Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b40dd9ec-4177-448f-b3c2-9372632cd0a3.roa
File: b40dd9ec-4177-448f-b3c2-9372632cd0a3.roa (raw, json)
Hash identifier: ZrrSjrXizgZxlLkesnkKMChyPSEx8uJWItuDJWJ3mmQ=
Subject key identifier: CC:69:09:F8:7A:3C:CE:1C:50:03:C5:E1:3C:82:4F:D5:31:96:4A:32
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 739B0094B942299A70835E517E76774553550052
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b40dd9ec-4177-448f-b3c2-9372632cd0a3.roa
Signing time: Fri 25 Apr 2025 19:31:07 +0000
ROA not before: Fri 25 Apr 2025 19:31:07 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:c040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:9b:00:94:b9:42:29:9a:70:83:5e:51:7e:76:77:45:53:55:00:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:31:07 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=75515780eac296fc4dac42babdd359fe4b514dd325223b9697feea7f631a0699, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:62:67:c0:c9:89:19:5a:7f:eb:26:9e:01:b9:
52:e6:c4:f1:fb:e9:63:40:fa:97:29:2a:fb:96:8d:
f7:3f:05:d8:7d:1d:41:1f:66:28:00:df:f0:70:03:
c0:83:1f:e1:66:38:4c:df:78:12:83:7c:a9:d6:cf:
91:fa:cc:3a:30:b3:11:50:a2:45:eb:df:4c:3d:1f:
bd:bc:a6:12:4e:a5:47:79:0d:72:bc:42:89:30:f8:
22:f4:27:b6:da:9a:a5:8d:55:26:1b:35:96:24:a4:
36:ca:6b:62:cc:86:00:16:b3:74:06:b2:25:2d:43:
7c:93:b0:34:4a:7a:8e:f9:bd:16:b3:e5:3a:f4:70:
d0:67:b9:3b:57:cd:c5:46:7e:4f:01:55:10:72:4e:
1e:9e:50:11:93:24:4e:69:7a:a2:34:aa:fd:e9:2f:
cd:2d:2d:7b:51:48:ec:07:2e:5a:53:68:3c:47:1a:
7b:b2:84:1e:f1:64:50:40:30:75:e9:56:73:fc:3c:
c6:73:e6:db:4f:97:a1:ea:63:f1:81:54:eb:07:67:
ec:a8:4a:2c:3f:3a:de:41:da:a9:e1:ff:55:d5:0f:
10:0a:13:4d:21:85:95:b2:1d:a1:c3:d1:96:4b:3d:
03:e4:63:5e:a2:5f:5b:cf:0f:ca:2f:8e:38:52:dc:
34:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:69:09:F8:7A:3C:CE:1C:50:03:C5:E1:3C:82:4F:D5:31:96:4A:32
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b40dd9ec-4177-448f-b3c2-9372632cd0a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:c040::/46
Signature Algorithm: sha256WithRSAEncryption
30:54:9f:b8:5b:3d:3b:b0:80:91:fa:07:c3:be:ad:ff:b6:fa:
76:8c:47:5a:82:64:e8:36:2a:db:82:c7:54:c3:2a:d4:b6:9b:
18:9a:4e:5b:17:6c:15:80:c8:4b:54:c8:31:3a:69:15:6c:ee:
9c:75:14:34:90:1f:c0:79:3e:76:70:86:9d:ec:85:f0:3f:46:
0e:96:a5:f0:23:d6:34:e0:68:8c:ff:39:fc:5b:b4:87:89:9c:
81:83:a9:21:9f:80:99:2c:70:0f:83:3c:67:3e:7e:a6:f1:af:
52:4a:42:4d:19:d3:c8:81:8f:81:a8:59:53:fa:53:04:8c:63:
9f:e3:79:a5:f1:5a:c6:2f:3a:03:84:da:71:6f:8a:ff:c3:95:
25:17:a7:7c:3f:24:78:55:38:d7:b7:81:7a:6e:13:39:71:57:
3e:81:e2:75:21:c6:5f:ca:44:4b:5a:3f:ec:dc:d0:d2:ff:0e:
64:6f:81:08:16:eb:d4:fe:51:57:b7:5f:e3:bc:7c:7f:b9:1f:
6c:98:44:b3:51:15:ed:b2:eb:1d:66:39:1f:e5:bf:5f:1a:b0:
3b:fa:67:5c:87:9b:2c:57:2b:93:41:39:6a:ff:67:db:74:e2:
01:7e:26:8f:e2:28:01:ea:27:a8:1c:e3:ef:f0:2e:fe:79:97:
ea:19:11:54
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUc5sAlLlCKZpwg15RfnZ3RVNVAFIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTMxMDdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDc1NTE1NzgwZWFjMjk2ZmM0ZGFjNDJiYWJkZDM1OWZlNGI1MTRkZDMyNTIy
M2I5Njk3ZmVlYTdmNjMxYTA2OTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAONiZ8DJiRlaf+smngG5UubE8fvpY0D6lykq+5aN9z8F2H0dQR9mKADf8HAD
wIMf4WY4TN94EoN8qdbPkfrMOjCzEVCiRevfTD0fvbymEk6lR3kNcrxCiTD4IvQn
ttqapY1VJhs1liSkNsprYsyGABazdAayJS1DfJOwNEp6jvm9FrPlOvRw0Ge5O1fN
xUZ+TwFVEHJOHp5QEZMkTml6ojSq/ekvzS0te1FI7AcuWlNoPEcae7KEHvFkUEAw
delWc/w8xnPm20+Xoepj8YFU6wdn7KhKLD863kHaqeH/VdUPEAoTTSGFlbIdocPR
lks9A+RjXqJfW88Pyi+OOFLcNKMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTMaQn4
ejzOHFADxeE8gk/VMZZKMjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjQwZGQ5ZWMtNDE3Ny00NDhmLWIzYzItOTM3MjYzMmNkMGEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HvA
QDANBgkqhkiG9w0BAQsFAAOCAQEAMFSfuFs9O7CAkfoHw76t/7b6doxHWoJk6DYq
24LHVMMq1LabGJpOWxdsFYDIS1TIMTppFWzunHUUNJAfwHk+dnCGneyF8D9GDpal
8CPWNOBojP85/Fu0h4mcgYOpIZ+AmSxwD4M8Zz5+pvGvUkpCTRnTyIGPgahZU/pT
BIxjn+N5pfFaxi86A4TacW+K/8OVJRenfD8keFU417eBem4TOXFXPoHidSHGX8pE
S1o/7NzQ0v8OZG+BCBbr1P5RV7df47x8f7kfbJhEs1EV7bLrHWY5H+W/XxqwO/pn
XIebLFcrk0E5av9n23TiAX4mj+IoAeonqBzj7/Au/nmX6hkRVA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:19 2025 by rpki-client