Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bad2460c-8206-4534-9b9b-355c2d524858.roa
File: bad2460c-8206-4534-9b9b-355c2d524858.roa (raw, json)
Hash identifier: 9nOrzyTWrxGNQhNV0BSwl1KWdLoWnrFsWnXSwH7L2uQ=
Subject key identifier: C8:05:9E:7F:D1:9B:1E:08:B1:96:E3:93:6E:F1:41:34:E5:D6:82:57
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 06E4D3A62C0638021B5EA5838866CED512BE7019
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bad2460c-8206-4534-9b9b-355c2d524858.roa
Signing time: Fri 25 Apr 2025 19:50:58 +0000
ROA not before: Fri 25 Apr 2025 19:50:58 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:e4:d3:a6:2c:06:38:02:1b:5e:a5:83:88:66:ce:d5:12:be:70:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:50:58 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=0b1f62a9cd8479db40c6269b6a1c7d9556e963651119d9eb6a43eaa751ed9eb9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:7e:b6:44:5e:9b:45:e0:72:c3:34:7e:ad:74:
9d:6e:48:70:04:16:82:65:68:06:63:82:1f:9f:66:
9e:7f:96:ef:21:3d:ca:07:dc:da:35:d3:d5:b8:d3:
ef:64:bd:ba:2e:08:2f:cb:63:ed:d9:68:46:2e:d8:
c8:c5:07:b1:77:cd:c3:04:7f:ca:ad:f4:b5:16:b0:
a1:4c:76:64:61:dc:23:b5:f9:45:15:81:ce:91:ca:
a9:9f:c7:b3:2c:18:c1:5f:51:2c:ae:73:d8:0e:5d:
b4:8c:da:19:ff:08:6d:5d:e8:63:69:4f:64:90:53:
0a:d8:37:05:0d:82:a0:c5:68:56:ee:13:59:44:91:
ed:a1:c3:4b:b4:84:aa:13:7d:6b:7e:02:d0:6d:df:
3d:6e:72:f7:88:de:19:1c:cc:e6:0a:07:f0:28:a3:
1b:84:32:3e:a1:dd:4d:46:68:41:1b:a0:33:d3:fc:
95:67:08:e3:e6:6e:d8:b3:da:70:82:3f:c7:0c:0a:
11:c5:21:4b:af:1a:6b:c5:82:2f:ee:3d:fb:28:6f:
90:52:d8:86:3e:f9:8f:c3:66:a5:2b:cd:17:cb:2e:
bf:5a:15:2f:d4:6e:23:49:14:77:9c:ca:07:4c:52:
ac:23:69:26:3e:11:03:83:cb:4b:b4:7a:27:89:9d:
a9:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:05:9E:7F:D1:9B:1E:08:B1:96:E3:93:6E:F1:41:34:E5:D6:82:57
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bad2460c-8206-4534-9b9b-355c2d524858.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:6000::/40
Signature Algorithm: sha256WithRSAEncryption
b1:34:64:27:2e:5a:ed:c8:2e:40:e9:63:98:df:1a:d1:00:6e:
4b:44:8c:5b:b2:5c:ee:07:a6:7b:81:e0:12:08:72:ed:5f:7f:
ae:1b:3b:94:52:6b:0a:62:b0:46:7f:d1:da:86:04:d0:36:0c:
ef:cf:4f:63:5a:e5:0f:eb:1f:b5:5a:47:ed:47:33:86:d2:7b:
8a:ed:1d:71:c7:16:3f:ff:30:9b:71:1f:54:fd:00:06:ef:39:
34:47:58:10:69:71:b9:46:81:2b:b4:14:8c:56:8f:4d:88:43:
c1:14:2a:dd:1a:2f:d1:37:45:40:00:12:16:6a:18:de:27:7e:
c6:3c:99:b5:58:0a:af:ad:ed:9f:5e:c5:33:f0:0d:79:d0:c7:
3b:aa:2f:09:6e:e7:df:d1:ac:91:9f:ea:08:bd:63:c3:f7:7f:
3a:41:63:ad:21:4b:b8:85:ff:fa:f8:f3:19:5f:73:db:a7:ea:
3d:d4:42:7e:b5:a8:94:06:6d:c1:48:bf:7e:9e:cd:94:2a:64:
3b:d0:aa:ac:17:79:5d:d1:2b:9c:c8:cc:2c:d5:b1:cc:78:8b:
a4:91:5d:ec:9a:c3:f6:b0:39:03:59:56:a2:dd:e1:23:0a:97:
49:6f:b5:22:e1:b0:2e:99:5e:dd:6e:ef:24:30:20:03:92:47:
43:00:05:fc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBuTTpiwGOAIbXqWDiGbO1RK+cBkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTUwNThaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDBiMWY2MmE5Y2Q4NDc5ZGI0MGM2MjY5YjZhMWM3ZDk1NTZlOTYzNjUxMTE5
ZDllYjZhNDNlYWE3NTFlZDllYjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOJ+tkRem0XgcsM0fq10nW5IcAQWgmVoBmOCH59mnn+W7yE9ygfc2jXT1bjT
72S9ui4IL8tj7dloRi7YyMUHsXfNwwR/yq30tRawoUx2ZGHcI7X5RRWBzpHKqZ/H
sywYwV9RLK5z2A5dtIzaGf8IbV3oY2lPZJBTCtg3BQ2CoMVoVu4TWUSR7aHDS7SE
qhN9a34C0G3fPW5y94jeGRzM5goH8CijG4QyPqHdTUZoQRugM9P8lWcI4+Zu2LPa
cII/xwwKEcUhS68aa8WCL+49+yhvkFLYhj75j8NmpSvNF8suv1oVL9RuI0kUd5zK
B0xSrCNpJj4RA4PLS7R6J4mdqfMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTIBZ5/
0ZseCLGW45Nu8UE05daCVzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmFkMjQ2MGMtODIwNi00NTM0LTliOWItMzU1YzJkNTI0ODU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H5g
MA0GCSqGSIb3DQEBCwUAA4IBAQCxNGQnLlrtyC5A6WOY3xrRAG5LRIxbslzuB6Z7
geASCHLtX3+uGzuUUmsKYrBGf9HahgTQNgzvz09jWuUP6x+1WkftRzOG0nuK7R1x
xxY//zCbcR9U/QAG7zk0R1gQaXG5RoErtBSMVo9NiEPBFCrdGi/RN0VAABIWahje
J37GPJm1WAqvre2fXsUz8A150Mc7qi8Jbuff0ayRn+oIvWPD9386QWOtIUu4hf/6
+PMZX3Pbp+o91EJ+taiUBm3BSL9+ns2UKmQ70KqsF3ld0SucyMws1bHMeIukkV3s
msP2sDkDWVai3eEjCpdJb7Ui4bAumV7dbu8kMCADkkdDAAX8
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:47:11 2025 by rpki-client