:9c:f0:94:c0:f8:2c:12:96:83:9c:e0:92:f7:f1:
86:9f:61:52:b0:7e:6a:11:38:5e:04:46:87:5e:39:c4:8e:d4:
4e:33:25:0e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbDBkdWt7fc1vOlzgwCaQ2YRDhBMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTYxOTIyMjlaFw0yNTA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkMmFlYzYxNDYwMDQ4ZTZkODMwNjE3ODMzMDk1YWM0Mjk3MWQxN2E4MjEy
OTI2Zjc5NDllNDM2NWI3ODU2MDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKsA9J88aPsUqWUei/YbxeqQaWnraRg8bimDtLLFF2RpcAhlHphQYZVugmMG
Xr0JWCBYwnGmPH9vuILEnDf4OMZWV2MQFEjMjTLtxFkNYgFjdsA26pxoF5sBeLux
Hn46KSS6Dt/FpKCMqDtsr9Z1Xo80OmB5oRAWByfdQlQBUcu/mZErCG80qtFOtSbM
2+V/W7sLHIsfjK8gEFulsreTwprY2nZrSIz/PzZXm75xTgrpTVgpVntzi6y8mTCK
QK0fG74fyyAmYDcnsRJP00eEZgOoRCvQcIAlnP5pKcetACM0J0X06j2n5GzDFoJr
9uizaoxBeml13PcH9wOVrQdqkbcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTf4hZJ
2C3SnLe11P6JQHqjuOhtgTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWM3ZDE2NTMtMmZhMy00ODE3LThlMDAtODdlNmMzZjJhOWMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSA
MA0GCSqGSIb3DQEBCwUAA4IBAQAlT0t6DCv3EKFo0kz40ksAfAhPOEg1Puck4xgs
ZS24IXsTwo3msicoFMCg1H6492KheYHF6plNQm4P/esn2RA4V8VV8wdjpv4ocXo/
ypWyJd/F5AI06TisAIBdv4mxCW8Ou8VUz2t22u2deRBF7kQDc7M04B+qRza/FpRl
xfYL0t8xSOUqEczsroBY7idbW/BxZ26tU+vfdUpRMYl7zbIyiYfSDWpDicp8qULJ
5RofgaC52pVVWpMVWFhhZ8KUCWw4exvSmSQvG+3amvp/net6jEEg/Mt/biOVQYhH
nPCUwPgsEpaDnOCS9/GGn2FSsH5qETheBEaHXjnEjtROMyUO
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:22 2025 by rpki-client