Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0cb661c-43c3-4c2a-86e3-cc88642d6314.roa
File: b0cb661c-43c3-4c2a-86e3-cc88642d6314.roa (raw, json)
Hash identifier: zYdE0oQZUycpQngkBg61njAu2yWDgFEUrwRuMCh1kAw=
Subject key identifier: E3:95:44:76:2F:F0:C2:C7:CE:C1:55:51:25:3A:D8:1B:22:99:54:06
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1449DDE131C0BD88EBF7252BA3E38D2CC2FD5BD0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0cb661c-43c3-4c2a-86e3-cc88642d6314.roa
Signing time: Fri 25 Apr 2025 18:50:42 +0000
ROA not before: Fri 25 Apr 2025 18:50:42 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:20c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:49:dd:e1:31:c0:bd:88:eb:f7:25:2b:a3:e3:8d:2c:c2:fd:5b:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:50:42 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=16eac08a8c8120b394a897fd2cd47fdeb51978117aa3b03c2324bd13f2a6c262, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:26:ea:c4:f3:c9:ec:de:1b:4f:68:75:1c:d8:
9e:90:12:9a:15:6a:fc:9f:fa:02:91:ad:27:ba:e2:
5f:6e:56:a5:0f:08:98:97:6d:61:39:55:c5:20:91:
26:fd:5d:12:95:5f:34:1b:4b:34:32:0b:42:f5:0b:
24:69:9b:3e:dd:67:82:43:e5:d0:eb:fb:19:34:fe:
87:2f:1b:70:87:c4:1e:15:72:77:9d:7d:6c:4c:60:
86:f8:17:b6:e3:5c:e0:d2:90:68:81:04:d7:e2:7b:
54:ac:07:36:6c:c1:54:72:48:ed:4c:42:55:00:b1:
80:4d:23:07:34:74:c0:31:e2:05:d3:65:f2:57:80:
28:cb:66:4a:b7:09:fa:db:79:7c:66:23:72:ba:7f:
10:bd:25:ec:34:44:d5:60:2e:b0:89:7c:fb:e0:a4:
8f:a8:57:2f:ba:5b:db:ce:ce:ad:f6:49:91:1a:73:
75:6c:af:4b:15:8c:05:70:40:28:3e:6e:c9:3b:f7:
c9:c1:af:99:85:39:a0:02:08:7d:11:80:fc:01:43:
70:e5:07:6b:af:bb:23:9f:6d:6a:a0:b9:66:0d:89:
dd:02:fb:d2:bc:d1:91:c3:7a:14:d0:d2:96:cb:73:
25:09:13:ae:58:25:d0:6e:fa:d5:be:29:a9:85:26:
53:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:95:44:76:2F:F0:C2:C7:CE:C1:55:51:25:3A:D8:1B:22:99:54:06
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0cb661c-43c3-4c2a-86e3-cc88642d6314.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:20c0::/48
Signature Algorithm: sha256WithRSAEncryption
5d:09:ea:4f:74:64:b5:d5:9f:a7:1d:e4:09:f9:5a:bc:6a:71:
ef:17:81:21:e6:fc:9d:24:73:e1:eb:a5:8d:76:20:30:87:53:
c6:17:b0:b3:ce:1c:c8:e4:90:8d:7b:37:d9:02:ba:71:f7:3e:
45:12:da:d9:ff:26:52:4c:79:9b:87:22:e2:10:ab:4f:32:28:
c2:f3:fc:3d:4c:2e:53:74:ab:61:fe:e4:66:1b:c2:7e:97:b5:
5f:2d:94:ae:9e:74:54:3b:7f:e1:b2:32:94:a5:8c:cb:90:62:
ed:b5:c8:94:f6:8e:91:58:55:27:be:13:9f:9c:47:ff:98:82:
dc:8f:b8:25:ba:5a:dc:0f:58:2a:85:8b:ae:d1:e7:46:19:53:
44:34:0c:ca:4a:91:81:68:97:4a:d5:2d:80:8d:2d:bf:bd:e7:
72:53:47:36:69:ba:63:f1:8a:18:ee:bf:f8:8c:b1:c9:98:dd:
a6:0a:4e:86:5c:6e:81:66:92:38:03:5e:df:68:de:ff:7a:b4:
07:39:21:25:58:91:fb:1a:32:13:aa:bd:76:70:76:2a:cc:e4:
c4:e6:a4:2e:40:50:c6:d8:71:04:4f:55:c5:5c:b1:ca:d0:e3:
84:e7:bc:bf:14:62:96:9e:e9:03:05:2b:b2:22:50:5c:18:e1:
61:04:67:e5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFEnd4THAvYjr9yUro+ONLML9W9AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODUwNDJaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2ZWFjMDhhOGM4MTIwYjM5NGE4OTdmZDJjZDQ3ZmRlYjUxOTc4MTE3YWEz
YjAzYzIzMjRiZDEzZjJhNmMyNjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALsm6sTzyezeG09odRzYnpASmhVq/J/6ApGtJ7riX25WpQ8ImJdtYTlVxSCR
Jv1dEpVfNBtLNDILQvULJGmbPt1ngkPl0Ov7GTT+hy8bcIfEHhVyd519bExghvgX
tuNc4NKQaIEE1+J7VKwHNmzBVHJI7UxCVQCxgE0jBzR0wDHiBdNl8leAKMtmSrcJ
+tt5fGYjcrp/EL0l7DRE1WAusIl8++Ckj6hXL7pb287OrfZJkRpzdWyvSxWMBXBA
KD5uyTv3ycGvmYU5oAIIfRGA/AFDcOUHa6+7I59taqC5Zg2J3QL70rzRkcN6FNDS
lstzJQkTrlgl0G761b4pqYUmUxcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTjlUR2
L/DCx87BVVElOtgbIplUBjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjBjYjY2MWMtNDNjMy00YzJhLTg2ZTMtY2M4ODY0MmQ2MzE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEg
wDANBgkqhkiG9w0BAQsFAAOCAQEAXQnqT3RktdWfpx3kCflavGpx7xeBIeb8nSRz
4euljXYgMIdTxhews84cyOSQjXs32QK6cfc+RRLa2f8mUkx5m4ci4hCrTzIowvP8
PUwuU3SrYf7kZhvCfpe1Xy2Urp50VDt/4bIylKWMy5Bi7bXIlPaOkVhVJ74Tn5xH
/5iC3I+4Jbpa3A9YKoWLrtHnRhlTRDQMykqRgWiXStUtgI0tv73nclNHNmm6Y/GK
GO6/+IyxyZjdpgpOhlxugWaSOANe32je/3q0BzkhJViR+xoyE6q9dnB2KszkxOak
LkBQxthxBE9VxVyxytDjhOe8vxRilp7pAwUrsiJQXBjhYQRn5Q==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:10 2025 by rpki-client