Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c46a0827-1052-46e2-ad52-4a27d9a65f24.roa
File: c46a0827-1052-46e2-ad52-4a27d9a65f24.roa (raw, json)
Hash identifier: VMLrVv7xUhuHbb9JSf3RyqEHXo7Xdlad0Nu6QwAHEeQ=
Subject key identifier: E0:4A:26:6E:C0:35:56:99:30:56:E8:B7:51:1A:DA:ED:D3:83:54:5F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0FA7B7205CF9BC282713CF73B5CB5500E6C0E981
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c46a0827-1052-46e2-ad52-4a27d9a65f24.roa
Signing time: Fri 25 Apr 2025 20:21:28 +0000
ROA not before: Fri 25 Apr 2025 20:21:28 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:a7:b7:20:5c:f9:bc:28:27:13:cf:73:b5:cb:55:00:e6:c0:e9:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:21:28 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=b1929e68d25629f3098fc94e733a5fe7b404cfb418ec5e60c9aa9ee664e47662, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:30:5e:1e:ce:9e:ca:bd:f8:48:4a:cd:a3:78:
2a:7c:ad:d3:95:4a:68:c0:b7:a9:2d:a6:26:ec:cd:
e7:2a:f0:31:c5:2a:67:3b:e3:19:ae:67:4a:6d:72:
25:84:82:99:a0:91:b1:bb:b4:c0:00:83:98:51:ca:
f8:b7:a5:ae:e5:a4:d4:af:f0:a8:06:d2:7f:05:73:
2f:45:ee:f6:c0:2b:29:35:7d:4c:01:34:b1:63:dc:
33:92:14:21:1c:c2:b9:66:ef:eb:a9:1f:ab:8a:c4:
89:2a:4e:16:47:75:c7:3f:86:f8:6f:c5:64:61:86:
79:3f:9b:91:0f:02:0c:10:f5:1a:08:53:16:f4:ab:
86:b1:ba:71:c4:c0:31:c6:3f:2b:5e:f2:68:75:2c:
f7:7e:d5:1d:3f:8b:a8:d7:cd:d5:c2:fb:05:80:b1:
71:b9:3c:21:e4:ba:28:4d:89:a1:33:6e:1d:de:a0:
56:3d:d6:e4:7a:3e:51:bc:49:bc:1a:fa:cf:cc:77:
ab:c5:48:4e:1d:dd:e1:70:8e:19:39:95:ba:38:5c:
c5:e9:b4:a2:cf:9a:74:95:57:7d:ab:e1:c2:ab:96:
13:f8:a3:9a:3c:bd:47:df:33:49:a1:ff:c9:a6:61:
e4:13:63:b6:3b:a5:82:2d:16:59:86:02:32:1b:56:
42:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:4A:26:6E:C0:35:56:99:30:56:E8:B7:51:1A:DA:ED:D3:83:54:5F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c46a0827-1052-46e2-ad52-4a27d9a65f24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014::/36
Signature Algorithm: sha256WithRSAEncryption
6d:02:19:ca:20:97:0a:7e:bc:85:cf:16:d2:2e:3f:95:de:22:
e6:51:fd:6f:ee:88:c8:bd:b9:fd:b0:45:ae:0f:c6:72:5c:a6:
b5:be:37:97:77:fa:83:64:16:bc:0d:7c:49:fc:20:bd:ee:eb:
97:c7:7d:2c:12:15:9a:64:3a:44:04:9f:01:23:bd:50:bd:86:
fc:4d:55:b7:f6:40:ae:b2:15:eb:31:95:f7:d6:91:13:92:c3:
9b:e9:34:1d:9b:20:f4:b1:69:49:ee:2d:44:6c:2c:64:16:de:
50:e4:64:c8:46:98:41:5b:ba:3b:06:4e:44:5d:75:0f:45:30:
21:cf:e2:51:aa:e9:23:86:d8:23:6b:23:cc:3d:2e:1f:1a:07:
81:89:d0:a0:f1:8d:00:25:14:2e:34:15:f1:00:30:79:f3:c1:
05:46:6c:a2:66:0e:7f:c0:f0:3d:c3:2b:03:f8:56:46:13:5b:
a1:7a:d2:3c:10:ea:8f:21:a5:a7:ba:92:12:ca:6c:2f:3c:96:
da:f0:7f:8d:4f:cb:05:fb:a5:0c:8b:ad:0d:cb:2f:1f:8c:12:
c2:03:12:90:83:09:a2:2b:f4:5e:fa:2d:bc:ec:9b:60:03:fa:
fc:4b:f1:11:62:4a:17:3d:f2:93:b8:2c:bd:f1:d8:07:c6:c4:
ba:2d:b3:a4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUD6e3IFz5vCgnE89ztctVAObA6YEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDIxMjhaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxOTI5ZTY4ZDI1NjI5ZjMwOThmYzk0ZTczM2E1ZmU3YjQwNGNmYjQxOGVj
NWU2MGM5YWE5ZWU2NjRlNDc2NjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMcwXh7Onsq9+EhKzaN4Knyt05VKaMC3qS2mJuzN5yrwMcUqZzvjGa5nSm1y
JYSCmaCRsbu0wACDmFHK+LelruWk1K/wqAbSfwVzL0Xu9sArKTV9TAE0sWPcM5IU
IRzCuWbv66kfq4rEiSpOFkd1xz+G+G/FZGGGeT+bkQ8CDBD1GghTFvSrhrG6ccTA
McY/K17yaHUs937VHT+LqNfN1cL7BYCxcbk8IeS6KE2JoTNuHd6gVj3W5Ho+UbxJ
vBr6z8x3q8VITh3d4XCOGTmVujhcxem0os+adJVXfavhwquWE/ijmjy9R98zSaH/
yaZh5BNjtjulgi0WWYYCMhtWQnsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTgSiZu
wDVWmTBW6LdRGtrt04NUXzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzQ2YTA4MjctMTA1Mi00NmUyLWFkNTItNGEyN2Q5YTY1ZjI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BQA
MA0GCSqGSIb3DQEBCwUAA4IBAQBtAhnKIJcKfryFzxbSLj+V3iLmUf1v7ojIvbn9
sEWuD8ZyXKa1vjeXd/qDZBa8DXxJ/CC97uuXx30sEhWaZDpEBJ8BI71QvYb8TVW3
9kCushXrMZX31pETksOb6TQdmyD0sWlJ7i1EbCxkFt5Q5GTIRphBW7o7Bk5EXXUP
RTAhz+JRqukjhtgjayPMPS4fGgeBidCg8Y0AJRQuNBXxADB588EFRmyiZg5/wPA9
wysD+FZGE1uhetI8EOqPIaWnupISymwvPJba8H+NT8sF+6UMi60Nyy8fjBLCAxKQ
gwmiK/Re+i287JtgA/r8S/ERYkoXPfKTuCy98dgHxsS6LbOk
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:35 2025 by rpki-client