Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c575b6fa-c023-458f-85c8-9694aa053e43.roa
File: c575b6fa-c023-458f-85c8-9694aa053e43.roa (raw, json)
Hash identifier: p3tUJz1155zkmX1QWUNOMIaLxwiiE1M5MhnKDc5XMfw=
Subject key identifier: 6F:B6:A1:C8:5D:C2:AB:98:C1:88:AF:8D:4F:C3:38:C7:1A:C6:68:2A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1F1E15E90DE87ACAEE85B7DD246198BC8A688323
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c575b6fa-c023-458f-85c8-9694aa053e43.roa
Signing time: Fri 25 Apr 2025 18:31:34 +0000
ROA not before: Fri 25 Apr 2025 18:31:34 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:4080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:1e:15:e9:0d:e8:7a:ca:ee:85:b7:dd:24:61:98:bc:8a:68:83:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:31:34 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=3176e9606f933a9c8d9bed2dd3754bcb73d4bc87e2720e8a2607671cff63fe4b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:84:2b:3d:da:92:40:43:09:60:84:24:c1:90:
f0:f7:8d:6b:9b:ba:b1:98:a1:e8:00:e6:66:5a:e6:
c5:f5:59:2c:53:a4:03:9e:a2:c5:0d:59:2b:82:10:
3c:62:79:c6:d8:74:19:f2:21:f4:9f:5e:7c:a5:19:
18:aa:7c:b6:f6:7b:af:83:97:9c:55:30:4e:b0:40:
25:55:3e:23:f5:d1:5b:07:9b:82:6f:0e:83:02:4a:
e1:37:05:5e:53:c0:3f:ca:c6:ab:be:83:4e:1e:a4:
13:f9:3e:fc:cc:62:87:a7:9d:fc:8a:17:de:ef:f4:
e1:68:fc:73:6d:2d:55:ad:b4:8e:5a:86:f0:c4:ec:
a6:86:1a:b2:2e:f9:b8:33:9f:61:f2:4d:c5:11:d4:
0d:9b:be:10:38:b0:fa:fe:7c:fc:a4:ff:ec:e5:d1:
9f:3d:64:c7:ab:e1:43:73:a5:c8:90:78:c9:82:4c:
3d:55:1f:05:46:ec:3f:9c:74:5b:5b:2f:b0:70:ba:
7d:a4:bc:f4:89:82:29:6c:0f:2a:4a:d2:28:6b:9c:
f0:6d:7a:f1:14:e4:1e:aa:8e:f4:f2:9b:9c:34:60:
1d:c0:36:c7:ed:f3:d1:a5:c6:53:89:e8:fe:c8:66:
7b:bb:74:29:4e:2f:53:61:2a:00:64:b3:29:77:fb:
c5:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:B6:A1:C8:5D:C2:AB:98:C1:88:AF:8D:4F:C3:38:C7:1A:C6:68:2A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c575b6fa-c023-458f-85c8-9694aa053e43.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:4080::/48
Signature Algorithm: sha256WithRSAEncryption
a1:17:71:cf:6d:cd:5b:f0:a1:e8:4a:77:13:42:bd:86:4b:99:
c8:83:f2:68:4d:4e:23:cd:42:9f:98:02:9a:de:73:99:90:49:
a0:b9:ca:7e:5b:6b:b0:3b:63:37:dd:0d:e2:f5:11:e6:53:b2:
12:b5:fb:31:4a:12:1d:13:88:44:fb:3e:fe:7d:94:cb:d5:91:
ef:28:72:29:ee:3e:d9:1a:32:6f:0c:e7:5b:50:ba:36:cf:a4:
d5:61:b2:e2:ee:b1:24:6d:a3:e3:7c:b9:56:b2:07:17:1f:ea:
b1:2f:3b:b1:f2:54:50:7f:7f:03:f5:7a:ba:5f:ba:6f:5c:0f:
d6:5a:ea:62:37:b1:c7:c8:f5:50:7a:45:0a:59:59:ae:0d:8a:
b7:9c:43:71:dd:e3:4a:56:d1:cf:b3:94:44:22:d8:82:02:a2:
57:4f:e4:21:06:35:12:69:92:65:0b:07:d4:05:4a:80:2e:2c:
cf:ee:76:92:ae:17:a8:fc:2b:08:b7:5e:b2:fd:2e:a7:af:5f:
de:58:f4:16:cc:45:ec:c9:3a:bf:aa:ce:e7:76:99:41:c3:87:
d2:fa:01:c8:ae:ea:94:3a:f4:62:c5:36:33:f2:52:7e:71:bf:
9d:86:4c:67:f0:86:b0:18:6e:3a:a2:bf:45:aa:73:25:f0:b3:
c7:08:cb:bb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHx4V6Q3oesruhbfdJGGYvIpogyMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODMxMzRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxNzZlOTYwNmY5MzNhOWM4ZDliZWQyZGQzNzU0YmNiNzNkNGJjODdlMjcy
MGU4YTI2MDc2NzFjZmY2M2ZlNGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ6EKz3akkBDCWCEJMGQ8PeNa5u6sZih6ADmZlrmxfVZLFOkA56ixQ1ZK4IQ
PGJ5xth0GfIh9J9efKUZGKp8tvZ7r4OXnFUwTrBAJVU+I/XRWwebgm8OgwJK4TcF
XlPAP8rGq76DTh6kE/k+/Mxih6ed/IoX3u/04Wj8c20tVa20jlqG8MTspoYasi75
uDOfYfJNxRHUDZu+EDiw+v58/KT/7OXRnz1kx6vhQ3OlyJB4yYJMPVUfBUbsP5x0
W1svsHC6faS89ImCKWwPKkrSKGuc8G168RTkHqqO9PKbnDRgHcA2x+3z0aXGU4no
/shme7t0KU4vU2EqAGSzKXf7xVUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRvtqHI
XcKrmMGIr41PwzjHGsZoKjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzU3NWI2ZmEtYzAyMy00NThmLTg1YzgtOTY5NGFhMDUzZTQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFA
gDANBgkqhkiG9w0BAQsFAAOCAQEAoRdxz23NW/Ch6Ep3E0K9hkuZyIPyaE1OI81C
n5gCmt5zmZBJoLnKfltrsDtjN90N4vUR5lOyErX7MUoSHROIRPs+/n2Uy9WR7yhy
Ke4+2RoybwznW1C6Ns+k1WGy4u6xJG2j43y5VrIHFx/qsS87sfJUUH9/A/V6ul+6
b1wP1lrqYjexx8j1UHpFCllZrg2Kt5xDcd3jSlbRz7OURCLYggKiV0/kIQY1EmmS
ZQsH1AVKgC4sz+52kq4XqPwrCLdesv0up69f3lj0FsxF7Mk6v6rO53aZQcOH0voB
yK7qlDr0YsU2M/JSfnG/nYZMZ/CGsBhuOqK/RapzJfCzxwjLuw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:18 2025 by rpki-client