Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bed4158d-91b8-4ba5-81d9-75a65b550b92.roa
File: bed4158d-91b8-4ba5-81d9-75a65b550b92.roa (raw, json)
Hash identifier: Ibz3z/S6qODxMMSaMDe4SSW8ET6yp5tmG+KI4cvodOU=
Subject key identifier: 4B:FA:4D:6C:9F:D2:EB:BD:CD:31:33:96:17:E6:36:01:D9:95:0F:D4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3BA84810A5370794262832CED8305A3E6058367A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bed4158d-91b8-4ba5-81d9-75a65b550b92.roa
Signing time: Fri 25 Apr 2025 18:10:51 +0000
ROA not before: Fri 25 Apr 2025 18:10:51 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:60c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:a8:48:10:a5:37:07:94:26:28:32:ce:d8:30:5a:3e:60:58:36:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:10:51 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=d0ad8018ee7ce03e61887f1bab1a67db75e51ca458deb8bed2b164877c22bb5c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:9d:5e:e3:26:c0:d9:1d:d9:a4:85:e4:ca:f8:
72:b4:73:9e:2d:27:88:9d:30:cc:8f:ca:39:f2:d0:
53:ef:f4:9a:7d:ef:13:73:1c:ad:e4:f6:29:08:79:
8a:e2:c6:b9:22:8b:85:2e:55:8d:0b:db:f3:44:fd:
e7:a0:90:37:94:5d:57:73:6c:d8:25:4a:7c:bc:d3:
28:f9:5d:e4:85:0e:c6:7a:2a:0f:6c:c2:31:38:01:
13:e3:fa:fc:f4:a0:3a:7c:70:fc:bc:92:b7:00:37:
f3:49:f0:2a:9c:dd:5c:f3:9e:87:e0:17:11:59:99:
29:b8:c3:3f:eb:c7:25:ab:12:a1:87:5e:bb:a5:c8:
db:63:fc:87:aa:0e:82:5d:69:a4:39:4b:f4:6f:4c:
c6:0b:10:ae:4b:0b:ca:65:81:2c:40:fa:4f:76:7f:
30:bd:43:0b:8f:b3:c5:db:5e:04:8b:75:26:81:48:
49:6d:93:42:9b:cf:aa:1e:43:90:42:5f:5f:82:53:
26:70:46:5b:02:de:6c:af:f6:81:c9:79:b0:01:e8:
3d:dd:4b:38:46:75:5c:78:32:0e:fd:8f:8e:49:a9:
fa:8c:20:41:d0:fc:72:63:12:b5:a4:73:8f:32:df:
f4:62:7d:74:35:15:c2:2c:1b:a3:59:83:b0:1b:80:
d3:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:FA:4D:6C:9F:D2:EB:BD:CD:31:33:96:17:E6:36:01:D9:95:0F:D4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bed4158d-91b8-4ba5-81d9-75a65b550b92.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:60c0::/48
Signature Algorithm: sha256WithRSAEncryption
80:c9:c9:ed:89:32:5b:52:4d:5d:0b:61:27:ce:31:c4:da:64:
3f:e0:10:9a:86:8d:ee:d5:7f:69:d9:7b:2f:d1:ba:99:b7:b2:
35:6f:a5:d5:8b:6a:71:f8:e5:c0:1b:34:b2:ce:44:01:fb:00:
b2:e0:72:31:3d:ca:c3:96:48:82:ee:e2:db:f3:86:22:79:61:
4b:ce:20:fc:b2:32:dd:6c:66:02:ca:93:9e:58:d9:38:e6:7e:
82:9c:da:94:87:87:b2:41:f8:19:62:b6:a3:2a:ac:14:05:80:
18:29:a5:98:c1:37:9c:71:65:ce:d9:f5:1c:61:d7:03:e1:3a:
0b:38:21:8c:2a:4e:01:37:b8:ea:62:5f:fb:d8:49:33:56:a1:
58:c6:50:fb:42:53:e6:a6:e1:97:fc:d7:d4:79:25:15:3d:04:
d3:a4:ad:f5:77:26:ab:16:04:26:e1:bc:ee:d0:d3:a5:1f:71:
bf:15:1b:2d:fb:94:f4:96:5f:6a:0b:e7:8e:ca:88:93:fb:17:
00:8e:8e:c0:6d:bd:ae:9e:6d:00:28:e1:9a:a3:4a:e6:8a:86:
30:aa:ee:57:6c:a9:14:56:57:fa:d9:7f:5c:40:67:32:56:2e:
62:de:e5:90:e1:e6:3a:54:e6:07:e9:f7:a9:29:20:3b:b7:bb:
94:25:05:97
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUO6hIEKU3B5QmKDLO2DBaPmBYNnowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODEwNTFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQwYWQ4MDE4ZWU3Y2UwM2U2MTg4N2YxYmFiMWE2N2RiNzVlNTFjYTQ1OGRl
YjhiZWQyYjE2NDg3N2MyMmJiNWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJKdXuMmwNkd2aSF5Mr4crRzni0niJ0wzI/KOfLQU+/0mn3vE3McreT2KQh5
iuLGuSKLhS5VjQvb80T956CQN5RdV3Ns2CVKfLzTKPld5IUOxnoqD2zCMTgBE+P6
/PSgOnxw/LyStwA380nwKpzdXPOeh+AXEVmZKbjDP+vHJasSoYdeu6XI22P8h6oO
gl1ppDlL9G9MxgsQrksLymWBLED6T3Z/ML1DC4+zxdteBIt1JoFISW2TQpvPqh5D
kEJfX4JTJnBGWwLebK/2gcl5sAHoPd1LOEZ1XHgyDv2Pjkmp+owgQdD8cmMStaRz
jzLf9GJ9dDUVwiwbo1mDsBuA030CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRL+k1s
n9Lrvc0xM5YX5jYB2ZUP1DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmVkNDE1OGQtOTFiOC00YmE1LTgxZDktNzVhNjViNTUwYjkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABg
wDANBgkqhkiG9w0BAQsFAAOCAQEAgMnJ7YkyW1JNXQthJ84xxNpkP+AQmoaN7tV/
adl7L9G6mbeyNW+l1YtqcfjlwBs0ss5EAfsAsuByMT3Kw5ZIgu7i2/OGInlhS84g
/LIy3WxmAsqTnljZOOZ+gpzalIeHskH4GWK2oyqsFAWAGCmlmME3nHFlztn1HGHX
A+E6CzghjCpOATe46mJf+9hJM1ahWMZQ+0JT5qbhl/zX1HklFT0E06St9XcmqxYE
JuG87tDTpR9xvxUbLfuU9JZfagvnjsqIk/sXAI6OwG29rp5tACjhmqNK5oqGMKru
V2ypFFZX+tl/XEBnMlYuYt7lkOHmOlTmB+n3qSkgO7e7lCUFlw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:09 2025 by rpki-client