Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af189eff-34de-4652-a029-d682c90d1fc5.roa
File: af189eff-34de-4652-a029-d682c90d1fc5.roa (raw, json)
Hash identifier: RyVwdhTq2DfejGQmMda1ZIY015MYSZgFRaeY4lhv9EM=
Subject key identifier: 6B:FE:0A:C5:D8:D3:70:BD:8D:5D:2A:6A:3F:A8:CB:F9:33:A3:20:08
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B7DBD7D3CC4A0738D99F722E02784FD8F4ECC7F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af189eff-34de-4652-a029-d682c90d1fc5.roa
Signing time: Fri 25 Apr 2025 19:10:48 +0000
ROA not before: Fri 25 Apr 2025 19:10:48 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:7d:bd:7d:3c:c4:a0:73:8d:99:f7:22:e0:27:84:fd:8f:4e:cc:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:10:48 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=857cc3363e810d1fc776ac18f65636c9fa4e538a144883af05efc4df796591a6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:82:bc:ea:9d:cd:25:58:58:15:7a:e0:77:cd:
fa:f1:c9:89:10:23:14:af:08:3a:e5:9e:d9:86:90:
3d:2f:fd:e6:3b:65:94:49:22:03:b0:a6:40:67:f6:
87:c8:37:85:b6:df:cd:9b:fb:60:2f:da:92:26:f2:
2b:0d:69:e1:73:29:d4:c2:aa:cd:2c:8f:9e:34:de:
86:5c:48:37:c2:fe:30:6b:a6:e4:6c:b1:a1:77:1a:
4f:71:ac:d5:d5:9e:94:f8:1b:e3:c0:aa:25:9d:77:
eb:b9:ef:4d:33:f0:e2:5e:9b:15:a3:23:a9:62:c0:
8d:00:4f:c9:41:d7:2e:0e:8b:eb:d1:8d:58:8f:76:
1a:e3:93:ed:6a:39:ec:8e:a0:e3:18:59:20:c2:bd:
d7:1a:4c:68:b3:fc:16:5a:10:05:17:5c:ff:89:51:
dd:f3:61:49:2e:7a:8f:df:30:17:82:9b:e7:72:26:
33:b7:f9:32:18:f5:31:0f:95:b1:45:38:8c:a6:29:
70:76:a8:db:45:2a:e1:5f:d1:60:a5:84:9e:c1:03:
2e:a3:d8:03:c7:9a:f5:05:03:30:65:17:52:f1:4f:
8f:93:e3:2a:45:40:75:1f:36:b9:32:3d:db:5d:fd:
67:95:8c:ff:cc:e2:dc:45:58:50:51:ca:4c:8c:15:
ed:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:FE:0A:C5:D8:D3:70:BD:8D:5D:2A:6A:3F:A8:CB:F9:33:A3:20:08
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af189eff-34de-4652-a029-d682c90d1fc5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
2e:9a:33:a2:f2:7f:f3:06:1a:7b:df:8c:82:d0:8a:ec:bd:c0:
bc:0f:d3:25:25:a9:42:37:bd:0b:79:5d:64:b4:1e:03:f8:d4:
63:63:09:6b:0c:9f:e8:02:dd:2a:82:ff:34:bb:f0:06:7a:17:
df:24:35:3c:65:3b:d7:3a:db:bb:9c:42:9a:b7:48:bc:38:38:
d5:dc:6a:0e:8a:2b:31:dc:71:c2:68:e0:c2:4e:6d:78:25:e4:
f9:60:c4:de:7f:46:71:34:e8:d7:16:a8:19:22:a3:d4:5e:84:
5b:87:5d:ff:20:ef:83:48:d7:ab:1f:ec:8d:6b:28:26:b2:d2:
1e:0f:28:d5:53:da:42:9f:cc:f3:d3:d4:5e:d5:de:42:c1:97:
c2:18:0a:8c:c0:2d:bf:42:05:9d:5f:d5:e6:8e:3e:eb:c7:d4:
8f:90:b4:dd:f3:e1:26:05:2a:bf:e5:f2:67:3e:ba:29:6c:f0:
ec:04:ec:76:c4:e6:f1:96:d0:a2:05:74:fc:b7:84:bc:bb:5b:
3c:26:33:b0:87:5f:68:47:89:3e:cf:b6:34:69:df:ae:b6:3c:
af:b0:92:8d:76:f4:af:4c:1f:04:42:db:3c:da:53:ed:26:f6:
44:a5:be:f6:a4:2e:76:57:3b:ab:0c:29:6d:27:40:a6:dc:76:
a5:4a:55:e4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUC329fTzEoHONmfci4CeE/Y9OzH8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTEwNDhaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1N2NjMzM2M2U4MTBkMWZjNzc2YWMxOGY2NTYzNmM5ZmE0ZTUzOGExNDQ4
ODNhZjA1ZWZjNGRmNzk2NTkxYTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJqCvOqdzSVYWBV64HfN+vHJiRAjFK8IOuWe2YaQPS/95jtllEkiA7CmQGf2
h8g3hbbfzZv7YC/akibyKw1p4XMp1MKqzSyPnjTehlxIN8L+MGum5GyxoXcaT3Gs
1dWelPgb48CqJZ1367nvTTPw4l6bFaMjqWLAjQBPyUHXLg6L69GNWI92GuOT7Wo5
7I6g4xhZIMK91xpMaLP8FloQBRdc/4lR3fNhSS56j98wF4Kb53ImM7f5Mhj1MQ+V
sUU4jKYpcHao20Uq4V/RYKWEnsEDLqPYA8ea9QUDMGUXUvFPj5PjKkVAdR82uTI9
2139Z5WM/8zi3EVYUFHKTIwV7aECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRr/grF
2NNwvY1dKmo/qMv5M6MgCDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWYxODllZmYtMzRkZS00NjUyLWEwMjktZDY4MmM5MGQxZmM1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
wDANBgkqhkiG9w0BAQsFAAOCAQEALpozovJ/8wYae9+MgtCK7L3AvA/TJSWpQje9
C3ldZLQeA/jUY2MJawyf6ALdKoL/NLvwBnoX3yQ1PGU71zrbu5xCmrdIvDg41dxq
DoorMdxxwmjgwk5teCXk+WDE3n9GcTTo1xaoGSKj1F6EW4dd/yDvg0jXqx/sjWso
JrLSHg8o1VPaQp/M89PUXtXeQsGXwhgKjMAtv0IFnV/V5o4+68fUj5C03fPhJgUq
v+XyZz66KWzw7ATsdsTm8ZbQogV0/LeEvLtbPCYzsIdfaEeJPs+2NGnfrrY8r7CS
jXb0r0wfBELbPNpT7Sb2RKW+9qQudlc7qwwpbSdAptx2pUpV5A==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:27 2025 by rpki-client