Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa
File: d7ff0a46-4c68-43b8-be33-3f3098623685.roa (raw, json)
Hash identifier: ciodujZ+uOxADRAxZcfSVdS7FcXC74UGa5zrv4Z9Smc=
Subject key identifier: 39:A4:CC:93:75:DF:B4:C3:3C:80:C0:73:1A:D0:B1:52:C0:17:6A:56
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 712BFE97784562B5D66DAE91C4FD965D5A4B9F48
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa
Signing time: Fri 25 Apr 2025 18:20:11 +0000
ROA not before: Fri 25 Apr 2025 18:20:11 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80d0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:2b:fe:97:78:45:62:b5:d6:6d:ae:91:c4:fd:96:5d:5a:4b:9f:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:20:11 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=44dd412023b6c64973be08a15c713f74cee02ae1b19368c407e81c5891a4bd7d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:99:17:9f:37:d5:75:c9:bc:38:05:3b:c6:3e:
49:7d:49:f5:c8:31:49:74:cb:14:70:25:ac:4f:1b:
9f:fa:fa:f9:27:7c:0f:c5:7c:07:3f:ba:6e:03:da:
6c:c1:49:b3:de:43:d4:99:a7:f7:98:f9:a4:95:47:
db:17:27:6b:92:d8:08:5e:2d:56:13:4e:d6:89:77:
a4:ed:19:b2:49:1e:fd:e7:5b:c6:17:ff:7e:4d:29:
de:05:de:7b:f4:f4:b1:90:e0:a6:38:63:1c:62:cc:
ef:4f:5f:f8:5f:1a:18:74:2f:f7:d8:ae:04:9d:af:
e0:3b:bc:02:76:6f:5c:d3:99:a2:f4:15:a2:90:76:
c0:c0:22:eb:19:45:a0:a0:67:d3:46:3e:35:e1:1a:
bb:c2:4e:a5:38:dd:14:e3:cd:d4:37:2e:fb:1f:5b:
39:5b:bd:a5:b4:43:ce:60:4e:6d:2f:5d:6b:90:fb:
45:3c:86:27:2d:26:83:87:93:70:61:84:f9:7f:5f:
8c:ef:46:02:e1:49:ea:dc:27:3b:5c:11:e0:a9:be:
f7:d3:fd:80:7d:16:0c:f1:28:a6:da:f2:21:a9:18:
a8:73:38:89:d8:eb:84:25:b9:9e:bc:b2:e7:51:60:
86:ab:0e:ef:a0:8e:14:50:e5:82:43:45:d2:cc:91:
72:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:A4:CC:93:75:DF:B4:C3:3C:80:C0:73:1A:D0:B1:52:C0:17:6A:56
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80d0::/48
Signature Algorithm: sha256WithRSAEncryption
96:93:9a:49:00:d6:23:c5:84:d6:dc:8f:09:3c:10:b5:32:26:
2b:b0:7a:a9:4f:a8:8b:a3:69:67:0e:ef:e0:0e:e6:e0:fc:53:
a8:22:86:8f:1e:5f:5e:2a:1a:72:08:e5:5b:a9:2c:8c:fb:af:
db:94:6d:44:fc:9d:2c:c0:c2:fc:ab:06:d0:f7:a1:45:91:e4:
7f:96:db:3d:c2:b5:f8:e2:57:de:08:33:d8:05:a4:ae:eb:56:
52:b1:85:c6:86:d4:cc:11:42:59:3f:1d:c7:05:cb:3a:56:19:
5b:d1:e2:e8:f2:54:90:33:7f:b5:42:5f:f1:42:fd:97:07:3f:
1b:2d:0a:e4:5f:ab:e1:49:df:92:5c:18:a6:36:55:54:0c:c1:
25:17:82:65:e9:98:04:f1:6c:40:ad:3b:47:8f:58:4f:b2:e4:
77:6d:07:a1:b9:3b:2f:17:04:a8:6c:46:ea:51:22:b8:fc:de:
00:9b:9e:cf:bb:81:2f:f9:03:4f:76:66:6d:59:0c:ef:c9:fb:
f5:a5:16:d1:15:5e:d6:32:ac:6d:29:9d:e3:82:92:02:64:aa:
40:ed:3d:a9:14:f3:76:41:45:26:93:d6:3a:78:4e:16:a7:70:
0d:ea:6e:58:47:a7:cc:f5:30:2a:32:61:b1:6b:5d:a2:be:97:
65:8f:d5:f9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcSv+l3hFYrXWba6RxP2WXVpLn0gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODIwMTFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ0ZGQ0MTIwMjNiNmM2NDk3M2JlMDhhMTVjNzEzZjc0Y2VlMDJhZTFiMTkz
NjhjNDA3ZTgxYzU4OTFhNGJkN2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALOZF5831XXJvDgFO8Y+SX1J9cgxSXTLFHAlrE8bn/r6+Sd8D8V8Bz+6bgPa
bMFJs95D1Jmn95j5pJVH2xcna5LYCF4tVhNO1ol3pO0Zskke/edbxhf/fk0p3gXe
e/T0sZDgpjhjHGLM709f+F8aGHQv99iuBJ2v4Du8AnZvXNOZovQVopB2wMAi6xlF
oKBn00Y+NeEau8JOpTjdFOPN1Dcu+x9bOVu9pbRDzmBObS9da5D7RTyGJy0mg4eT
cGGE+X9fjO9GAuFJ6twnO1wR4Km+99P9gH0WDPEoptryIakYqHM4idjrhCW5nryy
51FghqsO76COFFDlgkNF0syRcgUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ5pMyT
dd+0wzyAwHMa0LFSwBdqVjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDdmZjBhNDYtNGM2OC00M2I4LWJlMzMtM2YzMDk4NjIzNjg1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
0DANBgkqhkiG9w0BAQsFAAOCAQEAlpOaSQDWI8WE1tyPCTwQtTImK7B6qU+oi6Np
Zw7v4A7m4PxTqCKGjx5fXioacgjlW6ksjPuv25RtRPydLMDC/KsG0PehRZHkf5bb
PcK1+OJX3ggz2AWkrutWUrGFxobUzBFCWT8dxwXLOlYZW9Hi6PJUkDN/tUJf8UL9
lwc/Gy0K5F+r4UnfklwYpjZVVAzBJReCZemYBPFsQK07R49YT7Lkd20Hobk7LxcE
qGxG6lEiuPzeAJuez7uBL/kDT3ZmbVkM78n79aUW0RVe1jKsbSmd44KSAmSqQO09
qRTzdkFFJpPWOnhOFqdwDepuWEenzPUwKjJhsWtdor6XZY/V+Q==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:38 2025 by rpki-client