Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd129ecb-5978-40fd-ada8-5ab27adcb622.roa
File: cd129ecb-5978-40fd-ada8-5ab27adcb622.roa (raw, json)
Hash identifier: JKIPURlR5vHJGy+DDP30xXkKr2VCpwoRg3BhQ6AFY0U=
Subject key identifier: 4C:EE:78:AF:70:0E:13:B2:E6:D2:81:38:10:DB:06:8C:02:77:9D:1D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 621D76C0BA5690BEB3FD02E7DF45DE32C5EECE5E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd129ecb-5978-40fd-ada8-5ab27adcb622.roa
Signing time: Fri 25 Apr 2025 18:51:25 +0000
ROA not before: Fri 25 Apr 2025 18:51:25 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:1d:76:c0:ba:56:90:be:b3:fd:02:e7:df:45:de:32:c5:ee:ce:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:51:25 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=67c424eda7957d7b5be1fb286b5388ce48ad2e838619e0a9849b702879cd1f43, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:9f:5f:c9:4f:49:32:93:a1:91:45:90:49:1e:
7c:b1:b0:0b:d4:34:7e:90:78:59:c7:4e:a0:46:c2:
a5:2f:de:1c:5d:2e:c1:70:ff:59:28:b7:29:be:ea:
f3:9f:9c:1e:43:5d:4c:fe:b7:4d:b4:0a:82:bf:1d:
bb:6e:dc:0b:28:22:5b:be:2e:10:59:ba:66:37:c0:
fd:e6:13:d2:40:b0:7a:f2:c7:55:53:fe:1c:8c:ee:
cf:e4:0c:1a:e6:1f:ef:09:ca:9b:20:22:8d:a9:11:
8b:b4:7f:5f:cf:fc:09:d3:72:77:8e:1f:fa:e1:fd:
9c:70:1e:cd:42:29:02:60:c8:ae:92:30:39:c9:5b:
2c:3c:ed:a2:90:93:0a:04:63:b6:4b:bd:0f:22:6a:
0c:ed:3c:7e:be:01:90:5b:86:3a:f8:c5:b9:74:67:
b7:9e:89:8d:60:1e:ff:b4:ea:fb:31:09:b9:9b:a2:
9e:39:cb:0c:23:7f:5f:51:7b:b0:cd:3c:44:17:66:
2e:fc:33:2e:d3:f0:e6:82:a4:df:ee:81:f1:10:5f:
ee:bc:92:3e:07:d7:58:4e:6e:bc:95:28:ab:4c:3e:
97:4f:9d:5a:62:2b:a0:45:b6:2b:47:08:86:da:d2:
76:f5:1f:2a:3f:80:32:03:26:cb:86:15:d0:86:63:
cb:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:EE:78:AF:70:0E:13:B2:E6:D2:81:38:10:DB:06:8C:02:77:9D:1D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd129ecb-5978-40fd-ada8-5ab27adcb622.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
7b:8d:88:16:4c:c1:34:19:ea:72:24:fd:66:5d:81:11:47:90:
f9:ad:49:a9:96:60:e1:4d:21:14:1d:ed:7f:3c:38:96:59:33:
e5:6c:b9:6e:40:b2:ef:0c:b2:9d:f0:39:04:29:f0:70:d7:8e:
9c:4d:c9:6b:c3:7a:0d:46:cd:49:23:73:66:30:e8:24:13:e3:
3d:e5:ef:fe:b7:77:24:3f:b9:b8:74:cb:86:60:67:0c:34:ca:
f9:49:a2:0f:81:13:bd:80:4e:0d:08:1a:9e:39:a2:50:b5:9f:
02:ec:f1:74:f4:12:f0:dd:21:40:fb:fa:56:1f:48:3b:03:14:
70:2a:84:72:00:7b:64:38:88:46:4d:63:bb:0e:06:7a:33:da:
3c:16:01:da:9d:9f:48:50:3d:c1:17:3a:1c:5c:03:66:00:4a:
8b:14:c7:2d:ad:c9:01:63:cf:c7:49:3b:ab:6e:7b:87:93:4d:
53:8b:15:67:54:13:41:db:4d:ba:a8:b3:21:ca:e5:24:31:2e:
dc:64:f8:97:2f:d7:23:8f:f9:a2:50:fa:a8:7d:55:6c:85:fe:
58:83:80:2d:c3:8d:c4:16:d0:12:5e:8f:c9:9c:2f:23:4c:f0:
59:5d:74:93:4b:f3:6b:1a:51:e6:4d:d6:59:fe:fc:3c:60:ea:
fb:38:52:2f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYh12wLpWkL6z/QLn30XeMsXuzl4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODUxMjVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDY3YzQyNGVkYTc5NTdkN2I1YmUxZmIyODZiNTM4OGNlNDhhZDJlODM4NjE5
ZTBhOTg0OWI3MDI4NzljZDFmNDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKyfX8lPSTKToZFFkEkefLGwC9Q0fpB4WcdOoEbCpS/eHF0uwXD/WSi3Kb7q
85+cHkNdTP63TbQKgr8du27cCygiW74uEFm6ZjfA/eYT0kCwevLHVVP+HIzuz+QM
GuYf7wnKmyAijakRi7R/X8/8CdNyd44f+uH9nHAezUIpAmDIrpIwOclbLDztopCT
CgRjtku9DyJqDO08fr4BkFuGOvjFuXRnt56JjWAe/7Tq+zEJuZuinjnLDCN/X1F7
sM08RBdmLvwzLtPw5oKk3+6B8RBf7rySPgfXWE5uvJUoq0w+l0+dWmIroEW2K0cI
htrSdvUfKj+AMgMmy4YV0IZjy1UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRM7niv
cA4TsubSgTgQ2waMAnedHTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2QxMjllY2ItNTk3OC00MGZkLWFkYTgtNWFiMjdhZGNiNjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADg
wDANBgkqhkiG9w0BAQsFAAOCAQEAe42IFkzBNBnqciT9Zl2BEUeQ+a1JqZZg4U0h
FB3tfzw4llkz5Wy5bkCy7wyynfA5BCnwcNeOnE3Ja8N6DUbNSSNzZjDoJBPjPeXv
/rd3JD+5uHTLhmBnDDTK+UmiD4ETvYBODQganjmiULWfAuzxdPQS8N0hQPv6Vh9I
OwMUcCqEcgB7ZDiIRk1juw4GejPaPBYB2p2fSFA9wRc6HFwDZgBKixTHLa3JAWPP
x0k7q257h5NNU4sVZ1QTQdtNuqizIcrlJDEu3GT4ly/XI4/5olD6qH1VbIX+WIOA
LcONxBbQEl6PyZwvI0zwWV10k0vzaxpR5k3WWf78PGDq+zhSLw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:04 2025 by rpki-client