Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
File: be1170a3-5a68-4c9c-8b51-b7efde64b945.roa (raw, json)
Hash identifier: U+5svjlLypKUc0f01N7glpsXHYPOpLkelWoEQFofAZg=
Subject key identifier: 6F:58:C9:10:0E:6F:2A:3E:96:F0:03:D8:7A:5E:1A:82:6A:43:F6:14
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7A7646C42252598A4FE26E0CB173C47EBDAFEE7A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
Signing time: Fri 25 Apr 2025 19:40:12 +0000
ROA not before: Fri 25 Apr 2025 19:40:12 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:76:46:c4:22:52:59:8a:4f:e2:6e:0c:b1:73:c4:7e:bd:af:ee:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:40:12 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=69e80937a3c9dcaaee89d8d78914afcf9632a11a9b4cc277094dde03690b7b77, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:2f:fa:6d:7a:b6:6b:f0:17:a1:f2:49:3a:dc:
8a:16:5e:a7:a6:71:ce:3c:42:4e:91:17:9a:79:88:
ab:55:1b:bc:9c:82:75:35:f1:48:2d:14:0f:fe:b0:
e0:7d:df:cb:8a:f7:32:95:d8:bc:72:9c:dc:4a:e8:
f9:be:4c:a8:d5:37:b8:d5:e4:ea:02:2b:d0:71:7e:
99:68:ca:fa:a0:fa:99:a5:f4:6d:d1:fb:aa:5c:cb:
61:f0:a6:62:ec:f0:14:a9:a8:56:ec:94:a4:0f:4e:
88:51:c9:e5:b4:16:a3:0a:af:9c:e0:fe:e8:4f:04:
85:e3:b5:b2:77:5c:4f:82:a6:1e:d1:73:74:25:2c:
33:4a:36:f0:54:5c:eb:cd:85:d9:5c:e4:1c:c4:0a:
19:00:c1:53:db:5a:e1:47:cf:b0:2c:ff:bc:eb:f0:
ea:17:9c:50:99:7a:ea:da:eb:19:3e:45:1c:e6:7b:
01:de:eb:9a:b7:48:fc:9f:05:7c:63:dd:11:30:0b:
85:c4:0b:93:0f:0b:fc:ec:34:7b:4d:91:0d:4a:2e:
49:3c:7e:a1:46:29:13:1d:69:05:a8:80:20:63:ab:
fe:4e:16:28:82:f9:b7:95:6d:b0:b9:d4:22:a1:b5:
49:75:b2:63:94:c4:a8:ee:c2:58:7b:69:31:b7:50:
98:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:58:C9:10:0E:6F:2A:3E:96:F0:03:D8:7A:5E:1A:82:6A:43:F6:14
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:6000::/40
Signature Algorithm: sha256WithRSAEncryption
2e:04:2b:b4:f8:ea:a7:22:bd:b9:65:04:3a:4a:44:3f:15:6b:
a8:eb:5b:d2:3c:71:6e:f2:79:c4:98:ae:31:1d:77:ad:6d:16:
92:ef:44:79:f8:3c:42:ea:d3:0e:cf:21:16:86:f6:1f:02:03:
c9:23:98:a7:72:d9:9b:99:2c:5a:8b:ab:05:fc:4c:3d:fb:c0:
4c:f6:6f:d1:ca:c9:9e:14:b8:6c:cd:b1:ad:9d:95:c3:d0:cf:
5b:ca:c6:fe:04:3d:0d:e9:04:f3:bf:d6:24:01:41:b0:b0:fe:
20:d8:bf:50:b0:d0:04:6a:9d:c3:67:ff:ad:43:17:46:ea:d7:
f5:a2:de:a7:10:ae:14:91:42:4e:3a:71:b8:d2:06:90:dc:0e:
a0:14:8e:c6:8f:82:e5:84:4f:59:60:14:20:d0:81:0b:7a:ad:
3d:84:b7:ff:00:99:15:7b:17:00:90:c2:98:97:5c:9f:5b:50:
64:65:e2:04:fe:9d:07:d0:71:ad:db:c5:e9:a9:f5:9e:7c:ab:
44:fe:35:4b:73:70:c2:fe:73:e8:99:e9:30:f9:ed:d4:b2:09:
7c:80:93:c6:b6:4e:af:d1:c7:48:ba:ed:4c:3f:76:f3:4b:28:
75:07:3a:a1:ae:59:e2:0d:32:2a:37:72:13:94:ce:09:29:c9:
87:28:f5:39
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUenZGxCJSWYpP4m4MsXPEfr2v7nowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTQwMTJaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDY5ZTgwOTM3YTNjOWRjYWFlZTg5ZDhkNzg5MTRhZmNmOTYzMmExMWE5YjRj
YzI3NzA5NGRkZTAzNjkwYjdiNzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKIv+m16tmvwF6HySTrcihZep6ZxzjxCTpEXmnmIq1UbvJyCdTXxSC0UD/6w
4H3fy4r3MpXYvHKc3Ero+b5MqNU3uNXk6gIr0HF+mWjK+qD6maX0bdH7qlzLYfCm
YuzwFKmoVuyUpA9OiFHJ5bQWowqvnOD+6E8EheO1sndcT4KmHtFzdCUsM0o28FRc
682F2VzkHMQKGQDBU9ta4UfPsCz/vOvw6hecUJl66trrGT5FHOZ7Ad7rmrdI/J8F
fGPdETALhcQLkw8L/Ow0e02RDUouSTx+oUYpEx1pBaiAIGOr/k4WKIL5t5VtsLnU
IqG1SXWyY5TEqO7CWHtpMbdQmCkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRvWMkQ
Dm8qPpbwA9h6XhqCakP2FDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmUxMTcwYTMtNWE2OC00YzljLThiNTEtYjdlZmRlNjRiOTQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFg
MA0GCSqGSIb3DQEBCwUAA4IBAQAuBCu0+OqnIr25ZQQ6SkQ/FWuo61vSPHFu8nnE
mK4xHXetbRaS70R5+DxC6tMOzyEWhvYfAgPJI5inctmbmSxai6sF/Ew9+8BM9m/R
ysmeFLhszbGtnZXD0M9bysb+BD0N6QTzv9YkAUGwsP4g2L9QsNAEap3DZ/+tQxdG
6tf1ot6nEK4UkUJOOnG40gaQ3A6gFI7Gj4LlhE9ZYBQg0IELeq09hLf/AJkVexcA
kMKYl1yfW1BkZeIE/p0H0HGt28XpqfWefKtE/jVLc3DC/nPomekw+e3Usgl8gJPG
tk6v0cdIuu1MP3bzSyh1BzqhrlniDTIqN3ITlM4JKcmHKPU5
-----END CERTIFICATE-----
Generated at Mon Apr 28 13:15:53 2025 by rpki-client