Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1c9758f-7e15-4a7f-a85d-17f82d36dc5d.roa
File: d1c9758f-7e15-4a7f-a85d-17f82d36dc5d.roa (raw, json)
Hash identifier: FNC2tw94bNMmRRB9Mc6OXThL7KTckBD2Xv2KMHJGY9s=
Subject key identifier: 9D:29:CA:EF:14:82:F9:BB:F6:0C:C5:B2:61:EE:89:25:D3:14:F6:B2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7663A4A6B9EF352282E619B65750DAF513A6FCA9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1c9758f-7e15-4a7f-a85d-17f82d36dc5d.roa
Signing time: Fri 25 Apr 2025 19:41:10 +0000
ROA not before: Fri 25 Apr 2025 19:41:10 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:20c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:63:a4:a6:b9:ef:35:22:82:e6:19:b6:57:50:da:f5:13:a6:fc:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:41:10 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=eabbca37c983b0f04e672c3d53d60a36254e3d028d9c52a11173200c3b45a543, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ef:70:b6:44:41:af:2b:b8:2f:4b:8c:f1:3d:
3f:3c:67:a8:17:f2:99:cc:cd:8f:d3:03:1c:0f:d8:
d2:01:33:11:6a:eb:ee:ec:a6:02:4e:ea:64:d1:ba:
9c:3c:e2:11:54:d0:b0:0b:1a:a0:75:66:c3:1a:14:
e0:ae:1b:59:c6:f5:c9:d8:06:44:e5:71:a3:0f:66:
2d:03:27:05:63:20:a1:ba:dd:10:93:45:92:e0:ec:
2d:84:16:87:dc:cf:11:6a:6e:03:5d:17:96:6f:d1:
30:83:12:d2:d7:b0:7c:65:08:0e:f9:0a:b9:6f:15:
64:b0:11:ad:76:cc:52:c6:5c:d0:61:89:63:e7:fd:
3a:40:64:15:fa:69:fc:63:7a:3b:23:84:60:09:36:
e4:6d:16:d5:39:11:5d:34:46:86:13:ba:4e:61:12:
e0:92:fd:d6:26:13:fd:a9:fe:0d:28:3e:77:68:a9:
6c:92:65:eb:29:0c:d2:1a:66:3b:ae:9a:2d:b6:23:
60:bf:5a:22:23:f1:df:44:1d:6f:f7:12:60:f0:33:
5d:21:98:c0:5a:fa:62:23:da:c3:61:3a:42:ed:f6:
22:f9:0b:9e:5f:43:5d:70:87:0c:3e:ff:f3:42:2d:
f2:78:08:2a:26:04:2f:48:6d:30:2f:77:23:1c:5e:
17:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:29:CA:EF:14:82:F9:BB:F6:0C:C5:B2:61:EE:89:25:D3:14:F6:B2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1c9758f-7e15-4a7f-a85d-17f82d36dc5d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:20c0::/46
Signature Algorithm: sha256WithRSAEncryption
40:53:9c:16:59:84:51:0d:ef:fe:a3:bc:e7:d5:95:af:77:60:
d3:52:4b:19:6c:c1:49:fe:fa:6f:39:c7:e6:46:11:90:9f:c7:
da:15:98:7d:3b:a1:96:7b:87:7a:ad:01:97:30:d3:9e:07:b0:
19:96:fb:07:0e:fb:35:57:82:3a:3e:9a:92:c9:11:50:32:f6:
e7:c4:12:8f:1b:fb:a4:b2:38:16:c0:26:05:87:4f:8b:cf:58:
98:fc:18:84:36:cc:1d:ce:cf:22:36:96:cd:0a:c5:3c:c1:8a:
dc:75:ea:26:48:11:96:55:48:20:f9:e7:f3:73:eb:63:e5:38:
2e:b6:48:40:55:80:b7:03:44:7f:0b:83:b1:0f:ba:f7:f9:c4:
5f:d2:1a:22:1c:07:60:e1:bd:a2:3f:0a:de:6f:60:9d:3d:bc:
05:24:36:b0:4c:23:f1:6d:d9:3f:03:08:34:69:cc:f3:d4:ff:
6e:bb:b9:80:e7:d5:d5:a0:84:31:dc:88:09:41:8a:82:8a:2a:
77:b7:4f:dd:ea:47:ac:6a:19:03:97:45:f9:b1:6c:99:ae:dd:
0f:19:37:10:82:3c:3a:06:70:45:e5:74:d2:ed:88:c0:41:01:
fe:32:f5:60:be:91:5c:ba:d6:bc:a9:e0:1f:ce:98:34:d1:1c:
06:74:33:90
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdmOkprnvNSKC5hm2V1Da9ROm/KkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTQxMTBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhYmJjYTM3Yzk4M2IwZjA0ZTY3MmMzZDUzZDYwYTM2MjU0ZTNkMDI4ZDlj
NTJhMTExNzMyMDBjM2I0NWE1NDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALjvcLZEQa8ruC9LjPE9PzxnqBfymczNj9MDHA/Y0gEzEWrr7uymAk7qZNG6
nDziEVTQsAsaoHVmwxoU4K4bWcb1ydgGROVxow9mLQMnBWMgobrdEJNFkuDsLYQW
h9zPEWpuA10Xlm/RMIMS0tewfGUIDvkKuW8VZLARrXbMUsZc0GGJY+f9OkBkFfpp
/GN6OyOEYAk25G0W1TkRXTRGhhO6TmES4JL91iYT/an+DSg+d2ipbJJl6ykM0hpm
O66aLbYjYL9aIiPx30Qdb/cSYPAzXSGYwFr6YiPaw2E6Qu32IvkLnl9DXXCHDD7/
80It8ngIKiYEL0htMC93IxxeF8ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSdKcrv
FIL5u/YMxbJh7okl0xT2sjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDFjOTc1OGYtN2UxNS00YTdmLWE4NWQtMTdmODJkMzZkYzVkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hsg
wDANBgkqhkiG9w0BAQsFAAOCAQEAQFOcFlmEUQ3v/qO859WVr3dg01JLGWzBSf76
bznH5kYRkJ/H2hWYfTuhlnuHeq0BlzDTngewGZb7Bw77NVeCOj6akskRUDL258QS
jxv7pLI4FsAmBYdPi89YmPwYhDbMHc7PIjaWzQrFPMGK3HXqJkgRllVIIPnn83Pr
Y+U4LrZIQFWAtwNEfwuDsQ+69/nEX9IaIhwHYOG9oj8K3m9gnT28BSQ2sEwj8W3Z
PwMINGnM89T/bru5gOfV1aCEMdyICUGKgooqd7dP3epHrGoZA5dF+bFsma7dDxk3
EII8OgZwReV00u2IwEEB/jL1YL6RXLrWvKngH86YNNEcBnQzkA==
-----END CERTIFICATE-----
Generated at Mon Apr 28 13:15:48 2025 by rpki-client