Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa
File: b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa (raw, json)
Hash identifier: bZ4tBLbBTz4I2MTVaolvpuRFHU9lBIh6aOPcZB+NhRE=
Subject key identifier: 67:F8:40:76:50:FB:BB:47:9D:7C:08:13:3E:1B:0A:0A:B2:DA:35:8C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 26FD6117FD5AE14FF91AB293046328B5BF431C74
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa
Signing time: Fri 25 Apr 2025 19:10:54 +0000
ROA not before: Fri 25 Apr 2025 19:10:54 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:fd:61:17:fd:5a:e1:4f:f9:1a:b2:93:04:63:28:b5:bf:43:1c:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:10:54 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=7fa4c8582172b664e5fa74a985a31224fd97e51be66aa59b8dfb3bd963526bc8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:cb:9d:1a:89:20:0b:44:76:5f:01:02:53:2b:
42:50:6a:7a:4a:c2:d5:4f:54:e1:42:61:9b:c5:b6:
32:f7:a3:50:b8:ea:5a:18:71:aa:b9:5a:09:bd:80:
11:5d:87:2f:e9:da:f8:6a:da:f8:82:e3:0f:3b:33:
42:97:14:0e:7f:6b:05:9d:06:6e:a7:a3:14:51:a7:
f1:12:d8:20:b4:6f:da:e3:ef:ec:0f:d1:73:f0:ed:
4a:5e:f7:ea:84:83:c5:18:95:89:e0:1b:66:26:1f:
81:fb:d7:ab:b1:bf:07:e7:f3:16:08:5d:f3:15:56:
26:72:bf:83:50:d4:4d:b1:cc:06:91:bf:47:57:d6:
fd:08:d5:8e:40:6a:19:d0:40:68:19:3b:a6:19:f1:
e4:26:92:bb:ec:25:36:06:f7:9a:8b:22:07:e3:1f:
94:cc:eb:dc:d9:a4:b3:41:c3:63:bb:90:62:2d:9d:
cf:ca:bf:24:94:d9:e8:6f:af:00:2c:eb:2f:09:7f:
5a:cf:f0:86:97:fe:c6:b5:82:93:d3:f9:09:e4:9c:
14:ae:c0:51:27:0d:4e:41:97:d8:84:59:8e:04:42:
00:36:74:53:30:a8:7b:13:b6:0b:8a:b3:41:77:34:
9d:ea:48:9c:78:f6:ad:83:af:b8:14:52:45:b4:4f:
21:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:F8:40:76:50:FB:BB:47:9D:7C:08:13:3E:1B:0A:0A:B2:DA:35:8C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4000::/40
Signature Algorithm: sha256WithRSAEncryption
28:44:51:87:87:38:93:2d:1c:75:ea:d2:6c:4a:bb:3e:58:8f:
54:eb:3e:41:71:b7:a5:94:99:93:04:25:6f:f4:36:71:e6:31:
9c:08:7c:8a:43:db:92:81:70:20:69:5f:33:35:d0:e9:e0:21:
31:8b:d8:8f:d2:7a:23:6a:63:32:4f:c9:6a:b6:a7:c5:3c:ad:
5c:85:d5:08:40:ea:bb:cb:b2:61:3f:dd:5a:26:bf:42:d8:9f:
43:ac:5f:e5:9d:f9:a3:92:8f:f1:31:db:58:50:e8:12:c5:46:
88:67:1b:79:ea:49:e1:6e:1b:f6:f3:bc:b2:ae:db:5d:7c:5f:
22:71:78:b1:f2:d2:2a:02:f9:ae:a8:e9:a3:ff:f9:73:49:76:
dc:5a:98:4a:6a:6a:d4:19:25:ef:c9:95:85:94:0e:b1:74:2b:
99:58:55:36:d2:f4:3a:d4:3a:39:6e:07:0f:8b:ca:1c:35:98:
a7:31:b0:2b:1e:e4:66:f7:a3:fe:68:4d:dd:38:23:01:9f:76:
97:bf:1f:1f:58:7c:67:f2:4c:92:94:f6:ad:33:ec:0d:a2:87:
7d:6f:3f:f0:18:11:a7:d3:b3:0c:18:16:99:e9:f0:2d:7d:86:
f7:92:d1:4b:f1:a7:aa:b3:50:e0:32:60:47:fd:cb:ca:5f:6b:
10:db:38:ca
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJv1hF/1a4U/5GrKTBGMotb9DHHQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTEwNTRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmYTRjODU4MjE3MmI2NjRlNWZhNzRhOTg1YTMxMjI0ZmQ5N2U1MWJlNjZh
YTU5YjhkZmIzYmQ5NjM1MjZiYzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMHLnRqJIAtEdl8BAlMrQlBqekrC1U9U4UJhm8W2MvejULjqWhhxqrlaCb2A
EV2HL+na+Gra+ILjDzszQpcUDn9rBZ0GbqejFFGn8RLYILRv2uPv7A/Rc/DtSl73
6oSDxRiVieAbZiYfgfvXq7G/B+fzFghd8xVWJnK/g1DUTbHMBpG/R1fW/QjVjkBq
GdBAaBk7phnx5CaSu+wlNgb3mosiB+MflMzr3Nmks0HDY7uQYi2dz8q/JJTZ6G+v
ACzrLwl/Ws/whpf+xrWCk9P5CeScFK7AUScNTkGX2IRZjgRCADZ0UzCoexO2C4qz
QXc0nepInHj2rYOvuBRSRbRPIcUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRn+EB2
UPu7R518CBM+GwoKsto1jDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjYxZjg1OGEtMzFiMS00ODVhLThjZWQtMGMzMjhjZTljNGUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H9A
MA0GCSqGSIb3DQEBCwUAA4IBAQAoRFGHhziTLRx16tJsSrs+WI9U6z5BcbellJmT
BCVv9DZx5jGcCHyKQ9uSgXAgaV8zNdDp4CExi9iP0nojamMyT8lqtqfFPK1chdUI
QOq7y7JhP91aJr9C2J9DrF/lnfmjko/xMdtYUOgSxUaIZxt56knhbhv287yyrttd
fF8icXix8tIqAvmuqOmj//lzSXbcWphKamrUGSXvyZWFlA6xdCuZWFU20vQ61Do5
bgcPi8ocNZinMbArHuRm96P+aE3dOCMBn3aXvx8fWHxn8kySlPatM+wNood9bz/w
GBGn07MMGBaZ6fAtfYb3ktFL8aeqs1DgMmBH/cvKX2sQ2zjK
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:12 2025 by rpki-client