Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf464545-0601-4fd5-a3a2-f4f3c022f248.roa
File: cf464545-0601-4fd5-a3a2-f4f3c022f248.roa (raw, json)
Hash identifier: cY1e+QO3qLsMTaQlbZ3t3pHUnVPVK6PaVUrQy+g4Lwo=
Subject key identifier: 61:D5:65:E2:7B:8C:C4:E6:3A:49:2C:15:63:E0:14:06:B3:B1:35:D3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7CEB05080AEB05F194C8EE212CF522C52E97B6D0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf464545-0601-4fd5-a3a2-f4f3c022f248.roa
Signing time: Fri 25 Apr 2025 19:21:32 +0000
ROA not before: Fri 25 Apr 2025 19:21:32 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:8040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:eb:05:08:0a:eb:05:f1:94:c8:ee:21:2c:f5:22:c5:2e:97:b6:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:21:32 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=595e1609f532de6af2a82d3b2c6e33aec4d4e6f018a5e355335d825de0882dde, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:de:2c:bb:28:59:71:94:4e:ee:84:e5:b7:21:
7a:8d:04:6d:0a:8d:c0:99:57:19:9c:e8:b5:77:ad:
ae:97:6c:dc:7d:86:3c:d3:65:16:1d:9f:51:73:15:
f3:e8:94:da:4a:6f:c9:a8:35:4b:50:7d:b5:1b:32:
d5:de:81:a1:b8:f9:c4:7f:a9:61:1a:27:e1:53:06:
73:fd:18:52:cd:87:cb:7e:2d:27:3d:6a:13:e1:46:
c9:dd:43:a4:db:ab:e9:39:b0:2b:6a:ea:5f:41:09:
0d:df:16:9b:65:d0:04:b3:c6:f2:70:07:e0:db:64:
dc:c1:bd:c1:51:d5:a4:ff:98:0e:3e:40:ad:2f:7c:
86:d2:36:42:da:14:be:5c:b0:72:b7:a8:f0:8a:ba:
4f:a4:62:cf:01:b6:2e:af:c9:09:c8:87:bd:a6:93:
08:09:bb:b7:7e:00:40:14:18:c7:bd:56:1c:18:19:
2f:39:cc:47:df:86:55:21:a1:73:55:f5:5c:37:57:
67:d8:07:01:f9:1e:47:bb:c1:c7:e4:f2:9e:19:95:
df:b9:ba:07:29:47:8f:7a:6b:c5:0c:55:28:34:78:
69:8f:a3:8e:18:d1:65:63:4e:ef:16:99:93:c1:a5:
7e:9f:ee:62:f7:e0:13:4d:e9:2b:95:0c:49:5b:a2:
ab:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:D5:65:E2:7B:8C:C4:E6:3A:49:2C:15:63:E0:14:06:B3:B1:35:D3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf464545-0601-4fd5-a3a2-f4f3c022f248.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:8040::/46
Signature Algorithm: sha256WithRSAEncryption
82:6c:9d:81:4e:8a:6b:05:1a:54:18:82:17:3a:1f:42:f5:85:
65:bd:27:40:36:79:7d:e8:be:8a:be:a8:29:0f:a2:6d:62:59:
24:83:11:5d:1c:56:4a:75:04:03:63:73:9a:fc:6d:ce:06:bb:
e1:d9:cc:01:ac:97:de:44:c7:09:19:85:7c:64:33:31:f6:42:
d0:38:75:57:af:7b:f9:0f:68:95:64:e4:af:ae:fe:fb:e2:1f:
3d:69:b3:0c:e6:33:5c:a9:e9:7d:67:71:e7:b5:59:5f:bc:7d:
eb:8b:ac:e5:17:f7:aa:a7:8f:1f:84:c5:24:f5:b0:a2:f3:05:
75:0d:5b:63:e5:8a:ce:72:87:69:11:63:8f:b5:ef:e4:15:a4:
f5:e3:91:81:de:1a:86:ce:0b:bc:36:63:bb:71:54:34:5d:61:
2a:4b:bf:34:42:ff:0a:2d:20:7b:c9:12:e5:03:b3:4c:b4:af:
81:96:71:a1:60:77:9a:0f:6c:22:17:dc:47:38:5b:f1:41:c4:
c2:bf:2c:9c:8b:3b:1f:09:64:bb:fb:3e:c7:9e:11:a4:0f:e4:
b6:c8:db:09:6d:30:98:28:c3:05:36:20:ae:ad:69:71:3a:2a:
b5:e3:73:3a:c8:cd:ab:45:35:40:4a:93:d6:ac:a3:4c:1b:56:
11:84:9b:8f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfOsFCArrBfGUyO4hLPUixS6XttAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTIxMzJaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5NWUxNjA5ZjUzMmRlNmFmMmE4MmQzYjJjNmUzM2FlYzRkNGU2ZjAxOGE1
ZTM1NTMzNWQ4MjVkZTA4ODJkZGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOXeLLsoWXGUTu6E5bcheo0EbQqNwJlXGZzotXetrpds3H2GPNNlFh2fUXMV
8+iU2kpvyag1S1B9tRsy1d6Bobj5xH+pYRon4VMGc/0YUs2Hy34tJz1qE+FGyd1D
pNur6TmwK2rqX0EJDd8Wm2XQBLPG8nAH4Ntk3MG9wVHVpP+YDj5ArS98htI2QtoU
vlywcreo8Iq6T6RizwG2Lq/JCciHvaaTCAm7t34AQBQYx71WHBgZLznMR9+GVSGh
c1X1XDdXZ9gHAfkeR7vBx+TynhmV37m6BylHj3prxQxVKDR4aY+jjhjRZWNO7xaZ
k8Glfp/uYvfgE03pK5UMSVuiq3kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRh1WXi
e4zE5jpJLBVj4BQGs7E10zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2Y0NjQ1NDUtMDYwMS00ZmQ1LWEzYTItZjRmM2MwMjJmMjQ4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DWA
QDANBgkqhkiG9w0BAQsFAAOCAQEAgmydgU6KawUaVBiCFzofQvWFZb0nQDZ5fei+
ir6oKQ+ibWJZJIMRXRxWSnUEA2Nzmvxtzga74dnMAayX3kTHCRmFfGQzMfZC0Dh1
V697+Q9olWTkr67+++IfPWmzDOYzXKnpfWdx57VZX7x964us5Rf3qqePH4TFJPWw
ovMFdQ1bY+WKznKHaRFjj7Xv5BWk9eORgd4ahs4LvDZju3FUNF1hKku/NEL/Ci0g
e8kS5QOzTLSvgZZxoWB3mg9sIhfcRzhb8UHEwr8snIs7Hwlku/s+x54RpA/ktsjb
CW0wmCjDBTYgrq1pcToqteNzOsjNq0U1QEqT1qyjTBtWEYSbjw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:35:41 2025 by rpki-client