Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aff52575-8887-44f7-8b7f-44fbe4ddcd4c.roa
File: aff52575-8887-44f7-8b7f-44fbe4ddcd4c.roa (raw, json)
Hash identifier: c/ZWsejEyQYfWs4FLfmggseIuiHww6kpZzrw3DyA1sg=
Subject key identifier: E7:57:2D:6B:1E:30:D1:CD:33:45:7C:86:34:9F:66:95:FE:F2:34:85
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 24E5B495C08A5A171FE22F833EEB644B88644872
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aff52575-8887-44f7-8b7f-44fbe4ddcd4c.roa
Signing time: Fri 25 Apr 2025 18:31:37 +0000
ROA not before: Fri 25 Apr 2025 18:31:37 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:9080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:e5:b4:95:c0:8a:5a:17:1f:e2:2f:83:3e:eb:64:4b:88:64:48:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:31:37 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=3d57c249b56d7b7b3031a35048ebaa4ad29e4a51153f81d30502196aa33a7ced, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:69:7d:4f:14:bb:f5:7a:02:09:4a:4a:03:c8:
a4:29:05:f1:82:69:65:91:c8:53:95:dd:bd:fc:50:
3d:93:53:22:29:96:fd:41:25:49:8b:86:2c:54:e9:
fd:2b:59:82:7c:05:ab:af:c3:f4:25:ce:83:64:a1:
2c:74:57:f6:39:9a:1a:f2:38:e9:0c:15:53:5c:94:
3e:f8:93:d6:cd:44:56:4a:84:7b:a8:75:e8:f4:8c:
d9:06:7c:ad:f0:7f:ac:dc:f7:c6:ed:58:a4:0b:58:
79:a6:56:16:51:5a:cf:22:a1:71:42:9b:a2:ee:60:
b8:50:29:09:fb:23:55:ed:fe:12:0e:f6:7b:23:37:
f6:68:7e:2f:0c:3e:88:98:76:98:8a:63:79:fd:0f:
68:0f:01:f6:4b:67:72:41:4d:aa:ec:90:80:4d:01:
07:15:1e:c7:29:fd:2e:b0:47:02:fa:6b:60:79:56:
2a:ca:34:c6:dd:46:fa:e3:6d:ff:86:db:16:8f:b8:
1e:98:f5:37:e4:59:ab:b5:f9:a2:d1:08:f0:6c:ab:
64:41:3d:1d:e5:92:d5:2f:44:5a:23:62:68:93:65:
05:8e:d9:e8:aa:2f:c8:ef:5a:7a:d3:41:1e:66:8a:
dc:92:55:f0:a4:2d:e2:c8:ed:6c:5d:c7:83:a7:f1:
2d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:57:2D:6B:1E:30:D1:CD:33:45:7C:86:34:9F:66:95:FE:F2:34:85
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aff52575-8887-44f7-8b7f-44fbe4ddcd4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:9080::/48
Signature Algorithm: sha256WithRSAEncryption
48:77:82:85:0f:16:9f:e0:84:29:68:b3:c5:cd:8a:a3:b1:08:
1e:5c:9a:67:a0:82:d2:d0:f7:a3:14:32:67:76:d7:a4:28:b2:
af:10:0d:fb:ff:4d:38:79:c4:2c:91:9b:c5:10:e8:ca:3c:17:
92:aa:2d:62:0c:c2:1e:bc:01:3c:56:3b:ba:78:ce:05:3b:c2:
32:d5:05:f9:ee:48:82:6f:a3:64:65:20:65:32:2e:52:df:f6:
81:8a:fd:b3:b1:6e:06:f9:0f:6e:e2:5f:9f:9f:e7:76:32:2f:
55:9a:4b:2c:6e:ef:39:d2:2d:07:32:47:c9:a0:31:68:f6:09:
e8:4d:f6:77:f7:2a:06:e5:c6:89:25:7e:48:cd:b7:d1:43:8e:
e9:05:73:c8:8e:96:47:39:3d:11:65:ca:31:ec:02:87:82:9d:
03:0d:e8:41:b9:70:b6:6f:22:07:e3:81:46:fc:c9:6b:26:00:
19:44:da:6f:68:30:45:b1:06:b6:0d:e3:39:ce:da:eb:04:bf:
e0:1a:c5:cd:08:20:ac:c1:96:07:3f:35:d8:1b:19:65:ea:cd:
cf:fe:ee:93:66:31:fd:5e:5d:61:af:34:92:7b:9e:58:ca:cf:
50:0b:01:0d:d5:e9:5b:f6:01:e0:66:e9:8a:fd:e4:04:e0:36:
80:15:eb:f7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJOW0lcCKWhcf4i+DPutkS4hkSHIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODMxMzdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDNkNTdjMjQ5YjU2ZDdiN2IzMDMxYTM1MDQ4ZWJhYTRhZDI5ZTRhNTExNTNm
ODFkMzA1MDIxOTZhYTMzYTdjZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMdpfU8Uu/V6AglKSgPIpCkF8YJpZZHIU5XdvfxQPZNTIimW/UElSYuGLFTp
/StZgnwFq6/D9CXOg2ShLHRX9jmaGvI46QwVU1yUPviT1s1EVkqEe6h16PSM2QZ8
rfB/rNz3xu1YpAtYeaZWFlFazyKhcUKbou5guFApCfsjVe3+Eg72eyM39mh+Lww+
iJh2mIpjef0PaA8B9ktnckFNquyQgE0BBxUexyn9LrBHAvprYHlWKso0xt1G+uNt
/4bbFo+4Hpj1N+RZq7X5otEI8GyrZEE9HeWS1S9EWiNiaJNlBY7Z6KovyO9aetNB
HmaK3JJV8KQt4sjtbF3Hg6fxLZUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTnVy1r
HjDRzTNFfIY0n2aV/vI0hTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWZmNTI1NzUtODg4Ny00NGY3LThiN2YtNDRmYmU0ZGRjZDRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGQ
gDANBgkqhkiG9w0BAQsFAAOCAQEASHeChQ8Wn+CEKWizxc2Ko7EIHlyaZ6CC0tD3
oxQyZ3bXpCiyrxAN+/9NOHnELJGbxRDoyjwXkqotYgzCHrwBPFY7unjOBTvCMtUF
+e5Igm+jZGUgZTIuUt/2gYr9s7FuBvkPbuJfn5/ndjIvVZpLLG7vOdItBzJHyaAx
aPYJ6E32d/cqBuXGiSV+SM230UOO6QVzyI6WRzk9EWXKMewCh4KdAw3oQblwtm8i
B+OBRvzJayYAGUTab2gwRbEGtg3jOc7a6wS/4BrFzQggrMGWBz812BsZZerNz/7u
k2Yx/V5dYa80knueWMrPUAsBDdXpW/YB4Gbpiv3kBOA2gBXr9w==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:19 2025 by rpki-client