Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc59e421-ba1d-4f6a-aeba-9d5c673a7026.roa
File: bc59e421-ba1d-4f6a-aeba-9d5c673a7026.roa (raw, json)
Hash identifier: Sci2IRXFP0XnAVw+59xe2/Xsw6ArSZ0ZSpb/V644qd8=
Subject key identifier: 21:35:48:83:3E:79:F2:11:94:4B:45:BA:20:8E:A7:DA:AB:94:9D:63
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 39E62775A7679096F79B4F548483D5F3D642CC9F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc59e421-ba1d-4f6a-aeba-9d5c673a7026.roa
Signing time: Tue 15 Apr 2025 15:00:17 +0000
ROA not before: Tue 15 Apr 2025 15:00:17 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:e6:27:75:a7:67:90:96:f7:9b:4f:54:84:83:d5:f3:d6:42:cc:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:00:17 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=2a8447a29680acdf3970eca96f966405fdb3660f81d88fe0d09b81fe3bf3626b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:70:c6:85:1f:78:4e:42:cd:4a:4a:3c:fd:a2:
d2:05:35:94:d8:52:b2:b0:0c:07:4d:b4:16:5e:46:
bc:52:6d:7f:5d:98:66:dc:84:8a:c9:fe:d7:d7:22:
dd:45:19:c2:1c:70:99:1d:f7:d5:0a:d0:02:c8:e4:
6a:e2:75:d8:78:bf:14:af:5b:f0:c2:30:3d:99:c2:
00:42:fd:f1:a3:32:d5:2b:19:fe:31:a2:fe:51:da:
3a:1f:a9:0b:08:bd:99:b6:1e:b3:05:72:d2:6a:26:
52:30:81:a4:ef:88:14:7e:23:1d:a9:f4:e5:02:c0:
ce:38:86:c2:34:29:a5:71:f1:3a:ad:f3:b6:14:61:
5a:ae:03:33:1c:67:a9:1a:23:22:e5:91:77:1b:f9:
57:21:02:63:94:d0:39:72:61:93:63:e5:e9:a0:35:
90:0f:f3:44:c2:51:c5:78:61:41:a6:85:10:b6:72:
09:45:ff:ca:bf:60:d7:b4:d0:1b:c8:77:3f:c8:ab:
5b:de:12:ac:db:71:4c:e9:42:db:49:2a:6e:6c:b3:
fc:76:a7:25:bc:4b:9d:3e:e7:97:15:71:e9:5c:53:
a7:8b:b2:58:5f:67:f6:b4:64:a6:a5:73:49:9c:00:
47:d3:54:4a:5d:56:0e:6f:a2:5e:cd:25:2a:34:84:
f6:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:35:48:83:3E:79:F2:11:94:4B:45:BA:20:8E:A7:DA:AB:94:9D:63
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc59e421-ba1d-4f6a-aeba-9d5c673a7026.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:2000::/40
Signature Algorithm: sha256WithRSAEncryption
0a:8b:41:9c:69:08:fd:34:c8:e2:a5:78:25:a4:05:ee:37:c8:
11:e0:90:8c:8d:87:ee:8d:2a:9c:dd:6b:11:7a:b2:af:ec:33:
89:b9:63:7a:eb:ca:b3:bd:31:d5:af:6e:6a:b8:31:70:35:a3:
da:41:61:d8:8b:0d:ab:64:b5:88:b9:b2:36:e1:e6:54:0f:82:
4e:89:3b:1f:8c:04:89:f1:1c:db:16:a9:05:6b:19:a3:63:c5:
b3:51:b8:48:5c:03:d3:95:4c:b7:49:f6:bc:2f:f8:74:b9:0e:
71:ec:1e:23:87:77:9c:39:82:38:ae:72:ab:55:30:ae:90:f8:
a8:18:43:1e:de:14:08:45:db:56:7e:60:f9:31:7d:c0:e7:3c:
0c:99:71:7d:d0:1f:c6:33:e8:af:8d:66:66:00:6f:92:57:13:
50:97:23:d4:1b:46:bd:58:be:11:19:ff:5b:0d:e3:51:fc:12:
ac:1f:d1:b4:64:8d:b3:b2:86:73:6c:a8:7c:51:66:ce:8f:97:
eb:5b:91:86:88:e5:17:b9:f0:e3:4a:c7:ba:bc:fa:5f:24:8c:
71:72:ef:40:40:bb:35:24:6a:ed:b4:ea:38:38:ec:8a:b9:00:
2b:4f:f7:12:2b:4d:66:3c:8d:10:87:32:0c:68:08:b8:4d:9c:
34:72:e5:4d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOeYndadnkJb3m09UhIPV89ZCzJ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTAwMTdaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhODQ0N2EyOTY4MGFjZGYzOTcwZWNhOTZmOTY2NDA1ZmRiMzY2MGY4MWQ4
OGZlMGQwOWI4MWZlM2JmMzYyNmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN5wxoUfeE5CzUpKPP2i0gU1lNhSsrAMB020Fl5GvFJtf12YZtyEisn+19ci
3UUZwhxwmR331QrQAsjkauJ12Hi/FK9b8MIwPZnCAEL98aMy1SsZ/jGi/lHaOh+p
Cwi9mbYeswVy0momUjCBpO+IFH4jHan05QLAzjiGwjQppXHxOq3zthRhWq4DMxxn
qRojIuWRdxv5VyECY5TQOXJhk2Pl6aA1kA/zRMJRxXhhQaaFELZyCUX/yr9g17TQ
G8h3P8irW94SrNtxTOlC20kqbmyz/HanJbxLnT7nlxVx6VxTp4uyWF9n9rRkpqVz
SZwAR9NUSl1WDm+iXs0lKjSE9osCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQhNUiD
PnnyEZRLRbogjqfaq5SdYzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmM1OWU0MjEtYmExZC00ZjZhLWFlYmEtOWQ1YzY3M2E3MDI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DAg
MA0GCSqGSIb3DQEBCwUAA4IBAQAKi0GcaQj9NMjipXglpAXuN8gR4JCMjYfujSqc
3WsRerKv7DOJuWN668qzvTHVr25quDFwNaPaQWHYiw2rZLWIubI24eZUD4JOiTsf
jASJ8RzbFqkFaxmjY8WzUbhIXAPTlUy3Sfa8L/h0uQ5x7B4jh3ecOYI4rnKrVTCu
kPioGEMe3hQIRdtWfmD5MX3A5zwMmXF90B/GM+ivjWZmAG+SVxNQlyPUG0a9WL4R
Gf9bDeNR/BKsH9G0ZI2zsoZzbKh8UWbOj5frW5GGiOUXufDjSse6vPpfJIxxcu9A
QLs1JGrttOo4OOyKuQArT/cSK01mPI0QhzIMaAi4TZw0cuVN
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:27:02 2025 by rpki-client