Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6a5acff-b5d8-4c80-9ecc-9415406576f2.roa
File: c6a5acff-b5d8-4c80-9ecc-9415406576f2.roa (raw, json)
Hash identifier: OpOrtJsYOIq9wgcOBi4DRfX7eQ0Vhwv0Q7mvTSjS4vo=
Subject key identifier: B3:E7:CD:C6:21:1B:8A:C8:04:74:FC:A4:71:A6:5B:C0:1A:7B:4F:19
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B8E376E35C74B9A3480B197A9FB8B7C158028D6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6a5acff-b5d8-4c80-9ecc-9415406576f2.roa
Signing time: Fri 25 Apr 2025 20:01:05 +0000
ROA not before: Fri 25 Apr 2025 20:01:05 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:8e:37:6e:35:c7:4b:9a:34:80:b1:97:a9:fb:8b:7c:15:80:28:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:01:05 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=dacd0f43363e14050bb8f59dcb70871434d5ad5609ee292accfc2b60d74bb835, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:61:bd:e5:68:6c:3f:9e:24:00:27:ae:e1:e3:
b4:2a:eb:fb:db:68:78:c6:0c:cd:83:80:f8:9b:40:
9b:ab:11:04:34:5d:c3:05:d6:9d:32:68:c2:2e:f4:
41:e8:37:22:12:16:61:1e:48:e3:9e:a0:75:c9:30:
d2:cc:d2:49:a0:1f:1e:8a:7c:aa:46:ee:05:d3:42:
29:d9:ae:90:9d:f2:6b:10:ef:c9:a7:4c:64:4f:e9:
7d:d7:6c:be:70:2b:16:cb:73:78:4b:4f:ff:1b:fe:
17:dc:10:2f:27:18:97:6d:0f:ab:68:e7:91:6d:65:
91:87:a4:a0:92:56:7a:e1:3f:4d:6d:73:74:56:eb:
53:c2:36:85:42:aa:22:a9:fc:aa:f1:b8:79:5b:15:
b0:55:73:ca:41:aa:51:c6:07:14:d9:41:df:d0:a3:
1c:59:e4:a6:fe:df:2e:cc:73:ad:32:eb:e4:2e:fc:
93:07:7a:aa:dc:23:72:28:19:80:48:b0:90:6e:f5:
94:fc:ec:03:05:b8:22:0b:22:f2:57:30:a1:ab:3e:
cc:07:1b:cf:cd:d6:dd:85:a7:d5:cd:e9:fa:b1:f9:
4b:e3:8e:8d:78:8b:b0:95:e9:aa:a2:88:25:19:86:
45:c3:3d:c0:7c:e3:f2:7e:53:63:04:18:54:bb:1f:
dd:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:E7:CD:C6:21:1B:8A:C8:04:74:FC:A4:71:A6:5B:C0:1A:7B:4F:19
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6a5acff-b5d8-4c80-9ecc-9415406576f2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:2000::/40
Signature Algorithm: sha256WithRSAEncryption
15:d7:23:6d:12:ce:91:50:8b:b0:68:94:38:77:c3:2b:31:08:
51:05:88:c0:40:d2:71:1e:78:ce:32:c7:ec:59:dc:fa:f1:07:
b1:95:f7:9e:99:b5:50:74:dd:17:c5:3c:52:0e:99:a3:83:91:
1f:95:78:89:f3:b9:bf:e5:df:6d:89:a4:89:fc:e3:d3:3b:09:
9a:f9:73:4e:0e:1a:3a:fd:84:91:79:6a:73:47:9c:6e:b9:3b:
71:66:30:6f:0d:94:fb:d0:cc:91:87:6f:00:c5:27:fb:f1:98:
3a:be:04:04:e1:71:a0:2a:94:72:f2:5c:fc:54:b8:a2:a9:b1:
f8:b8:62:e2:7f:d4:7c:9c:e0:03:e8:33:1b:4c:38:3d:3f:2e:
f1:c4:6a:b5:f6:24:bb:86:2d:6e:f1:e1:36:20:f5:c0:01:69:
72:e6:7e:12:1e:30:75:9d:05:4e:36:a8:48:67:de:ef:6d:83:
8d:24:54:de:57:83:97:59:b7:a7:b9:20:2e:2e:ef:91:97:70:
fd:7a:b6:ef:e6:63:86:15:4c:03:32:b1:60:b0:c9:fe:53:e9:
d8:a1:25:ec:84:1b:dd:91:06:36:72:c3:ee:20:48:f1:c0:59:
ea:8a:a0:80:1b:9c:59:7a:2f:65:db:26:d6:d6:f7:90:b8:29:
fc:be:bf:ae
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUC443bjXHS5o0gLGXqfuLfBWAKNYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDAxMDVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGRhY2QwZjQzMzYzZTE0MDUwYmI4ZjU5ZGNiNzA4NzE0MzRkNWFkNTYwOWVl
MjkyYWNjZmMyYjYwZDc0YmI4MzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO5hveVobD+eJAAnruHjtCrr+9toeMYMzYOA+JtAm6sRBDRdwwXWnTJowi70
Qeg3IhIWYR5I456gdckw0szSSaAfHop8qkbuBdNCKdmukJ3yaxDvyadMZE/pfdds
vnArFstzeEtP/xv+F9wQLycYl20Pq2jnkW1lkYekoJJWeuE/TW1zdFbrU8I2hUKq
Iqn8qvG4eVsVsFVzykGqUcYHFNlB39CjHFnkpv7fLsxzrTLr5C78kwd6qtwjcigZ
gEiwkG71lPzsAwW4Igsi8lcwoas+zAcbz83W3YWn1c3p+rH5S+OOjXiLsJXpqqKI
JRmGRcM9wHzj8n5TYwQYVLsf3ekCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSz583G
IRuKyAR0/KRxplvAGntPGTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzZhNWFjZmYtYjVkOC00YzgwLTllY2MtOTQxNTQwNjU3NmYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HUg
MA0GCSqGSIb3DQEBCwUAA4IBAQAV1yNtEs6RUIuwaJQ4d8MrMQhRBYjAQNJxHnjO
MsfsWdz68QexlfeembVQdN0XxTxSDpmjg5EflXiJ87m/5d9tiaSJ/OPTOwma+XNO
Dho6/YSReWpzR5xuuTtxZjBvDZT70MyRh28AxSf78Zg6vgQE4XGgKpRy8lz8VLii
qbH4uGLif9R8nOAD6DMbTDg9Py7xxGq19iS7hi1u8eE2IPXAAWly5n4SHjB1nQVO
NqhIZ97vbYONJFTeV4OXWbenuSAuLu+Rl3D9erbv5mOGFUwDMrFgsMn+U+nYoSXs
hBvdkQY2csPuIEjxwFnqiqCAG5xZei9l2ybW1veQuCn8vr+u
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:21 2025 by rpki-client