Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3f84dd1-5e90-449c-9763-5a9e131b16d6.roa
File: b3f84dd1-5e90-449c-9763-5a9e131b16d6.roa (raw, json)
Hash identifier: oBuyC/cTsLgZcOsQhVPVq2UmUxREX7OKypdV8Wy9cMg=
Subject key identifier: 7A:76:CC:9F:4C:E1:6B:6A:44:45:35:16:ED:32:F1:1D:00:C1:13:49
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7DBE11016998D91E841E188614ABDC759520AC0B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3f84dd1-5e90-449c-9763-5a9e131b16d6.roa
Signing time: Thu 17 Apr 2025 16:38:51 +0000
ROA not before: Thu 17 Apr 2025 16:38:51 +0000
ROA not after: Thu 22 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06e::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:be:11:01:69:98:d9:1e:84:1e:18:86:14:ab:dc:75:95:20:ac:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 16:38:51 2025 GMT
Not After : May 22 23:59:59 2025 GMT
Subject: serialNumber=977e2dc41880948e3ab805b1d6626f39196b061b7c9d4f6f23082fa5ecc76054, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:2e:4a:e4:5c:45:85:af:1c:5f:52:6f:a6:19:
f3:5d:fa:50:c4:df:f9:57:87:a6:09:e8:dc:d1:e1:
6e:80:5f:9c:a7:3a:9d:9e:41:ea:d3:02:26:f7:99:
eb:23:fc:01:1c:ab:a3:fd:ac:41:37:8f:3b:07:46:
2a:82:d1:f5:2b:dd:be:3d:63:0f:a2:82:4c:ad:c8:
99:53:7a:df:ad:0b:7d:58:71:36:98:f3:db:d1:7b:
19:71:93:db:de:d1:99:59:f1:6e:a2:22:91:90:fb:
60:f4:80:b0:18:9a:aa:fb:66:46:b9:58:7c:31:1b:
66:2c:5a:03:b1:53:db:f2:94:f3:c8:04:cb:9f:79:
6f:16:7e:4c:cb:c6:25:d1:b7:e9:6e:39:e2:85:5b:
c6:3a:a5:06:e7:1f:b2:4b:cf:91:67:8c:e7:f3:24:
cb:be:31:19:a3:32:55:b8:18:9d:dd:f7:b3:a6:45:
16:d5:3b:71:a0:39:2a:00:28:47:be:74:30:21:e5:
6a:82:c3:41:88:d9:cd:ae:70:35:df:c2:50:18:ec:
6e:5e:b3:0a:38:6f:72:e4:ae:23:fe:68:15:12:01:
22:5c:de:0b:a6:73:65:1d:e6:9e:c6:a4:e9:d9:75:
5d:8b:4e:f1:2c:bc:31:3c:b0:7d:72:3f:d7:aa:94:
a4:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:76:CC:9F:4C:E1:6B:6A:44:45:35:16:ED:32:F1:1D:00:C1:13:49
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3f84dd1-5e90-449c-9763-5a9e131b16d6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06e::/32
Signature Algorithm: sha256WithRSAEncryption
af:0c:0d:1a:f0:88:6f:67:f2:41:40:6d:37:c6:c1:ad:ea:75:
06:be:1a:e3:0e:ba:e1:a9:fc:c0:7e:b6:4d:4a:e1:4a:2d:39:
26:6b:7f:fb:8a:41:e9:15:df:a6:56:44:2f:33:2e:85:7c:9a:
14:79:68:81:44:c7:65:64:af:75:8e:b5:13:6a:3e:10:b8:4a:
a1:f2:02:d3:3b:02:28:95:8b:ea:68:9c:06:a0:58:20:f7:2a:
c4:6a:e2:5c:fe:34:b5:b0:29:a7:68:8a:03:d3:8d:37:39:df:
16:7f:12:5f:00:7a:50:59:ed:56:6e:94:cb:c6:bb:8f:ad:fc:
eb:9b:d3:4e:6a:2c:b2:da:e8:ac:27:49:f5:c8:85:ef:e9:b0:
fa:8c:fa:5b:dc:a2:16:9d:f7:84:03:ce:9f:62:10:63:89:69:
62:40:a8:ce:ca:bd:96:0d:8e:26:5c:ff:7a:53:ef:8f:b2:3f:
4e:0c:8b:d1:51:64:62:46:a0:03:5b:b4:17:67:fe:88:c1:2a:
2b:2c:8d:b3:57:05:eb:c1:3e:40:87:2e:0c:f8:96:ea:fa:47:
da:20:0f:94:56:b9:25:e8:54:e6:62:6b:a9:cb:46:01:c7:0b:
64:8d:28:66:61:ed:66:90:8d:90:34:9c:fb:03:21:3a:ed:19:
29:64:c8:09
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUfb4RAWmY2R6EHhiGFKvcdZUgrAswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTcxNjM4NTFaFw0yNTA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDk3N2UyZGM0MTg4MDk0OGUzYWI4MDViMWQ2NjI2ZjM5MTk2YjA2MWI3Yzlk
NGY2ZjIzMDgyZmE1ZWNjNzYwNTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKcuSuRcRYWvHF9Sb6YZ8136UMTf+VeHpgno3NHhboBfnKc6nZ5B6tMCJveZ
6yP8ARyro/2sQTePOwdGKoLR9Svdvj1jD6KCTK3ImVN6360LfVhxNpjz29F7GXGT
297RmVnxbqIikZD7YPSAsBiaqvtmRrlYfDEbZixaA7FT2/KU88gEy595bxZ+TMvG
JdG36W454oVbxjqlBucfskvPkWeM5/Mky74xGaMyVbgYnd33s6ZFFtU7caA5KgAo
R750MCHlaoLDQYjZza5wNd/CUBjsbl6zCjhvcuSuI/5oFRIBIlzeC6ZzZR3mnsak
6dl1XYtO8Sy8MTywfXI/16qUpHcCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBR6dsyf
TOFrakRFNRbtMvEdAMETSTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjNmODRkZDEtNWU5MC00NDljLTk3NjMtNWE5ZTEzMWIxNmQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0G4w
DQYJKoZIhvcNAQELBQADggEBAK8MDRrwiG9n8kFAbTfGwa3qdQa+GuMOuuGp/MB+
tk1K4UotOSZrf/uKQekV36ZWRC8zLoV8mhR5aIFEx2Vkr3WOtRNqPhC4SqHyAtM7
AiiVi+ponAagWCD3KsRq4lz+NLWwKadoigPTjTc53xZ/El8AelBZ7VZulMvGu4+t
/Oub005qLLLa6KwnSfXIhe/psPqM+lvcohad94QDzp9iEGOJaWJAqM7KvZYNjiZc
/3pT74+yP04Mi9FRZGJGoANbtBdn/ojBKissjbNXBevBPkCHLgz4lur6R9ogD5RW
uSXoVOZia6nLRgHHC2SNKGZh7WaQjZA0nPsDITrtGSlkyAk=
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:25 2025 by rpki-client