Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa
File: ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa (raw, json)
Hash identifier: MVCGa+nG6/09qYGgpH178SO7ZCvx1Lre6ZYP7yJhg/s=
Subject key identifier: F6:B6:A2:66:DA:0F:08:7F:02:F8:D0:45:4B:6B:CA:3A:C1:81:3C:3D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 14C107D5A3724E8C48A0186A70E05F095DE388A2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa
Signing time: Fri 25 Apr 2025 20:10:22 +0000
ROA not before: Fri 25 Apr 2025 20:10:22 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:c1:07:d5:a3:72:4e:8c:48:a0:18:6a:70:e0:5f:09:5d:e3:88:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:10:22 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=9c7567d00e2fd5cc3164df36a1e042bf37d2f92d35dac71af0a24165018f00b8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:5d:bf:48:14:a6:00:7d:af:56:6a:cc:b1:e5:
9a:e6:7c:ee:11:7d:a2:ed:2d:af:63:83:35:a0:c9:
52:0a:b0:50:aa:8e:7e:59:00:82:88:49:3b:b3:c2:
fb:59:ec:30:30:62:3d:d1:16:9e:3a:1f:d4:63:af:
8c:83:bc:58:fe:c9:37:27:7d:af:c9:c6:89:7f:7c:
e3:13:ac:c9:2a:ae:b4:af:c6:00:21:4b:e9:9d:f8:
d8:fb:b4:bf:34:48:6c:0a:39:ea:d7:96:56:df:1a:
33:25:a5:f4:5d:e8:fd:55:f0:d6:05:ea:28:6f:bd:
c3:58:a7:04:5a:49:7e:48:c3:48:8c:24:93:a0:ac:
52:0d:40:df:9f:46:32:d4:dc:7d:d4:91:0c:f1:5d:
18:70:c8:3e:0b:c2:1a:d9:33:e0:fc:c4:bc:c2:d7:
13:c6:6a:a4:ee:22:32:43:b8:cc:3d:60:14:4b:8b:
81:ca:5e:71:eb:c8:cf:c7:f1:50:03:c4:14:06:22:
22:a5:12:84:55:a3:e3:46:b9:8b:7e:50:6e:47:03:
26:a7:12:80:9a:07:78:06:6e:57:91:31:6b:56:e8:
23:4a:38:61:22:ae:37:73:0c:ea:cc:a7:60:94:c3:
c5:10:52:6d:eb:c5:8d:40:f0:92:80:71:7a:70:c4:
55:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:B6:A2:66:DA:0F:08:7F:02:F8:D0:45:4B:6B:CA:3A:C1:81:3C:3D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011:800::/38
Signature Algorithm: sha256WithRSAEncryption
a9:a4:e6:43:a6:ab:15:cc:2b:48:b9:d9:73:70:d6:13:1a:69:
8e:6d:d7:b1:91:21:97:da:2c:d3:52:ae:3e:63:23:5a:3d:7c:
19:69:52:5f:37:56:ea:c0:3b:20:56:20:6d:7f:21:81:14:5d:
83:08:e5:7c:0f:5b:b4:37:61:49:13:96:4d:71:e7:39:54:9b:
2c:ac:58:4c:b2:9e:6a:7f:bd:58:7c:98:d5:7c:38:f0:8b:74:
1a:93:c7:98:c2:fb:7b:90:93:aa:18:6c:1e:47:c4:e0:26:c7:
4b:9b:ab:2c:ca:67:ce:7e:37:da:75:28:8d:df:8d:6f:96:46:
48:25:19:3a:76:ef:9d:57:ac:51:ae:87:98:9e:1f:8a:83:1a:
a6:ad:c0:99:dd:39:b6:73:30:99:5d:5a:78:27:9f:c4:17:b7:
25:0b:cf:09:f7:d8:db:a9:fc:69:6a:c6:5b:ad:0f:83:d1:70:
09:4a:4f:50:0f:13:d0:18:ca:f4:ae:43:c4:07:80:86:06:53:
36:43:46:7e:10:67:aa:6a:88:d0:1b:31:0a:34:17:65:9c:64:
32:08:4a:56:3d:4b:d4:7f:24:f4:07:73:54:15:1a:5f:f0:7e:
16:0d:cc:3b:3e:df:59:1d:c4:94:b2:c7:f9:d5:f7:c1:13:47:
bb:ce:39:48
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFMEH1aNyToxIoBhqcOBfCV3jiKIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDEwMjJaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDljNzU2N2QwMGUyZmQ1Y2MzMTY0ZGYzNmExZTA0MmJmMzdkMmY5MmQzNWRh
YzcxYWYwYTI0MTY1MDE4ZjAwYjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPRdv0gUpgB9r1ZqzLHlmuZ87hF9ou0tr2ODNaDJUgqwUKqOflkAgohJO7PC
+1nsMDBiPdEWnjof1GOvjIO8WP7JNyd9r8nGiX984xOsySqutK/GACFL6Z342Pu0
vzRIbAo56teWVt8aMyWl9F3o/VXw1gXqKG+9w1inBFpJfkjDSIwkk6CsUg1A359G
MtTcfdSRDPFdGHDIPgvCGtkz4PzEvMLXE8ZqpO4iMkO4zD1gFEuLgcpecevIz8fx
UAPEFAYiIqUShFWj40a5i35QbkcDJqcSgJoHeAZuV5Exa1boI0o4YSKuN3MM6syn
YJTDxRBSbevFjUDwkoBxenDEVXkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT2tqJm
2g8IfwL40EVLa8o6wYE8PTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmEwZTY5OTMtZTliZC00NGMwLWFhNDgtNDc2NTcwOGU1ZmYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BEI
MA0GCSqGSIb3DQEBCwUAA4IBAQCppOZDpqsVzCtIudlzcNYTGmmObdexkSGX2izT
Uq4+YyNaPXwZaVJfN1bqwDsgViBtfyGBFF2DCOV8D1u0N2FJE5ZNcec5VJssrFhM
sp5qf71YfJjVfDjwi3Qak8eYwvt7kJOqGGweR8TgJsdLm6ssymfOfjfadSiN341v
lkZIJRk6du+dV6xRroeYnh+KgxqmrcCZ3Tm2czCZXVp4J5/EF7clC88J99jbqfxp
asZbrQ+D0XAJSk9QDxPQGMr0rkPEB4CGBlM2Q0Z+EGeqaojQGzEKNBdlnGQyCEpW
PUvUfyT0B3NUFRpf8H4WDcw7Pt9ZHcSUssf51ffBE0e7zjlI
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:26 2025 by rpki-client