Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b01a5a70-e8bc-4c88-8f86-597d891eae77.roa
File: b01a5a70-e8bc-4c88-8f86-597d891eae77.roa (raw, json)
Hash identifier: HzLZVBuC13Swkx4mIPaQtMX3If6rXjIksmZRLsfa2h4=
Subject key identifier: 98:0E:2C:12:06:92:49:1C:06:52:A2:83:12:27:98:3E:37:A3:D0:CF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 32E086A76979045A754F75DCE3DDE766ED7F8304
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b01a5a70-e8bc-4c88-8f86-597d891eae77.roa
Signing time: Fri 25 Apr 2025 19:01:18 +0000
ROA not before: Fri 25 Apr 2025 19:01:18 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:2080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:e0:86:a7:69:79:04:5a:75:4f:75:dc:e3:dd:e7:66:ed:7f:83:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:01:18 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=d6c7445a06a9509c1eb353b2e75da8b6bf4680aabf10d9f8aa0f365ad002bf10, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:67:e7:c7:82:af:48:5e:d9:cc:f0:65:6f:fa:
72:48:b4:37:cd:a4:84:7e:68:8a:d7:7c:09:de:1a:
1e:49:c1:a5:5a:67:fd:8a:b7:43:04:b6:47:47:20:
d8:91:a2:96:46:89:6a:a4:44:63:1f:b0:a5:b7:b4:
f4:15:6f:2e:74:76:cd:8f:5b:27:3d:26:c5:86:55:
01:1e:91:4c:e7:89:e8:2b:b4:e6:d8:6b:f6:3e:c6:
c7:18:c5:9e:c6:f1:1f:50:99:72:d5:c2:bd:aa:50:
1d:d1:25:32:c1:cb:1a:42:41:b1:e1:5d:69:f6:5a:
5e:a5:95:64:97:12:a4:51:b7:d4:b5:85:96:5e:f5:
d3:cb:e6:cf:84:98:49:c6:72:86:57:58:06:ff:c6:
45:71:d8:a9:0a:93:ec:7e:67:1a:22:14:fb:00:2e:
99:ea:66:a9:ce:78:56:b6:f8:ec:69:d5:63:28:68:
64:1f:8a:e4:b3:09:2d:96:d7:fe:bc:a9:e0:38:99:
ee:8b:a8:d5:ba:89:60:0c:a1:e2:85:f2:63:7c:29:
9f:36:55:cf:e7:ed:03:31:09:f7:a0:47:89:62:e5:
ce:46:be:f4:d4:d7:c4:9f:71:2b:1c:5a:19:17:a9:
d5:8d:3e:cc:1d:dc:d9:90:6d:a4:f1:e7:26:6b:7b:
09:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:0E:2C:12:06:92:49:1C:06:52:A2:83:12:27:98:3E:37:A3:D0:CF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b01a5a70-e8bc-4c88-8f86-597d891eae77.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:2080::/48
Signature Algorithm: sha256WithRSAEncryption
98:b7:84:6f:1a:be:47:d4:90:9a:f3:aa:31:45:70:78:93:38:
5b:fc:fa:e5:e2:87:fe:32:de:6a:7e:78:72:1e:90:e2:42:39:
86:48:8a:1b:90:da:f2:0b:ce:c2:a4:c8:ea:09:74:59:a3:d1:
98:f9:09:4b:18:8e:ad:b4:01:4c:9b:e4:b0:04:5b:1f:83:5a:
e9:e7:93:38:02:84:f1:7f:2f:cb:41:fb:58:26:57:83:5d:ee:
89:90:71:e0:74:39:61:4e:77:62:d6:1d:4e:c8:d5:59:62:7c:
23:40:93:65:5a:ba:74:64:1d:c6:a9:d2:7d:c2:c3:4d:e7:bc:
3d:ea:5e:a2:ef:cb:b6:e4:a0:90:67:6c:a6:a5:3a:4c:b3:0b:
0b:01:2c:56:c5:8a:2b:fa:f2:3e:d3:fc:28:50:bd:42:7c:a4:
c4:1b:c7:a7:d8:eb:c8:b7:11:b3:e3:c6:4c:7a:2e:85:83:3d:
ef:2c:fb:16:2c:8f:de:33:ff:f7:f5:16:27:41:81:31:05:39:
20:de:6d:23:8d:5d:d2:27:cc:f5:4f:f9:bd:9a:e1:8b:56:73:
59:17:f0:48:b7:11:64:4d:1c:38:ef:6a:eb:6d:0c:cd:bd:2a:
1e:c8:47:20:ee:93:f8:1f:bd:cf:fd:b9:11:9b:81:a8:33:a3:
38:df:cc:a4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMuCGp2l5BFp1T3Xc493nZu1/gwQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTAxMThaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2Yzc0NDVhMDZhOTUwOWMxZWIzNTNiMmU3NWRhOGI2YmY0NjgwYWFiZjEw
ZDlmOGFhMGYzNjVhZDAwMmJmMTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKBn58eCr0he2czwZW/6cki0N82khH5oitd8Cd4aHknBpVpn/Yq3QwS2R0cg
2JGilkaJaqREYx+wpbe09BVvLnR2zY9bJz0mxYZVAR6RTOeJ6Cu05thr9j7GxxjF
nsbxH1CZctXCvapQHdElMsHLGkJBseFdafZaXqWVZJcSpFG31LWFll7108vmz4SY
ScZyhldYBv/GRXHYqQqT7H5nGiIU+wAumepmqc54Vrb47GnVYyhoZB+K5LMJLZbX
/ryp4DiZ7ouo1bqJYAyh4oXyY3wpnzZVz+ftAzEJ96BHiWLlzka+9NTXxJ9xKxxa
GRep1Y0+zB3c2ZBtpPHnJmt7CX0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSYDiwS
BpJJHAZSooMSJ5g+N6PQzzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjAxYTVhNzAtZThiYy00Yzg4LThmODYtNTk3ZDg5MWVhZTc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8g
gDANBgkqhkiG9w0BAQsFAAOCAQEAmLeEbxq+R9SQmvOqMUVweJM4W/z65eKH/jLe
an54ch6Q4kI5hkiKG5Da8gvOwqTI6gl0WaPRmPkJSxiOrbQBTJvksARbH4Na6eeT
OAKE8X8vy0H7WCZXg13uiZBx4HQ5YU53YtYdTsjVWWJ8I0CTZVq6dGQdxqnSfcLD
Tee8Pepeou/LtuSgkGdspqU6TLMLCwEsVsWKK/ryPtP8KFC9QnykxBvHp9jryLcR
s+PGTHouhYM97yz7FiyP3jP/9/UWJ0GBMQU5IN5tI41d0ifM9U/5vZrhi1ZzWRfw
SLcRZE0cOO9q620Mzb0qHshHIO6T+B+9z/25EZuBqDOjON/MpA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:22 2025 by rpki-client