Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfca2455-b58e-43e0-a15f-276f8a5b527f.roa
File: cfca2455-b58e-43e0-a15f-276f8a5b527f.roa (raw, json)
Hash identifier: HbWdJvB/tos97hxZ7c57Mwxaww2W3zFpq8HuPEUeOpg=
Subject key identifier: 9D:10:A7:11:EA:85:F9:20:CC:F2:6D:9F:E5:E2:DD:A0:30:35:11:4D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 40AB37B1244D4DC7241A7A5B88669DB33C3F6862
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfca2455-b58e-43e0-a15f-276f8a5b527f.roa
Signing time: Fri 25 Apr 2025 18:41:28 +0000
ROA not before: Fri 25 Apr 2025 18:41:28 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:e040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:ab:37:b1:24:4d:4d:c7:24:1a:7a:5b:88:66:9d:b3:3c:3f:68:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:41:28 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=8b0cd409fc4edbfced54c0cd51da2501f47d2190c5e1624baa4c1d34a98b95eb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:4d:b6:92:0d:4f:eb:69:60:3c:8f:be:70:82:
f3:5f:63:84:bf:97:3f:52:27:d8:98:fa:53:b0:bb:
f7:b4:66:eb:9f:be:d2:2f:cd:eb:57:14:c6:a9:40:
71:4f:d8:44:f8:fc:0d:fc:31:0c:7e:20:03:9a:3f:
0f:7e:2a:29:ae:72:db:29:d3:83:01:de:5e:cd:77:
69:6f:1f:74:8f:ff:d8:18:ac:5b:fe:ea:c7:4c:cf:
0a:2c:eb:62:97:cc:ee:8a:1f:ce:22:99:a8:bd:34:
f9:7c:50:ac:40:0f:3e:8f:8b:0d:1e:cb:a5:cd:db:
a8:05:db:43:83:31:22:6f:85:03:55:8b:9c:6c:07:
99:24:9b:34:54:33:2d:0a:62:be:dc:19:a4:a1:ef:
a6:1f:be:29:3b:6e:ea:54:29:3a:a7:1f:7c:c6:ff:
88:08:c0:b4:63:46:73:db:56:a3:9e:95:7a:f7:8d:
68:a7:a6:b5:5c:20:e5:84:b1:0f:c1:28:d2:40:20:
b5:96:8f:e6:15:25:6c:91:dd:ec:6d:1e:e2:cf:af:
fa:7f:ca:3d:73:4c:e4:61:7c:5d:19:f1:22:26:ce:
44:5a:a8:46:fe:99:63:57:53:5a:93:b2:cd:b5:1c:
ad:3b:f0:88:b6:a8:1f:57:c5:b6:d8:7b:1d:17:9a:
bd:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:10:A7:11:EA:85:F9:20:CC:F2:6D:9F:E5:E2:DD:A0:30:35:11:4D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfca2455-b58e-43e0-a15f-276f8a5b527f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:e040::/48
Signature Algorithm: sha256WithRSAEncryption
6c:6c:ba:6a:6a:c5:42:77:10:df:83:26:70:26:87:cf:81:95:
6a:49:65:d0:c1:43:02:44:e0:c7:5e:74:9c:da:c4:13:1c:a8:
69:30:25:cc:50:fe:bf:1d:99:84:b4:e1:64:4e:69:ed:5f:30:
2d:40:a6:da:9f:f5:98:a3:bd:1e:36:e2:75:4f:19:ab:56:14:
76:43:10:df:6d:eb:45:6f:27:08:de:4a:ce:e1:24:7a:c9:85:
f2:10:2e:ab:4d:10:b4:cc:77:8d:01:94:96:c5:a1:5a:1e:1d:
89:94:d6:2c:b6:31:82:f0:09:a7:82:7d:eb:3c:9a:89:eb:20:
50:f7:84:eb:67:92:25:7d:2f:57:8c:c1:7f:a2:7d:43:cb:45:
f7:1b:e0:36:95:96:ce:73:0d:0f:45:5e:3c:12:8e:a6:aa:ea:
ee:85:28:65:56:54:83:9b:84:15:4a:9a:5b:bb:c9:88:5e:4d:
a0:12:03:c8:4c:2e:d7:dd:ec:88:27:d2:14:5e:40:e8:6f:bd:
2f:87:32:70:58:dc:19:6d:c7:d6:22:cd:41:8e:2a:ee:16:a2:
1f:c4:39:d0:cb:46:f1:a7:52:dc:d4:d9:eb:b1:75:b0:8a:8c:
74:ac:e9:06:64:6f:fd:f5:83:9f:47:8c:8e:83:04:0e:11:ce:
77:a3:f2:7b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQKs3sSRNTcckGnpbiGadszw/aGIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODQxMjhaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDhiMGNkNDA5ZmM0ZWRiZmNlZDU0YzBjZDUxZGEyNTAxZjQ3ZDIxOTBjNWUx
NjI0YmFhNGMxZDM0YTk4Yjk1ZWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlNtpINT+tpYDyPvnCC819jhL+XP1In2Jj6U7C797Rm65++0i/N61cUxqlA
cU/YRPj8DfwxDH4gA5o/D34qKa5y2ynTgwHeXs13aW8fdI//2BisW/7qx0zPCizr
YpfM7oofziKZqL00+XxQrEAPPo+LDR7Lpc3bqAXbQ4MxIm+FA1WLnGwHmSSbNFQz
LQpivtwZpKHvph++KTtu6lQpOqcffMb/iAjAtGNGc9tWo56VeveNaKemtVwg5YSx
D8Eo0kAgtZaP5hUlbJHd7G0e4s+v+n/KPXNM5GF8XRnxIibORFqoRv6ZY1dTWpOy
zbUcrTvwiLaoH1fFtth7HReavWsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSdEKcR
6oX5IMzybZ/l4t2gMDURTTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2ZjYTI0NTUtYjU4ZS00M2UwLWExNWYtMjc2ZjhhNWI1MjdmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/g
QDANBgkqhkiG9w0BAQsFAAOCAQEAbGy6amrFQncQ34MmcCaHz4GVakll0MFDAkTg
x150nNrEExyoaTAlzFD+vx2ZhLThZE5p7V8wLUCm2p/1mKO9HjbidU8Zq1YUdkMQ
323rRW8nCN5KzuEkesmF8hAuq00QtMx3jQGUlsWhWh4diZTWLLYxgvAJp4J96zya
iesgUPeE62eSJX0vV4zBf6J9Q8tF9xvgNpWWznMND0VePBKOpqrq7oUoZVZUg5uE
FUqaW7vJiF5NoBIDyEwu193siCfSFF5A6G+9L4cycFjcGW3H1iLNQY4q7haiH8Q5
0MtG8adS3NTZ67F1sIqMdKzpBmRv/fWDn0eMjoMEDhHOd6Pyew==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:29 2025 by rpki-client