Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d62aaac2-f54a-4bc2-8155-22367e855165.roa
File: d62aaac2-f54a-4bc2-8155-22367e855165.roa (raw, json)
Hash identifier: 3UZ/SqWFeoQdqK8Yrq8dmgqh4VKYf1xnLl00NTT537M=
Subject key identifier: 05:09:83:8C:0F:81:51:9F:2F:BA:AB:17:B0:95:BD:DD:1F:E6:7B:65
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 63F08378E099620FBD31C66357B3BED506F9FAE5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d62aaac2-f54a-4bc2-8155-22367e855165.roa
Signing time: Fri 25 Apr 2025 20:00:19 +0000
ROA not before: Fri 25 Apr 2025 20:00:19 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:f0:83:78:e0:99:62:0f:bd:31:c6:63:57:b3:be:d5:06:f9:fa:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:00:19 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=ad93330cb692af68ada3ce29f05a87f8712fb549483d7feedd65bc9b2fc0dce4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:41:93:b2:2e:0b:19:ab:20:29:90:8c:cf:55:
ac:36:9d:65:0e:ac:3b:0b:e8:5b:11:d0:7b:6f:45:
94:fa:ac:6a:54:21:6c:27:dc:8b:89:58:39:7b:5a:
0f:ed:58:10:c2:31:0d:7f:1d:be:af:7a:0f:30:77:
18:b8:47:69:67:3e:89:7a:4e:8e:be:a6:f5:91:18:
2f:85:d6:87:9d:c3:6f:53:45:b6:ce:df:d7:61:da:
dc:cd:9f:88:8e:aa:6e:fe:ad:27:41:71:5c:b1:7a:
0e:ea:08:ed:0f:7a:0c:7f:63:31:32:c7:cd:55:57:
36:6c:f5:75:26:f0:32:cd:0b:db:b8:ba:a4:a4:d3:
47:a1:0c:11:c9:73:8f:9c:7c:33:3d:60:02:8c:7a:
4b:1d:80:d6:c8:4d:55:06:c5:61:0d:a4:f2:18:c1:
17:8b:f1:0e:91:ac:66:60:03:75:8c:9e:9f:80:63:
8b:f0:8d:48:f3:c4:ae:d4:f3:ec:e4:92:20:f5:f7:
69:97:51:55:d7:8e:d0:47:70:78:d8:ac:6e:4e:5e:
55:cc:b6:39:b2:89:09:c4:cd:00:1b:94:e4:eb:1b:
64:fd:12:89:0f:45:62:ee:f2:ff:ca:72:82:6c:26:
6e:0b:3a:66:32:bd:b5:43:f2:3d:6f:1c:de:d0:b4:
2f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:09:83:8C:0F:81:51:9F:2F:BA:AB:17:B0:95:BD:DD:1F:E6:7B:65
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d62aaac2-f54a-4bc2-8155-22367e855165.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:b000::/40
Signature Algorithm: sha256WithRSAEncryption
9d:08:4d:1a:f7:7e:32:fb:83:ec:39:8e:cc:68:4e:86:6b:34:
b5:22:bd:d1:99:b2:02:d2:96:19:d2:a4:8c:64:b9:af:da:52:
e2:9a:85:43:72:1e:93:57:09:17:f6:2a:1d:e1:a5:04:fc:4c:
22:03:98:42:fe:77:5d:15:33:05:77:c2:e6:01:43:50:d0:d6:
70:b6:10:a9:da:c4:62:97:51:9a:08:f5:9e:8a:a4:d2:5d:7e:
df:cd:e3:f6:cd:31:4a:36:07:64:2b:7b:50:25:64:50:12:73:
c7:e3:6c:54:4b:2a:4c:7c:3f:71:9d:32:b5:e5:fa:68:8c:97:
97:06:20:b1:84:11:27:56:f2:39:76:30:e7:77:68:24:64:40:
63:c9:84:7e:33:97:b7:c6:bf:08:96:6a:77:00:31:95:c9:a4:
47:1f:48:d4:86:60:3e:46:bb:5e:3a:ad:82:2f:10:12:01:34:
39:ce:ba:58:32:fc:ca:0d:fb:07:dc:7e:11:45:dd:f8:c2:d2:
cd:62:65:db:58:ef:05:1b:83:0e:60:22:e6:48:b8:7f:6d:6b:
88:e8:e6:10:a8:68:2f:28:df:90:e5:33:53:b7:05:61:d1:a8:
54:7f:e0:0c:8b:c1:a8:6f:32:41:56:bb:9c:5b:16:13:34:d0:
fa:de:c2:24
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUY/CDeOCZYg+9McZjV7O+1Qb5+uUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDAwMTlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGFkOTMzMzBjYjY5MmFmNjhhZGEzY2UyOWYwNWE4N2Y4NzEyZmI1NDk0ODNk
N2ZlZWRkNjViYzliMmZjMGRjZTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALhBk7IuCxmrICmQjM9VrDadZQ6sOwvoWxHQe29FlPqsalQhbCfci4lYOXta
D+1YEMIxDX8dvq96DzB3GLhHaWc+iXpOjr6m9ZEYL4XWh53Db1NFts7f12Ha3M2f
iI6qbv6tJ0FxXLF6DuoI7Q96DH9jMTLHzVVXNmz1dSbwMs0L27i6pKTTR6EMEclz
j5x8Mz1gAox6Sx2A1shNVQbFYQ2k8hjBF4vxDpGsZmADdYyen4Bji/CNSPPErtTz
7OSSIPX3aZdRVdeO0EdweNisbk5eVcy2ObKJCcTNABuU5OsbZP0SiQ9FYu7y/8py
gmwmbgs6ZjK9tUPyPW8c3tC0L2UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQFCYOM
D4FRny+6qxewlb3dH+Z7ZTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDYyYWFhYzItZjU0YS00YmMyLTgxNTUtMjIzNjdlODU1MTY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DKw
MA0GCSqGSIb3DQEBCwUAA4IBAQCdCE0a934y+4PsOY7MaE6GazS1Ir3RmbIC0pYZ
0qSMZLmv2lLimoVDch6TVwkX9iod4aUE/EwiA5hC/nddFTMFd8LmAUNQ0NZwthCp
2sRil1GaCPWeiqTSXX7fzeP2zTFKNgdkK3tQJWRQEnPH42xUSypMfD9xnTK15fpo
jJeXBiCxhBEnVvI5djDnd2gkZEBjyYR+M5e3xr8Ilmp3ADGVyaRHH0jUhmA+Rrte
Oq2CLxASATQ5zrpYMvzKDfsH3H4RRd34wtLNYmXbWO8FG4MOYCLmSLh/bWuI6OYQ
qGgvKN+Q5TNTtwVh0ahUf+AMi8GobzJBVrucWxYTNND63sIk
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:47:08 2025 by rpki-client