Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/acfdcdb7-5b43-4d3e-81fe-f8cd78411d0f.roa
File: acfdcdb7-5b43-4d3e-81fe-f8cd78411d0f.roa (raw, json)
Hash identifier: ujh3fbZlkg5y7YRpUL92TLAR9Ym0TiOs6T9EDgji4P4=
Subject key identifier: 1A:06:B2:1F:00:E9:C6:99:E6:7D:AC:3F:62:40:41:7B:C3:7D:60:2C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 594B3CC7FF30A681A523E84A43CFF357067B272F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/acfdcdb7-5b43-4d3e-81fe-f8cd78411d0f.roa
Signing time: Fri 25 Apr 2025 18:40:07 +0000
ROA not before: Fri 25 Apr 2025 18:40:07 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:6040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:4b:3c:c7:ff:30:a6:81:a5:23:e8:4a:43:cf:f3:57:06:7b:27:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:40:07 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=73ab6669cbe0dddcb7d86b15f7567c4cb4bd3497b0191cdb019ad2b0cdb5fbfd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:0a:74:8f:9e:bb:9e:13:a3:3f:85:3d:96:2f:
9c:8e:64:92:db:5c:a4:1f:36:7a:a1:93:1a:63:34:
ef:ad:fd:e6:61:f6:3c:90:ac:e4:e3:ba:d5:fc:4d:
41:d4:cc:44:14:cf:6e:be:43:41:5d:f7:68:f4:e9:
1b:2c:72:50:5e:bb:80:a1:b0:57:51:66:f9:b3:9a:
b7:69:70:05:c2:bc:dc:f8:77:60:9e:e3:f1:aa:81:
44:26:0c:e1:de:2a:94:83:1f:a4:2d:0a:d8:84:06:
39:03:50:ec:ee:88:26:ec:f2:0c:77:44:5d:62:ce:
c4:18:1e:c2:62:98:9e:95:e0:b3:46:3e:44:a4:da:
81:f0:6f:0b:13:b0:a8:4c:28:f2:68:80:6d:d1:2f:
7d:3f:3e:af:65:69:52:8f:ab:d0:df:61:d0:bf:7a:
66:2b:90:87:59:80:25:46:86:8c:75:b4:b5:3f:1d:
f2:e9:03:ba:e5:40:eb:5b:cd:c8:11:c7:da:65:c7:
14:e1:28:7e:2a:9b:aa:7d:b4:a4:f2:39:b9:d1:8a:
f0:7c:32:78:04:04:0a:87:1b:28:6f:87:8e:a9:b4:
ef:64:f1:95:39:41:df:aa:20:a9:2f:75:e4:29:79:
03:43:ea:c0:ac:84:06:9b:e6:c2:7f:80:73:d9:14:
05:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:06:B2:1F:00:E9:C6:99:E6:7D:AC:3F:62:40:41:7B:C3:7D:60:2C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/acfdcdb7-5b43-4d3e-81fe-f8cd78411d0f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:6040::/48
Signature Algorithm: sha256WithRSAEncryption
ad:bd:1a:8e:0f:f9:48:7a:5e:6b:ad:c9:d8:5f:79:22:43:c4:
3c:13:2c:0a:30:d9:7d:93:05:5a:30:2b:c5:7d:27:b1:f4:74:
99:e3:c9:ab:2e:7d:d9:d1:8c:7c:39:a4:b7:7d:35:bc:75:bd:
77:fe:e7:1d:af:ac:13:fc:33:7e:e3:0e:42:ed:56:75:50:cb:
e2:99:af:48:59:b0:a5:38:9b:a2:be:3e:b7:22:3c:a3:17:8d:
5c:fa:50:3c:75:d9:e0:d7:35:cc:cc:39:57:68:d4:b9:a0:ab:
e0:5e:cd:37:6a:72:5b:27:c0:2e:ac:d7:c6:ea:b0:d1:b1:b8:
0e:bf:f5:68:e4:39:6a:0f:ae:4a:de:cf:e3:a3:e6:64:91:86:
5c:ff:72:59:b5:75:2d:32:ba:c6:ee:42:db:cc:ef:b8:91:7d:
7a:ef:7b:28:f1:84:e3:e9:82:53:61:aa:11:fe:f6:22:cc:18:
f4:9d:12:83:d2:0a:65:77:6c:43:8f:77:ca:61:31:34:50:cd:
0b:6e:e1:d3:39:8e:3d:b0:be:3d:b9:60:eb:61:f7:88:5b:3c:
8f:32:e2:9e:8d:8f:f9:7b:af:a2:27:46:f2:7f:15:c1:63:3f:
34:ff:2b:57:53:cd:e1:c3:a8:46:5b:44:fc:be:20:db:1a:90:
8b:4c:7b:ae
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWUs8x/8wpoGlI+hKQ8/zVwZ7Jy8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODQwMDdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDczYWI2NjY5Y2JlMGRkZGNiN2Q4NmIxNWY3NTY3YzRjYjRiZDM0OTdiMDE5
MWNkYjAxOWFkMmIwY2RiNWZiZmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM4KdI+eu54Toz+FPZYvnI5kkttcpB82eqGTGmM076395mH2PJCs5OO61fxN
QdTMRBTPbr5DQV33aPTpGyxyUF67gKGwV1Fm+bOat2lwBcK83Ph3YJ7j8aqBRCYM
4d4qlIMfpC0K2IQGOQNQ7O6IJuzyDHdEXWLOxBgewmKYnpXgs0Y+RKTagfBvCxOw
qEwo8miAbdEvfT8+r2VpUo+r0N9h0L96ZiuQh1mAJUaGjHW0tT8d8ukDuuVA61vN
yBHH2mXHFOEofiqbqn20pPI5udGK8HwyeAQECocbKG+Hjqm072TxlTlB36ogqS91
5Cl5A0PqwKyEBpvmwn+Ac9kUBa0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQaBrIf
AOnGmeZ9rD9iQEF7w31gLDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWNmZGNkYjctNWI0My00ZDNlLTgxZmUtZjhjZDc4NDExZDBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJg
QDANBgkqhkiG9w0BAQsFAAOCAQEArb0ajg/5SHpea63J2F95IkPEPBMsCjDZfZMF
WjArxX0nsfR0mePJqy592dGMfDmkt301vHW9d/7nHa+sE/wzfuMOQu1WdVDL4pmv
SFmwpTibor4+tyI8oxeNXPpQPHXZ4Nc1zMw5V2jUuaCr4F7NN2pyWyfALqzXxuqw
0bG4Dr/1aOQ5ag+uSt7P46PmZJGGXP9yWbV1LTK6xu5C28zvuJF9eu97KPGE4+mC
U2GqEf72IswY9J0Sg9IKZXdsQ493ymExNFDNC27h0zmOPbC+Pblg62H3iFs8jzLi
no2P+XuvoidG8n8VwWM/NP8rV1PN4cOoRltE/L4g2xqQi0x7rg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:59 2025 by rpki-client