Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3d27c60-169b-477d-99dd-f2e3b4dcbada.roa
File: b3d27c60-169b-477d-99dd-f2e3b4dcbada.roa (raw, json)
Hash identifier: GgznRZRV5Ijye2QJkyBNh2szIaJ9QJi8X3SwCoE0SRM=
Subject key identifier: B6:B5:C0:8F:28:96:11:5B:E2:A5:DD:CB:85:68:19:63:4C:FF:88:D3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2B80726BE7BE83175D0CA92C6A71423B1662A1AB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3d27c60-169b-477d-99dd-f2e3b4dcbada.roa
Signing time: Mon 21 Apr 2025 18:31:14 +0000
ROA not before: Mon 21 Apr 2025 18:31:14 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:80:72:6b:e7:be:83:17:5d:0c:a9:2c:6a:71:42:3b:16:62:a1:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 21 18:31:14 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=6a4d130e5d5b2ec519734abcf9667597f142caed5fd4445e0e1513139d70ef98, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:df:80:9d:0f:24:9a:28:31:9a:0a:73:94:f5:
47:0b:bc:d7:7f:e9:ff:dc:6a:4d:60:77:95:5a:88:
ac:26:41:9a:83:a9:ac:20:66:0d:20:d3:33:66:f9:
e5:2f:dc:11:74:06:b5:d4:be:1e:b8:83:e7:4e:5d:
81:35:76:39:4e:01:ab:9b:64:74:86:db:8a:fc:60:
e8:16:61:14:ad:3b:df:b0:29:35:ab:84:38:08:19:
ec:ba:c4:0b:76:3a:69:74:75:03:1c:65:99:34:3e:
c0:4e:c5:da:10:df:9b:d0:26:f3:80:8b:c8:8f:64:
22:56:d0:ee:d7:54:0d:f7:ea:a9:4a:e0:ae:8d:2d:
70:55:84:8a:27:d2:6e:c2:2f:49:64:ea:0a:ae:fb:
ce:ca:a3:5d:ac:40:ef:67:90:20:02:21:63:ce:92:
a0:db:19:aa:0b:27:2d:c6:24:01:d9:2a:e2:9d:07:
3e:7c:ac:28:9e:af:9e:d8:8f:0d:4a:d3:1a:b0:79:
cb:12:96:a9:aa:82:63:ba:ea:d6:61:9d:69:d8:37:
99:89:96:ab:3a:3f:ab:eb:bd:f6:49:84:cf:f6:b5:
ff:6b:83:d0:8f:77:61:09:29:a3:60:ba:3b:f3:aa:
d1:7c:6a:68:98:3f:24:8e:f0:97:22:d7:84:36:84:
6b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:B5:C0:8F:28:96:11:5B:E2:A5:DD:CB:85:68:19:63:4C:FF:88:D3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3d27c60-169b-477d-99dd-f2e3b4dcbada.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
13:bd:db:af:29:4e:e9:3b:25:14:8a:a3:19:fa:90:cd:b6:45:
43:99:c4:4c:37:da:91:0d:93:dc:d5:62:4f:ac:97:d7:5d:ac:
ba:6c:17:92:94:99:72:70:8a:95:64:fa:83:25:a5:63:eb:00:
53:e4:8c:54:88:5c:8c:7a:13:a3:74:17:20:e1:f4:33:51:74:
a7:58:12:82:48:22:f3:de:7e:da:9a:f5:6a:09:0b:ef:d5:9e:
00:af:5d:49:47:6e:83:37:69:df:38:5f:30:0c:c2:a7:19:36:
8f:01:22:bd:31:01:13:a7:1e:8e:d2:50:b7:39:a4:e2:10:e7:
39:6e:63:a1:37:51:9e:99:9e:4b:aa:a6:83:47:01:fb:f3:dc:
f4:a0:11:50:1f:f8:80:e5:3b:0d:74:5f:c3:43:cb:08:94:51:
d3:92:c2:ee:b1:f5:a5:21:a3:f6:9f:2d:ea:3c:48:56:42:96:
04:68:77:4e:c1:1b:d6:40:1a:21:96:45:88:06:71:d9:d4:60:
c5:00:f1:04:ac:9e:7a:6e:d9:a9:0f:7d:11:42:6d:26:55:0c:
11:19:d4:20:24:87:c7:1b:34:fd:8f:f7:ce:a9:87:b1:29:5d:
60:bd:04:50:9a:50:23:1b:58:b6:dd:f4:5d:9c:45:f0:64:ba:
db:20:63:62
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUK4Bya+e+gxddDKksanFCOxZioaswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjExODMxMTRaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhNGQxMzBlNWQ1YjJlYzUxOTczNGFiY2Y5NjY3NTk3ZjE0MmNhZWQ1ZmQ0
NDQ1ZTBlMTUxMzEzOWQ3MGVmOTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO/fgJ0PJJooMZoKc5T1Rwu813/p/9xqTWB3lVqIrCZBmoOprCBmDSDTM2b5
5S/cEXQGtdS+HriD505dgTV2OU4Bq5tkdIbbivxg6BZhFK0737ApNauEOAgZ7LrE
C3Y6aXR1AxxlmTQ+wE7F2hDfm9Am84CLyI9kIlbQ7tdUDffqqUrgro0tcFWEiifS
bsIvSWTqCq77zsqjXaxA72eQIAIhY86SoNsZqgsnLcYkAdkq4p0HPnysKJ6vntiP
DUrTGrB5yxKWqaqCY7rq1mGdadg3mYmWqzo/q+u99kmEz/a1/2uD0I93YQkpo2C6
O/Oq0XxqaJg/JI7wlyLXhDaEa58CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS2tcCP
KJYRW+Kl3cuFaBljTP+I0zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjNkMjdjNjAtMTY5Yi00NzdkLTk5ZGQtZjJlM2I0ZGNiYWRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HQI
wDANBgkqhkiG9w0BAQsFAAOCAQEAE73brylO6TslFIqjGfqQzbZFQ5nETDfakQ2T
3NViT6yX112sumwXkpSZcnCKlWT6gyWlY+sAU+SMVIhcjHoTo3QXIOH0M1F0p1gS
gkgi895+2pr1agkL79WeAK9dSUdugzdp3zhfMAzCpxk2jwEivTEBE6cejtJQtzmk
4hDnOW5joTdRnpmeS6qmg0cB+/Pc9KARUB/4gOU7DXRfw0PLCJRR05LC7rH1pSGj
9p8t6jxIVkKWBGh3TsEb1kAaIZZFiAZx2dRgxQDxBKyeem7ZqQ99EUJtJlUMERnU
ICSHxxs0/Y/3zqmHsSldYL0EUJpQIxtYtt30XZxF8GS62yBjYg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:08 2025 by rpki-client