Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aeb942d1-e5f2-47dd-bd26-7b99f70267ad.roa
File: aeb942d1-e5f2-47dd-bd26-7b99f70267ad.roa (raw, json)
Hash identifier: dWJsJGyJzZeguQ3/f6llUYsEpNsFP/GwdnSMUJoUY7g=
Subject key identifier: FE:D3:31:C7:A9:BD:DB:68:1C:42:A3:5C:49:76:0D:7F:56:C9:93:A5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 268AB35FF6CFA54E5C5D29BE47EDCAD3698476C6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aeb942d1-e5f2-47dd-bd26-7b99f70267ad.roa
Signing time: Fri 25 Apr 2025 19:31:20 +0000
ROA not before: Fri 25 Apr 2025 19:31:20 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:1080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:8a:b3:5f:f6:cf:a5:4e:5c:5d:29:be:47:ed:ca:d3:69:84:76:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:31:20 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=6f51b309ada76a37406991e4cc53d298b7a802946444cc967e16b8f4bf71997b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:9a:56:c2:00:8a:f1:4d:dd:13:0e:e9:8c:f6:
32:f2:a5:6f:9c:51:db:11:ad:30:84:97:1f:e5:43:
11:16:21:b7:23:fc:e3:5e:8b:d6:5c:71:65:bb:17:
f3:17:5e:ad:7f:b6:00:7a:3f:15:de:26:42:e8:14:
e4:1b:5c:ae:7d:45:4c:84:c6:19:56:94:10:69:37:
46:61:ae:4f:06:41:80:87:3c:dc:2a:6f:a9:5f:e1:
eb:f8:66:c7:d7:1c:69:fa:c8:84:95:2d:17:87:74:
03:84:ad:1f:32:97:9a:1c:2d:86:7d:3f:fa:49:68:
d3:00:f5:9f:f8:6e:30:13:4f:16:ff:99:79:2f:ed:
78:aa:e4:58:db:65:38:cc:98:ab:31:ab:cb:01:83:
9e:35:35:58:88:a5:85:c3:df:65:1e:dc:67:80:34:
6a:cb:1a:2b:0d:b3:7d:ca:6a:31:f7:f0:14:ce:0f:
92:61:ba:ec:72:89:61:7b:74:2b:b1:8e:7f:e5:91:
df:71:b3:37:08:75:7e:b6:13:f2:5e:c4:1a:d0:09:
d6:e2:6f:79:92:c5:e9:43:48:dd:3f:90:35:b3:3a:
37:6a:cd:10:63:fa:e0:2f:a0:b5:00:fb:ce:b8:ca:
08:3d:c4:a8:27:20:82:01:05:d9:42:9d:6d:f0:09:
bd:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:D3:31:C7:A9:BD:DB:68:1C:42:A3:5C:49:76:0D:7F:56:C9:93:A5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aeb942d1-e5f2-47dd-bd26-7b99f70267ad.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:1080::/46
Signature Algorithm: sha256WithRSAEncryption
69:98:ab:35:63:25:dc:fc:a1:6d:09:d6:e8:76:c3:88:1b:9e:
ac:9c:4f:e2:3e:73:ca:29:6e:75:18:d2:b7:d7:6c:a9:e6:41:
82:2b:cb:35:97:33:6e:5f:f4:bf:bd:35:1e:a6:f9:b9:55:da:
99:42:1e:23:b7:c0:a8:f7:ab:47:7f:54:2e:5a:37:75:b4:24:
42:aa:44:5f:d8:8e:70:55:95:77:d1:bb:19:34:3d:f8:ae:80:
09:da:84:66:47:a8:26:c7:2d:28:f3:78:ed:d7:02:05:51:58:
3d:7a:c8:31:19:a1:12:42:a2:d9:f6:b8:c0:b7:fe:cd:25:eb:
50:2e:4c:f2:05:be:47:80:7a:dc:82:09:47:83:35:39:6d:e9:
97:e3:3e:ce:b4:7a:1f:65:07:44:26:42:e7:bf:3c:da:62:1b:
e8:51:af:bd:86:7f:dc:b9:ae:51:a5:36:6e:eb:dd:42:e4:77:
5a:d2:94:79:5a:34:d8:22:19:14:40:3e:ab:29:36:22:bb:86:
c9:c3:eb:6c:19:df:23:28:62:11:c5:4c:d2:82:60:f9:69:fb:
e5:6c:f3:aa:95:24:82:c4:8d:01:34:81:bd:cb:8c:62:65:b8:
cf:30:f3:52:78:21:56:c4:e0:af:3f:f0:74:c0:8b:e3:fd:0e:
68:a9:2e:98
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJoqzX/bPpU5cXSm+R+3K02mEdsYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTMxMjBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDZmNTFiMzA5YWRhNzZhMzc0MDY5OTFlNGNjNTNkMjk4YjdhODAyOTQ2NDQ0
Y2M5NjdlMTZiOGY0YmY3MTk5N2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOyaVsIAivFN3RMO6Yz2MvKlb5xR2xGtMISXH+VDERYhtyP8416L1lxxZbsX
8xderX+2AHo/Fd4mQugU5Btcrn1FTITGGVaUEGk3RmGuTwZBgIc83CpvqV/h6/hm
x9ccafrIhJUtF4d0A4StHzKXmhwthn0/+klo0wD1n/huMBNPFv+ZeS/teKrkWNtl
OMyYqzGrywGDnjU1WIilhcPfZR7cZ4A0assaKw2zfcpqMffwFM4PkmG67HKJYXt0
K7GOf+WR33GzNwh1frYT8l7EGtAJ1uJveZLF6UNI3T+QNbM6N2rNEGP64C+gtQD7
zrjKCD3EqCcgggEF2UKdbfAJvXECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT+0zHH
qb3baBxCo1xJdg1/VsmTpTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWViOTQyZDEtZTVmMi00N2RkLWJkMjYtN2I5OWY3MDI2N2FkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DUQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAaZirNWMl3PyhbQnW6HbDiBuerJxP4j5zyilu
dRjSt9dsqeZBgivLNZczbl/0v701Hqb5uVXamUIeI7fAqPerR39ULlo3dbQkQqpE
X9iOcFWVd9G7GTQ9+K6ACdqEZkeoJsctKPN47dcCBVFYPXrIMRmhEkKi2fa4wLf+
zSXrUC5M8gW+R4B63IIJR4M1OW3pl+M+zrR6H2UHRCZC57882mIb6FGvvYZ/3Lmu
UaU2buvdQuR3WtKUeVo02CIZFEA+qyk2IruGycPrbBnfIyhiEcVM0oJg+Wn75Wzz
qpUkgsSNATSBvcuMYmW4zzDzUnghVsTgrz/wdMCL4/0OaKkumA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:35 2025 by rpki-client