Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ad75af-5f70-4566-9e24-e9acd2e1f495.roa
File: d7ad75af-5f70-4566-9e24-e9acd2e1f495.roa (raw, json)
Hash identifier: cJDm9ZChpTk6iNmR80FP906v8sSE0e2Dg2dxf7pzOg4=
Subject key identifier: 54:23:4B:69:AB:46:4B:FF:2E:95:64:E2:7D:93:50:9D:F8:BF:3A:70
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0987B76A5FA47017DC3D9B55573D970BA35D47EB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ad75af-5f70-4566-9e24-e9acd2e1f495.roa
Signing time: Fri 25 Apr 2025 19:10:15 +0000
ROA not before: Fri 25 Apr 2025 19:10:15 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:2080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:87:b7:6a:5f:a4:70:17:dc:3d:9b:55:57:3d:97:0b:a3:5d:47:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:10:15 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=d63e06e1916bd468c50f35c462d690a06096e2b3d413ae8e96ad059b09c26218, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:20:a1:9e:43:d9:bb:b1:a3:76:ed:38:4a:71:
42:05:d3:c9:f1:a6:65:0b:e7:14:25:21:aa:f0:b0:
7a:92:30:a7:cb:06:2f:4f:4b:1a:38:1a:ff:68:58:
2d:64:95:d3:1a:03:2a:e5:60:10:23:bb:33:1e:f9:
b9:d0:ea:1e:43:9f:22:25:a3:55:a8:29:39:30:99:
c9:e4:67:55:55:2c:89:70:8b:98:0b:51:b0:d3:03:
1e:a0:8c:9e:8f:9a:69:3d:5b:ee:b7:68:7d:00:d2:
08:7a:77:5a:dc:89:f2:a5:f5:1c:01:45:6c:f7:24:
69:2c:f3:f1:1e:83:f9:66:3a:79:b3:c1:7d:d6:bb:
02:2e:d2:e2:dd:e3:5f:92:51:60:28:79:ad:e4:5d:
1b:60:45:15:73:d4:fe:b5:fe:03:68:19:ae:c0:e8:
5e:d4:85:cf:eb:e4:fa:a7:1f:f3:f9:bd:20:28:33:
49:a3:04:f3:80:9e:95:4e:f8:d3:6f:26:41:88:00:
7a:dc:ce:17:79:f2:60:93:d9:41:70:f1:1d:da:0a:
e3:ef:2b:bb:5d:89:0d:30:ba:dc:5b:c5:03:68:fb:
4c:a6:6b:47:ca:4a:90:de:a7:dc:b8:ab:c4:48:96:
79:19:0c:5e:a0:7a:2d:4c:fe:65:c5:6a:0c:dd:e4:
4a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:23:4B:69:AB:46:4B:FF:2E:95:64:E2:7D:93:50:9D:F8:BF:3A:70
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ad75af-5f70-4566-9e24-e9acd2e1f495.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:2080::/46
Signature Algorithm: sha256WithRSAEncryption
34:ae:e2:df:db:f6:9f:65:f3:5b:44:b9:6f:ce:8a:7d:d0:cf:
93:43:fe:b2:65:a8:83:3b:ce:68:b0:25:6f:77:13:54:8f:bc:
44:23:47:eb:bc:d8:85:17:da:34:2d:73:1a:47:22:56:c6:d5:
f5:75:f8:f2:27:3b:82:8b:c0:f2:8e:2d:db:de:6b:3f:d0:7e:
9d:7b:86:66:6b:d1:73:36:df:46:95:be:98:db:be:0c:8c:9b:
a4:7f:d1:61:34:9e:90:7d:89:83:59:10:ff:0a:90:f6:6e:f0:
f4:13:59:0f:a9:3a:27:e4:e9:5f:69:e5:de:22:6c:01:28:77:
37:be:bc:15:ea:76:1f:c9:a6:61:57:cb:ac:c5:01:9c:71:0e:
1b:32:a2:99:6b:e3:6f:6b:bd:e7:0a:c9:75:6e:92:60:d0:2e:
5f:de:2b:70:ba:64:1b:98:76:17:ff:e0:a7:01:6f:a0:ec:42:
c3:ee:37:6c:1f:63:f9:6b:7c:27:46:d4:7e:1d:38:d0:a6:5b:
39:18:09:77:1b:a3:ba:0b:28:f9:c8:6b:d5:b8:4e:16:5e:82:
1c:e6:2f:d2:9e:ea:d7:dc:15:bc:63:65:c2:32:55:07:2c:09:
c7:d8:b1:19:da:76:d0:24:79:dc:1f:1b:2b:4a:d6:11:0e:aa:
f3:40:c3:4e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUCYe3al+kcBfcPZtVVz2XC6NdR+swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTEwMTVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2M2UwNmUxOTE2YmQ0NjhjNTBmMzVjNDYyZDY5MGEwNjA5NmUyYjNkNDEz
YWU4ZTk2YWQwNTliMDljMjYyMTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKsgoZ5D2buxo3btOEpxQgXTyfGmZQvnFCUhqvCwepIwp8sGL09LGjga/2hY
LWSV0xoDKuVgECO7Mx75udDqHkOfIiWjVagpOTCZyeRnVVUsiXCLmAtRsNMDHqCM
no+aaT1b7rdofQDSCHp3WtyJ8qX1HAFFbPckaSzz8R6D+WY6ebPBfda7Ai7S4t3j
X5JRYCh5reRdG2BFFXPU/rX+A2gZrsDoXtSFz+vk+qcf8/m9ICgzSaME84CelU74
028mQYgAetzOF3nyYJPZQXDxHdoK4+8ru12JDTC63FvFA2j7TKZrR8pKkN6n3Lir
xEiWeRkMXqB6LUz+ZcVqDN3kSt0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRUI0tp
q0ZL/y6VZOJ9k1Cd+L86cDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDdhZDc1YWYtNWY3MC00NTY2LTllMjQtZTlhY2QyZTFmNDk1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DUg
gDANBgkqhkiG9w0BAQsFAAOCAQEANK7i39v2n2XzW0S5b86KfdDPk0P+smWogzvO
aLAlb3cTVI+8RCNH67zYhRfaNC1zGkciVsbV9XX48ic7govA8o4t295rP9B+nXuG
ZmvRczbfRpW+mNu+DIybpH/RYTSekH2Jg1kQ/wqQ9m7w9BNZD6k6J+TpX2nl3iJs
ASh3N768Fep2H8mmYVfLrMUBnHEOGzKimWvjb2u95wrJdW6SYNAuX94rcLpkG5h2
F//gpwFvoOxCw+43bB9j+Wt8J0bUfh040KZbORgJdxujugso+chr1bhOFl6CHOYv
0p7q19wVvGNlwjJVBywJx9ixGdp20CR53B8bK0rWEQ6q80DDTg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:31 2025 by rpki-client