Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa
File: cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa (raw, json)
Hash identifier: m5gv05/PzCSYyzLos5lhvIpHzMeGxkI7l5tdFQY2cTo=
Subject key identifier: ED:DD:71:E0:A5:48:20:BA:F8:39:EA:8F:63:BA:0A:7F:AE:C1:CC:AA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69D5C18B1771AC7E47C4062A5C8E0AFE9273F86A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa
Signing time: Fri 25 Apr 2025 20:10:40 +0000
ROA not before: Fri 25 Apr 2025 20:10:40 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:d5:c1:8b:17:71:ac:7e:47:c4:06:2a:5c:8e:0a:fe:92:73:f8:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:10:40 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=8944e05afd0c65e98096bd47f2c75fb3ded77e01964f9fc9af030874ea4d8ee0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:28:86:2e:a2:3b:29:e1:d3:a5:ff:c7:21:1f:
93:46:06:ec:ca:e2:0b:67:27:b0:5b:13:e4:60:1d:
c7:30:1d:75:a8:9b:8b:b7:fd:aa:2e:af:6b:03:9d:
98:f8:73:d0:12:f0:8e:fd:88:0f:a9:11:74:f9:66:
2a:cf:dd:00:f8:6a:76:fb:d6:31:14:0c:34:e0:2f:
36:0c:a7:eb:5f:ce:ba:58:c8:8d:3e:7f:3c:ab:3e:
88:99:6f:af:00:2a:00:81:b6:8b:34:18:c5:8e:df:
94:85:2a:e1:0c:42:d2:25:d2:56:b3:0b:8a:8e:67:
ff:6c:c5:67:00:89:8e:d5:d7:97:55:e2:74:55:39:
31:23:35:97:49:e9:80:43:4c:2a:6b:b7:bf:ff:fc:
95:7c:da:bc:b3:4e:a7:f5:90:21:92:f4:6f:fe:7a:
01:e7:7c:f5:d8:d1:9f:6d:e7:f3:c5:f5:69:92:6c:
63:95:89:4d:2f:1a:86:cb:51:b6:4b:19:7e:d6:16:
73:41:3c:a8:62:79:cc:f0:a1:63:ba:82:74:41:75:
44:8a:74:99:2c:22:53:24:77:38:e5:95:73:59:fc:
1c:ad:84:c2:d7:a9:f1:e4:8e:b0:c3:11:1b:d7:09:
43:f0:6b:47:0f:b4:b7:09:19:93:f5:dd:0f:06:1a:
27:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:DD:71:E0:A5:48:20:BA:F8:39:EA:8F:63:BA:0A:7F:AE:C1:CC:AA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:a000::/40
Signature Algorithm: sha256WithRSAEncryption
5c:01:3a:74:75:17:6f:fe:5c:13:62:80:cc:9f:af:8e:db:70:
7b:5e:77:2d:6e:c2:13:e1:f5:66:3e:7f:fc:97:b3:1b:b8:8c:
89:ab:e6:da:5d:32:40:55:47:66:44:3e:36:dd:a2:a5:de:7f:
d8:76:2d:67:58:7d:3e:bd:b7:a9:9f:b3:0f:97:c3:cd:93:b8:
50:d8:55:35:c6:55:5c:ea:9d:ec:9f:0d:16:9a:f3:f0:96:15:
bc:85:a1:b8:df:ff:c0:f0:82:fe:4c:ff:f5:e7:54:da:23:9f:
18:25:66:8f:87:31:eb:d0:57:60:c0:af:78:53:0d:11:1f:ac:
90:d1:4a:ab:58:ec:f5:fb:bf:51:66:81:80:60:54:e6:a1:62:
74:17:f8:b3:21:92:0c:db:57:48:f0:72:28:56:79:4f:ed:14:
86:1c:b2:d9:7a:52:13:66:66:51:bc:94:5b:fe:3d:ae:b9:50:
04:58:5a:6b:4d:84:36:c7:22:6a:06:6f:d8:93:f9:6d:66:e1:
34:7b:8a:ea:5a:46:90:a2:77:e0:0c:d6:d8:7c:24:98:06:8c:
cc:e0:92:f2:69:d4:de:47:9e:4d:3b:36:a9:72:32:e3:54:0f:
53:70:ab:3d:a9:da:b2:7e:6d:11:78:05:78:96:58:f7:1f:1f:
24:30:12:94
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUadXBixdxrH5HxAYqXI4K/pJz+GowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDEwNDBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5NDRlMDVhZmQwYzY1ZTk4MDk2YmQ0N2YyYzc1ZmIzZGVkNzdlMDE5NjRm
OWZjOWFmMDMwODc0ZWE0ZDhlZTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK4ohi6iOynh06X/xyEfk0YG7MriC2cnsFsT5GAdxzAddaibi7f9qi6vawOd
mPhz0BLwjv2ID6kRdPlmKs/dAPhqdvvWMRQMNOAvNgyn61/OuljIjT5/PKs+iJlv
rwAqAIG2izQYxY7flIUq4QxC0iXSVrMLio5n/2zFZwCJjtXXl1XidFU5MSM1l0np
gENMKmu3v//8lXzavLNOp/WQIZL0b/56Aed89djRn23n88X1aZJsY5WJTS8ahstR
tksZftYWc0E8qGJ5zPChY7qCdEF1RIp0mSwiUyR3OOWVc1n8HK2Ewtep8eSOsMMR
G9cJQ/BrRw+0twkZk/XdDwYaJ2cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTt3XHg
pUgguvg56o9jugp/rsHMqjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2I0YTczZTEtYmU2Yi00Y2JhLWIxMzAtYTIyYmIzOWNmNjcxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DKg
MA0GCSqGSIb3DQEBCwUAA4IBAQBcATp0dRdv/lwTYoDMn6+O23B7XnctbsIT4fVm
Pn/8l7MbuIyJq+baXTJAVUdmRD423aKl3n/Ydi1nWH0+vbepn7MPl8PNk7hQ2FU1
xlVc6p3snw0WmvPwlhW8haG43//A8IL+TP/151TaI58YJWaPhzHr0FdgwK94Uw0R
H6yQ0UqrWOz1+79RZoGAYFTmoWJ0F/izIZIM21dI8HIoVnlP7RSGHLLZelITZmZR
vJRb/j2uuVAEWFprTYQ2xyJqBm/Yk/ltZuE0e4rqWkaQonfgDNbYfCSYBozM4JLy
adTeR55NOzapcjLjVA9TcKs9qdqyfm0ReAV4llj3Hx8kMBKU
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:07 2025 by rpki-client