Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bcc124-bcd8-42ec-911f-1b551dceda68.roa
File: d7bcc124-bcd8-42ec-911f-1b551dceda68.roa (raw, json)
Hash identifier: Eqan068N7JvMWJKv6Gnx0P4Pd0R+TgbLQwIAIbXuhBg=
Subject key identifier: A1:69:16:86:0E:05:93:4E:78:08:9E:D2:C3:1A:F5:8A:8A:71:15:0C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 14DBE249B35352388389F9B8472D60C78FA74304
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bcc124-bcd8-42ec-911f-1b551dceda68.roa
Signing time: Fri 25 Apr 2025 19:50:22 +0000
ROA not before: Fri 25 Apr 2025 19:50:22 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:db:e2:49:b3:53:52:38:83:89:f9:b8:47:2d:60:c7:8f:a7:43:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:50:22 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=22446aabc824169083b0bc8ebe7974fb8902d0830f5a408081abb0fb48e8aac3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:03:5a:8d:35:fb:27:89:49:b6:57:ee:9c:b3:
af:fa:49:69:df:f4:ab:6c:83:7d:7f:88:f2:6a:ad:
d8:15:fe:3e:2c:ba:ca:eb:66:34:a7:4e:a9:f3:42:
60:e7:90:a5:68:01:14:f5:21:5d:3e:99:9f:8f:ff:
5a:12:0e:73:5f:59:8b:21:96:7a:ac:d1:23:05:b4:
d4:83:68:4e:0e:34:40:66:d3:17:d7:7c:69:6c:8c:
87:e7:96:1a:7f:f2:e4:19:6f:e1:c6:53:f0:c2:79:
da:4a:57:c8:91:24:08:84:70:43:6c:70:f7:64:57:
ed:a3:9a:db:ed:75:e0:aa:75:86:88:e5:82:f7:86:
27:dc:fb:dc:46:39:71:cd:22:39:71:59:95:23:25:
6f:de:00:a8:96:26:a6:bf:10:5d:1c:fe:41:52:81:
63:ab:ed:7a:45:e2:55:2c:31:33:d4:04:e1:68:f6:
d1:a9:a2:7b:81:17:16:c7:c0:8b:31:6b:eb:93:a6:
dd:d1:26:48:b4:4b:08:ca:60:fd:26:fc:20:f3:e5:
e0:84:22:a5:3f:ab:84:3e:f4:84:18:15:77:b4:ee:
c7:30:fd:9f:78:86:81:09:96:c1:35:ab:a9:30:77:
25:0c:08:0a:b3:c6:1c:2d:0c:e3:34:09:92:df:97:
47:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:69:16:86:0E:05:93:4E:78:08:9E:D2:C3:1A:F5:8A:8A:71:15:0C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bcc124-bcd8-42ec-911f-1b551dceda68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:e000::/40
Signature Algorithm: sha256WithRSAEncryption
2e:95:58:98:6f:ec:ce:2e:25:8b:a5:65:01:46:d3:f9:12:db:
e4:5b:13:73:45:b5:34:dd:fc:73:21:ac:e6:14:54:ae:a3:c2:
1b:b1:0d:39:01:14:eb:4e:db:6b:50:81:df:8b:f9:11:cd:0d:
0d:8c:e5:eb:9c:c4:06:38:f8:64:50:0d:2a:c8:af:05:d2:ad:
86:f5:a7:85:66:4d:36:7c:5f:28:66:c4:c6:ca:10:7c:43:ae:
96:5a:f2:42:58:75:c2:74:ee:62:ca:4f:8b:52:ae:dc:95:aa:
e9:0f:d5:f0:b3:8a:4a:81:d7:50:1f:20:70:2b:e8:3b:7a:8c:
52:f5:02:fb:ab:3b:6c:b7:e3:42:fe:13:34:a8:6b:fd:bc:03:
e6:08:b0:14:05:d4:41:e5:44:bf:6b:8e:49:ec:15:e3:40:2e:
24:1b:2c:54:e3:a4:d5:17:a5:5d:57:96:85:92:bc:cc:31:64:
f0:d0:10:8e:86:23:37:9d:ba:68:d0:dc:01:49:e5:5c:1b:6e:
47:47:9a:52:45:e0:1b:5e:57:8b:d0:45:b2:ad:f3:14:16:7c:
a5:83:85:e2:4d:ca:ff:2d:03:e7:79:e4:94:5e:8e:99:0e:13:
97:4f:6a:9d:df:1d:c1:8a:d2:c5:51:db:6a:95:a0:7a:f9:ca:
63:7b:e3:7f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFNviSbNTUjiDifm4Ry1gx4+nQwQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTUwMjJaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDIyNDQ2YWFiYzgyNDE2OTA4M2IwYmM4ZWJlNzk3NGZiODkwMmQwODMwZjVh
NDA4MDgxYWJiMGZiNDhlOGFhYzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI0DWo01+yeJSbZX7pyzr/pJad/0q2yDfX+I8mqt2BX+Piy6yutmNKdOqfNC
YOeQpWgBFPUhXT6Zn4//WhIOc19ZiyGWeqzRIwW01INoTg40QGbTF9d8aWyMh+eW
Gn/y5Blv4cZT8MJ52kpXyJEkCIRwQ2xw92RX7aOa2+114Kp1hojlgveGJ9z73EY5
cc0iOXFZlSMlb94AqJYmpr8QXRz+QVKBY6vtekXiVSwxM9QE4Wj20amie4EXFsfA
izFr65Om3dEmSLRLCMpg/Sb8IPPl4IQipT+rhD70hBgVd7TuxzD9n3iGgQmWwTWr
qTB3JQwICrPGHC0M4zQJkt+XR+0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBShaRaG
DgWTTngIntLDGvWKinEVDDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDdiY2MxMjQtYmNkOC00MmVjLTkxMWYtMWI1NTFkY2VkYTY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H7g
MA0GCSqGSIb3DQEBCwUAA4IBAQAulViYb+zOLiWLpWUBRtP5EtvkWxNzRbU03fxz
IazmFFSuo8IbsQ05ARTrTttrUIHfi/kRzQ0NjOXrnMQGOPhkUA0qyK8F0q2G9aeF
Zk02fF8oZsTGyhB8Q66WWvJCWHXCdO5iyk+LUq7clarpD9Xws4pKgddQHyBwK+g7
eoxS9QL7qztst+NC/hM0qGv9vAPmCLAUBdRB5US/a45J7BXjQC4kGyxU46TVF6Vd
V5aFkrzMMWTw0BCOhiM3nbpo0NwBSeVcG25HR5pSReAbXleL0EWyrfMUFnylg4Xi
Tcr/LQPneeSUXo6ZDhOXT2qd3x3BitLFUdtqlaB6+cpje+N/
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:44 2025 by rpki-client