Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/acd7954f-99ee-4af0-9763-11271381925f.roa
File: acd7954f-99ee-4af0-9763-11271381925f.roa (raw, json)
Hash identifier: Srd+oXvoZKm/2IzL+qdDXwF2Ije7gR9If6mZ/aXAbcw=
Subject key identifier: 6A:56:6A:88:D1:D8:A7:54:10:6A:79:53:1C:E2:08:72:F2:DE:2E:92
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6498ACF93D6F67FBEF09689CEAEEECAFA9A51EB1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/acd7954f-99ee-4af0-9763-11271381925f.roa
Signing time: Fri 25 Apr 2025 19:10:05 +0000
ROA not before: Fri 25 Apr 2025 19:10:05 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:5080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:98:ac:f9:3d:6f:67:fb:ef:09:68:9c:ea:ee:ec:af:a9:a5:1e:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:10:05 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=d79241f71bf6ed071a58e3ed576e5fdebda2d5f149c6dc14d0a2f0f6296e99a7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:41:de:d7:cd:0e:79:18:11:09:90:7c:f2:97:
f7:52:97:9a:f5:5c:27:99:cd:79:a5:82:b4:fa:2f:
4d:2b:8b:f4:7e:21:7c:d0:98:4c:b5:e4:24:c3:49:
63:ed:06:49:7a:2a:6b:53:17:3c:bb:49:5f:91:e0:
3c:f5:90:0f:f9:61:2c:51:f4:28:e0:21:fa:98:b3:
51:4d:03:c8:1b:bf:95:f7:0b:a6:48:37:aa:d5:f5:
05:f0:d7:27:c4:1f:62:4d:a7:8b:53:60:20:c1:14:
01:9f:2f:9c:93:36:dc:bf:e6:71:21:2d:a1:d5:a2:
df:4e:f3:6d:cd:08:4f:76:f6:c4:a8:f0:35:34:b5:
7c:b8:67:73:2e:de:f3:b4:68:c0:d9:b4:49:05:8b:
54:b8:15:e9:9c:73:5a:eb:21:5c:06:19:bb:3c:ba:
84:69:7d:b3:62:9d:18:92:3c:41:8d:00:f5:72:89:
57:67:6e:be:64:fc:f8:d0:ab:16:76:c1:72:e1:97:
18:67:fc:93:8c:53:1f:e3:f5:49:64:d9:98:f2:c7:
67:93:82:d4:a4:1c:15:8b:d7:4b:82:74:b9:15:19:
ac:0e:83:6a:ea:b2:c7:44:3a:2c:b2:1d:3a:22:4f:
76:5c:06:7f:18:5f:da:79:1e:ed:42:49:95:b2:d8:
98:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:56:6A:88:D1:D8:A7:54:10:6A:79:53:1C:E2:08:72:F2:DE:2E:92
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/acd7954f-99ee-4af0-9763-11271381925f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:5080::/46
Signature Algorithm: sha256WithRSAEncryption
62:5f:5a:8e:a6:02:48:93:2d:7f:3e:7b:fc:38:21:78:39:ad:
fd:ba:9a:d6:2d:36:cb:36:1b:23:86:32:a9:78:fc:f0:d1:05:
e7:82:bc:86:b9:58:8d:a4:7f:8f:1b:7d:f1:15:23:a8:0d:02:
2f:b0:4f:87:a4:cb:36:30:fc:ae:9c:87:47:45:63:c8:c7:f9:
99:41:8e:f0:f5:95:9d:7f:b1:f8:70:63:4d:b1:2e:c0:ca:70:
5e:84:96:fa:fc:35:75:8b:87:be:ad:0b:71:2b:a5:5e:b6:67:
bf:62:a8:8e:2a:0b:ce:9d:0c:22:a3:60:5c:04:61:91:5c:2b:
77:9f:ea:50:3e:73:50:89:80:fc:53:7d:f1:ce:6f:e0:e8:e2:
d0:ec:42:86:7c:67:ee:36:3f:ab:96:e6:dc:cc:96:2b:4a:af:
9c:17:c9:e5:7f:54:b3:ff:d3:49:f8:7d:c2:45:9c:21:41:2a:
e6:57:14:03:e0:b1:58:14:73:dd:0f:1f:b1:d1:85:11:d2:35:
ea:0b:04:18:89:4e:aa:9d:88:ff:ed:44:5b:2a:ec:32:ae:c8:
43:c2:11:a9:74:d5:ca:45:f5:25:5c:1d:72:e6:cb:1b:20:d3:
2d:13:0c:12:34:08:38:1c:2b:1d:a4:ce:11:c7:6d:19:4a:a5:
08:fa:25:d2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZJis+T1vZ/vvCWic6u7sr6mlHrEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTEwMDVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ3OTI0MWY3MWJmNmVkMDcxYTU4ZTNlZDU3NmU1ZmRlYmRhMmQ1ZjE0OWM2
ZGMxNGQwYTJmMGY2Mjk2ZTk5YTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKBB3tfNDnkYEQmQfPKX91KXmvVcJ5nNeaWCtPovTSuL9H4hfNCYTLXkJMNJ
Y+0GSXoqa1MXPLtJX5HgPPWQD/lhLFH0KOAh+pizUU0DyBu/lfcLpkg3qtX1BfDX
J8QfYk2ni1NgIMEUAZ8vnJM23L/mcSEtodWi307zbc0IT3b2xKjwNTS1fLhncy7e
87RowNm0SQWLVLgV6ZxzWushXAYZuzy6hGl9s2KdGJI8QY0A9XKJV2duvmT8+NCr
FnbBcuGXGGf8k4xTH+P1SWTZmPLHZ5OC1KQcFYvXS4J0uRUZrA6Dauqyx0Q6LLId
OiJPdlwGfxhf2nke7UJJlbLYmAsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRqVmqI
0dinVBBqeVMc4ghy8t4ukjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWNkNzk1NGYtOTllZS00YWYwLTk3NjMtMTEyNzEzODE5MjVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HtQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAYl9ajqYCSJMtfz57/DgheDmt/bqa1i02yzYb
I4YyqXj88NEF54K8hrlYjaR/jxt98RUjqA0CL7BPh6TLNjD8rpyHR0VjyMf5mUGO
8PWVnX+x+HBjTbEuwMpwXoSW+vw1dYuHvq0LcSulXrZnv2KojioLzp0MIqNgXARh
kVwrd5/qUD5zUImA/FN98c5v4Oji0OxChnxn7jY/q5bm3MyWK0qvnBfJ5X9Us//T
Sfh9wkWcIUEq5lcUA+CxWBRz3Q8fsdGFEdI16gsEGIlOqp2I/+1EWyrsMq7IQ8IR
qXTVykX1JVwdcubLGyDTLRMMEjQIOBwrHaTOEcdtGUqlCPol0g==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:47:02 2025 by rpki-client