Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7743543-1a04-47c2-8128-1b90de9136a9.roa
File: c7743543-1a04-47c2-8128-1b90de9136a9.roa (raw, json)
Hash identifier: C1aZ/RihEyoRibBH//7TB9Eo6sZ0L02KlrkM81YUUxs=
Subject key identifier: 10:04:D1:C0:F5:FA:FD:E3:1D:4A:87:4F:ED:E9:4C:67:F8:02:D5:26
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 11807071A3160E04970789FB6CE87149999C37C2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7743543-1a04-47c2-8128-1b90de9136a9.roa
Signing time: Fri 25 Apr 2025 18:41:25 +0000
ROA not before: Fri 25 Apr 2025 18:41:25 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8090::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:80:70:71:a3:16:0e:04:97:07:89:fb:6c:e8:71:49:99:9c:37:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:41:25 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=79223b2cb593095844be4d5e5bc4f75dbdc3be9a90de7a3a8db8d78d493993fe, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:88:96:42:13:d1:36:93:21:60:22:c7:5b:96:
43:3e:35:7b:de:85:3c:ed:62:fc:d9:de:b7:9e:ea:
89:4d:2d:12:d0:17:47:2e:88:7f:aa:f9:ef:ed:4a:
e4:52:4d:c9:3e:60:02:fa:68:6b:99:76:69:e1:15:
d1:3f:4f:21:29:01:a9:38:87:cf:b9:10:25:a2:ee:
cc:72:ea:ec:a0:03:a7:64:3c:b2:fd:f5:4d:32:9b:
4e:d7:4f:aa:2b:8b:4d:22:a4:90:8d:52:d9:48:df:
86:94:ab:47:ca:34:1d:bb:c9:ae:b7:06:56:0f:1d:
8a:f5:aa:fd:a5:92:80:d8:a3:de:8d:3d:02:0f:59:
fc:15:8e:f1:6f:cd:98:c1:14:50:bc:ec:06:c5:6b:
60:61:80:fe:7e:d8:07:c2:b9:1b:ae:40:ce:17:d3:
0a:25:c4:dd:11:f3:f9:42:67:26:a3:f7:87:53:e1:
96:11:ce:08:44:cc:e9:71:f6:83:5a:b3:b4:e0:e6:
4f:09:71:9c:f4:c4:f3:35:89:20:e6:87:35:5a:58:
a3:e1:e3:00:0b:9d:dd:f9:cd:ca:99:23:c2:4b:21:
e6:4e:ac:7f:ce:cd:f7:10:ee:f4:e3:79:c1:71:22:
98:ff:6b:81:df:2c:0c:4f:f1:77:31:3f:8c:df:ae:
47:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:04:D1:C0:F5:FA:FD:E3:1D:4A:87:4F:ED:E9:4C:67:F8:02:D5:26
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7743543-1a04-47c2-8128-1b90de9136a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8090::/48
Signature Algorithm: sha256WithRSAEncryption
b7:9a:dd:16:5e:67:5c:a2:9c:c6:82:36:6a:73:2d:97:30:72:
cf:bd:e2:70:05:6c:ab:46:80:f2:19:5c:20:00:c9:64:eb:53:
1d:f2:e8:cc:1b:2e:9e:f8:61:e5:16:4f:4c:66:4d:3f:4e:c8:
9b:32:c9:7a:3e:14:3b:6a:a1:16:dc:03:31:09:1e:64:d9:98:
87:de:2c:72:c1:18:35:00:08:c4:dc:5d:65:d9:01:4e:cf:cf:
ef:06:b8:2c:47:1c:7e:54:fc:c8:2e:07:da:c0:98:9d:c4:03:
85:14:56:1f:37:da:56:25:7e:50:b6:a8:7c:c6:13:e6:8c:28:
21:1b:d0:38:f7:29:a1:70:43:00:4b:cb:6d:4b:d6:ea:73:11:
4d:c3:53:2b:3b:30:0b:be:3f:e6:ea:9d:c6:4f:c9:e7:08:89:
32:bc:49:b3:b2:0f:4d:70:1c:0e:fe:7a:58:a3:a9:33:18:00:
fe:6f:19:00:b0:b1:04:5e:54:65:de:00:6b:71:39:19:6f:d8:
60:dd:60:20:ae:3a:3a:b3:0c:2e:43:66:a5:f1:3b:3f:08:ae:
00:e1:e8:ef:68:44:de:51:1b:43:1e:20:0c:3d:2d:15:69:75:
27:ce:62:6c:94:fc:96:26:e6:19:a5:3c:3d:f7:4f:8d:84:ac:
72:51:e5:a2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEYBwcaMWDgSXB4n7bOhxSZmcN8IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODQxMjVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDc5MjIzYjJjYjU5MzA5NTg0NGJlNGQ1ZTViYzRmNzVkYmRjM2JlOWE5MGRl
N2EzYThkYjhkNzhkNDkzOTkzZmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKyIlkIT0TaTIWAix1uWQz41e96FPO1i/Nnet57qiU0tEtAXRy6If6r57+1K
5FJNyT5gAvpoa5l2aeEV0T9PISkBqTiHz7kQJaLuzHLq7KADp2Q8sv31TTKbTtdP
qiuLTSKkkI1S2UjfhpSrR8o0HbvJrrcGVg8divWq/aWSgNij3o09Ag9Z/BWO8W/N
mMEUULzsBsVrYGGA/n7YB8K5G65AzhfTCiXE3RHz+UJnJqP3h1PhlhHOCETM6XH2
g1qztODmTwlxnPTE8zWJIOaHNVpYo+HjAAud3fnNypkjwksh5k6sf87N9xDu9ON5
wXEimP9rgd8sDE/xdzE/jN+uR/sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQQBNHA
9fr94x1Kh0/t6Uxn+ALVJjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yzc3NDM1NDMtMWEwNC00N2MyLTgxMjgtMWI5MGRlOTEzNmE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
kDANBgkqhkiG9w0BAQsFAAOCAQEAt5rdFl5nXKKcxoI2anMtlzByz73icAVsq0aA
8hlcIADJZOtTHfLozBsunvhh5RZPTGZNP07ImzLJej4UO2qhFtwDMQkeZNmYh94s
csEYNQAIxNxdZdkBTs/P7wa4LEccflT8yC4H2sCYncQDhRRWHzfaViV+ULaofMYT
5owoIRvQOPcpoXBDAEvLbUvW6nMRTcNTKzswC74/5uqdxk/J5wiJMrxJs7IPTXAc
Dv56WKOpMxgA/m8ZALCxBF5UZd4Aa3E5GW/YYN1gIK46OrMMLkNmpfE7PwiuAOHo
72hE3lEbQx4gDD0tFWl1J85ibJT8libmGaU8PfdPjYSsclHlog==
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:35:42 2025 by rpki-client