Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa
File: cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa (raw, json)
Hash identifier: V30bWIyUdgowAzBPk/BMcKlqO8Fl9sZt+WFff9l5kM0=
Subject key identifier: BF:F4:FD:00:BD:24:F0:41:10:3E:5C:39:6E:12:70:2C:08:2C:90:82
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 371A6F7B7B98B977F108BF12C2C8ABAD0ACF3CFF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa
Signing time: Fri 25 Apr 2025 19:10:45 +0000
ROA not before: Fri 25 Apr 2025 19:10:45 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:1040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:1a:6f:7b:7b:98:b9:77:f1:08:bf:12:c2:c8:ab:ad:0a:cf:3c:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:10:45 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=34c8e48e7ddf26f4784f8128574ac09208cb9c0744f1e2f48371ba1987009b09, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a9:be:d7:b1:85:08:a3:c5:e5:a9:99:91:c1:
4d:ba:77:2f:bd:1d:9e:eb:48:c0:4e:90:1b:97:fe:
6d:f4:2a:9e:72:de:2b:7f:73:24:dd:44:3b:65:65:
10:a7:15:a7:44:ff:82:e7:2d:26:1c:4c:83:11:cd:
fc:9f:7c:8e:c7:75:b5:de:05:df:63:cb:32:04:a5:
bd:f6:7c:48:9d:d7:e5:96:da:aa:d2:e7:5f:f3:fe:
15:19:fa:4c:7a:a4:8e:20:af:71:48:d9:5e:13:4f:
8f:ca:d3:0f:b7:c2:a5:b1:c6:33:08:24:c7:a5:ab:
4c:be:ac:da:58:db:13:17:25:bb:f7:d4:70:aa:e1:
33:78:d3:c7:b1:dc:c2:55:da:2d:6d:05:3b:56:01:
36:fc:b5:03:cb:74:bf:43:2c:88:ee:5f:60:8d:67:
a2:f8:14:35:3e:ff:79:84:b1:cc:79:57:cf:f7:b3:
b1:dd:29:ae:2d:32:4f:54:ea:d3:22:4e:97:7d:6d:
4b:f9:95:e7:68:f9:be:08:24:23:0f:e1:d5:5d:81:
f0:42:d7:7c:52:b1:00:39:66:f0:8a:88:b1:f5:13:
db:eb:d3:ec:e6:60:5a:c2:84:bc:d8:d3:ec:cb:80:
fb:3e:b1:db:c4:cf:0d:c2:bf:f4:ec:01:3d:76:49:
5a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:F4:FD:00:BD:24:F0:41:10:3E:5C:39:6E:12:70:2C:08:2C:90:82
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:1040::/48
Signature Algorithm: sha256WithRSAEncryption
46:a4:da:a2:20:58:52:53:74:a2:12:49:35:7b:47:9c:11:f8:
6b:0e:33:93:f1:ec:19:2a:3a:60:76:cf:54:57:61:de:f4:2d:
16:da:34:a8:99:cc:b0:7f:18:3b:4e:68:a1:f6:45:79:69:f3:
da:80:3e:b0:0c:e7:05:e2:74:c6:2b:73:98:93:f1:1e:79:5a:
83:45:8c:bf:5d:af:2f:85:04:cd:af:49:16:d1:dd:58:8c:6f:
96:dd:ae:25:fc:4e:f0:92:28:c7:29:cf:2c:3a:26:9b:74:86:
dc:7f:48:ad:24:63:74:1d:d5:8f:a4:9e:f7:7b:c7:f5:2b:91:
d5:4e:89:a8:59:41:9a:bc:c1:3b:0e:dc:8a:4a:8c:cd:b8:d7:
7a:c3:f9:c7:43:5e:db:45:4b:a1:35:b4:ab:28:32:1e:2f:1e:
e6:71:62:cb:9c:a2:5b:87:ca:c2:d7:89:cf:04:1e:69:3a:84:
ec:14:b0:0d:ed:88:3c:c6:18:01:c4:c9:59:8a:3b:f3:08:b0:
39:e9:f7:67:5f:e8:57:52:a1:a9:32:d0:d4:23:d1:5e:e1:af:
95:a4:79:86:6e:d4:c7:29:64:0c:6d:5e:7a:02:64:d3:45:85:
0f:dd:45:01:13:ac:a4:92:c1:52:7c:a4:90:6f:48:e5:79:d7:
2e:0c:9a:83
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNxpve3uYuXfxCL8SwsirrQrPPP8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTEwNDVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDM0YzhlNDhlN2RkZjI2ZjQ3ODRmODEyODU3NGFjMDkyMDhjYjljMDc0NGYx
ZTJmNDgzNzFiYTE5ODcwMDliMDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMqpvtexhQijxeWpmZHBTbp3L70dnutIwE6QG5f+bfQqnnLeK39zJN1EO2Vl
EKcVp0T/guctJhxMgxHN/J98jsd1td4F32PLMgSlvfZ8SJ3X5ZbaqtLnX/P+FRn6
THqkjiCvcUjZXhNPj8rTD7fCpbHGMwgkx6WrTL6s2ljbExclu/fUcKrhM3jTx7Hc
wlXaLW0FO1YBNvy1A8t0v0MsiO5fYI1novgUNT7/eYSxzHlXz/ezsd0pri0yT1Tq
0yJOl31tS/mV52j5vggkIw/h1V2B8ELXfFKxADlm8IqIsfUT2+vT7OZgWsKEvNjT
7MuA+z6x28TPDcK/9OwBPXZJWnsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS/9P0A
vSTwQRA+XDluEnAsCCyQgjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2FjODUwZjgtNWFhOS00YTU2LWFlYTItZTIyZDNhZmQ0ZTM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAQ
QDANBgkqhkiG9w0BAQsFAAOCAQEARqTaoiBYUlN0ohJJNXtHnBH4aw4zk/HsGSo6
YHbPVFdh3vQtFto0qJnMsH8YO05oofZFeWnz2oA+sAznBeJ0xitzmJPxHnlag0WM
v12vL4UEza9JFtHdWIxvlt2uJfxO8JIoxynPLDomm3SG3H9IrSRjdB3Vj6Se93vH
9SuR1U6JqFlBmrzBOw7cikqMzbjXesP5x0Ne20VLoTW0qygyHi8e5nFiy5yiW4fK
wteJzwQeaTqE7BSwDe2IPMYYAcTJWYo78wiwOen3Z1/oV1KhqTLQ1CPRXuGvlaR5
hm7UxylkDG1eegJk00WFD91FAROspJLBUnykkG9I5XnXLgyagw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:43 2025 by rpki-client