Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf5404c2-bcbe-4df4-86ce-72ceb067f666.roa
File: bf5404c2-bcbe-4df4-86ce-72ceb067f666.roa (raw, json)
Hash identifier: GhmtXj9cS84Rfo5b5pGhPpDpYe8tFZJS+zQ5dsHV5XQ=
Subject key identifier: C7:5B:DA:E7:A6:B0:36:2B:ED:7A:F1:1B:FF:97:B5:57:58:D9:67:66
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 659FF2ABC2D380E3A6823DD24C5559765EFC1450
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf5404c2-bcbe-4df4-86ce-72ceb067f666.roa
Signing time: Fri 25 Apr 2025 18:31:41 +0000
ROA not before: Fri 25 Apr 2025 18:31:41 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:9f:f2:ab:c2:d3:80:e3:a6:82:3d:d2:4c:55:59:76:5e:fc:14:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:31:41 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=d922ffab42000ec0c45b561cc1c8984b4df8d13a710c3faf7c674341b246fee3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6b:9b:41:22:76:87:8c:da:55:8a:a4:0c:e7:
38:09:3f:22:cc:e0:92:d5:ec:4d:42:aa:4d:0b:32:
2b:c9:81:77:e4:d0:a8:0d:b8:8c:04:18:65:eb:76:
d7:ba:f4:33:bd:31:83:14:e9:b4:de:79:67:f2:26:
2e:d8:fe:29:df:33:72:17:f5:43:eb:d0:f9:58:49:
18:7b:14:58:a2:c8:2f:78:a3:60:dd:3e:30:8a:1d:
c1:25:d9:f1:ef:ec:58:04:66:c7:8b:96:2f:5e:59:
71:45:3d:32:1c:68:69:6a:d3:42:ee:c2:17:75:2a:
a9:81:43:bc:32:28:00:6a:ea:f1:1a:7f:62:db:c1:
21:ed:e2:e0:fc:18:8d:91:41:79:17:3c:3a:ac:47:
4b:14:5b:de:b4:5c:32:48:3a:f9:c5:32:3c:9a:4b:
ae:f7:3f:d5:e5:f0:79:96:e2:17:47:8a:96:eb:df:
16:ae:82:5c:55:4f:3e:d4:f8:a7:ce:ff:52:20:ed:
72:f9:95:02:c7:9d:42:82:c7:d3:9b:ac:67:68:a9:
5b:f8:2c:75:50:91:b2:fb:fc:a5:0b:db:49:ea:b6:
25:6b:a8:df:d3:18:b7:b3:f9:4e:5d:9c:54:05:0f:
c8:1a:a6:2c:8a:aa:5c:95:b5:a6:7f:60:2c:e1:e6:
f8:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:5B:DA:E7:A6:B0:36:2B:ED:7A:F1:1B:FF:97:B5:57:58:D9:67:66
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf5404c2-bcbe-4df4-86ce-72ceb067f666.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4020::/48
Signature Algorithm: sha256WithRSAEncryption
bf:d5:37:16:47:ed:83:17:91:15:57:4f:63:a3:be:43:10:57:
ab:3d:50:8d:6f:00:17:ee:7d:94:7e:0b:c3:97:84:3b:92:5a:
25:39:56:51:62:2e:81:2b:33:38:71:6f:fe:0d:a9:68:0b:00:
6f:5b:8e:43:27:9e:b3:29:32:5e:ec:50:f1:6a:72:f8:61:1c:
de:ec:19:63:d6:09:c8:76:b5:13:de:cb:97:54:37:eb:16:47:
75:1a:71:1d:8a:09:66:c0:ee:a6:2a:e9:e0:70:6e:ea:d0:5f:
d7:1b:63:35:de:96:2b:03:c5:e9:54:95:42:63:23:bf:f2:ce:
e5:fa:56:6f:47:c5:74:7b:83:74:e8:8a:e7:ea:98:cc:e7:72:
56:7b:68:0f:d3:61:94:f5:92:38:f3:71:6b:b8:76:75:87:5c:
f1:9a:09:ed:67:8a:2b:d0:a3:33:5e:a4:13:2b:9f:25:5e:27:
09:e3:ec:84:b5:4d:56:93:4c:35:f2:be:d7:d8:fc:80:09:aa:
57:99:27:f1:ec:12:8b:d2:40:d1:8f:c3:98:d7:39:96:b8:83:
fc:1f:2a:5c:bf:78:aa:7b:0f:33:0d:e4:0f:94:8d:b8:45:a2:
48:60:75:3b:cf:2c:ed:b6:dc:e1:d3:e4:94:2c:20:ad:e9:99:
47:3d:72:e5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZZ/yq8LTgOOmgj3STFVZdl78FFAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODMxNDFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ5MjJmZmFiNDIwMDBlYzBjNDViNTYxY2MxYzg5ODRiNGRmOGQxM2E3MTBj
M2ZhZjdjNjc0MzQxYjI0NmZlZTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALRrm0EidoeM2lWKpAznOAk/IszgktXsTUKqTQsyK8mBd+TQqA24jAQYZet2
17r0M70xgxTptN55Z/ImLtj+Kd8zchf1Q+vQ+VhJGHsUWKLIL3ijYN0+MIodwSXZ
8e/sWARmx4uWL15ZcUU9MhxoaWrTQu7CF3UqqYFDvDIoAGrq8Rp/YtvBIe3i4PwY
jZFBeRc8OqxHSxRb3rRcMkg6+cUyPJpLrvc/1eXweZbiF0eKluvfFq6CXFVPPtT4
p87/UiDtcvmVAsedQoLH05usZ2ipW/gsdVCRsvv8pQvbSeq2JWuo39MYt7P5Tl2c
VAUPyBqmLIqqXJW1pn9gLOHm+EECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTHW9rn
prA2K+168Rv/l7VXWNlnZjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmY1NDA0YzItYmNiZS00ZGY0LTg2Y2UtNzJjZWIwNjdmNjY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
IDANBgkqhkiG9w0BAQsFAAOCAQEAv9U3FkftgxeRFVdPY6O+QxBXqz1QjW8AF+59
lH4Lw5eEO5JaJTlWUWIugSszOHFv/g2paAsAb1uOQyeesykyXuxQ8Wpy+GEc3uwZ
Y9YJyHa1E97Ll1Q36xZHdRpxHYoJZsDupirp4HBu6tBf1xtjNd6WKwPF6VSVQmMj
v/LO5fpWb0fFdHuDdOiK5+qYzOdyVntoD9NhlPWSOPNxa7h2dYdc8ZoJ7WeKK9Cj
M16kEyufJV4nCePshLVNVpNMNfK+19j8gAmqV5kn8ewSi9JA0Y/DmNc5lriD/B8q
XL94qnsPMw3kD5SNuEWiSGB1O88s7bbc4dPklCwgremZRz1y5Q==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:29 2025 by rpki-client