Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da4dde97-2ca6-497d-9086-e0957352d3a4.roa
File: da4dde97-2ca6-497d-9086-e0957352d3a4.roa (raw, json)
Hash identifier: 79wehr8jkQ1x+FEO9/aCGnPFxUXbWuAnr6Wjw6ndCBc=
Subject key identifier: A4:F8:6C:F5:97:A9:90:E9:68:3C:F4:B8:7E:9D:94:FA:22:D7:26:8D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 04C8179D64B1CCBDB58660FD73A69666A4C76556
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da4dde97-2ca6-497d-9086-e0957352d3a4.roa
Signing time: Wed 16 Apr 2025 19:22:20 +0000
ROA not before: Wed 16 Apr 2025 19:22:20 +0000
ROA not after: Wed 21 May 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:c8:17:9d:64:b1:cc:bd:b5:86:60:fd:73:a6:96:66:a4:c7:65:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 16 19:22:20 2025 GMT
Not After : May 21 23:59:59 2025 GMT
Subject: serialNumber=ae166dd28412af89d6df06e9983edaae69c04ba92b08a3ff9591628b4db10a1d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:25:59:be:bf:ee:42:d5:90:c8:72:d3:56:55:
a5:a5:32:29:ae:2f:e0:f2:fa:44:53:52:77:db:d5:
4f:3e:bd:fb:aa:94:c2:cc:ad:b1:e9:e2:93:b4:36:
f8:a2:82:80:d3:5f:0d:8f:9b:eb:9d:96:d9:35:ef:
c4:b4:a0:04:6f:0a:3a:d9:41:dc:b1:ab:3c:a0:12:
8f:b3:b9:5d:b8:2a:38:c0:9f:60:90:1d:00:db:dd:
44:8d:f1:2f:4f:ca:23:58:d4:8c:a0:e5:90:37:c7:
d2:ae:a0:03:c5:08:e7:4a:20:7c:1f:b9:ba:fa:30:
6a:f5:c4:13:78:3f:84:60:48:d0:c8:e3:ba:20:6b:
e2:ec:38:27:cd:65:c2:df:9a:ba:cf:41:68:27:36:
9e:89:4b:8b:db:63:2a:1e:63:1a:1c:df:e5:e2:fc:
81:de:94:e6:dd:7d:ca:4a:bd:17:74:05:04:f4:78:
56:be:cd:86:d2:52:00:a6:11:39:49:04:1a:13:a7:
b4:1f:69:d6:f2:3a:73:99:d6:08:77:a1:83:b0:72:
82:79:e7:62:11:9f:e3:65:1a:88:a6:ae:e4:8c:53:
7a:d3:52:50:b6:f2:47:3d:42:64:7b:eb:5a:3f:b4:
ae:2e:9c:e3:a9:a0:64:46:08:1f:99:7c:d1:eb:24:
d4:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:F8:6C:F5:97:A9:90:E9:68:3C:F4:B8:7E:9D:94:FA:22:D7:26:8D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da4dde97-2ca6-497d-9086-e0957352d3a4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:8000::/40
Signature Algorithm: sha256WithRSAEncryption
b1:c0:1e:8b:79:36:fc:62:1e:7d:89:8d:ff:aa:15:9f:de:50:
18:fe:8f:da:22:45:f4:28:61:9e:c0:c0:03:8f:1d:af:66:81:
79:2f:da:76:af:0e:03:41:3b:fb:9f:06:f2:57:d7:f3:ea:a4:
be:b3:98:07:1a:8b:94:91:d4:af:94:2a:4b:9f:05:db:1d:6b:
1d:dd:cc:79:3d:00:b7:f5:34:f7:f7:ca:e4:ae:f1:34:35:37:
1f:46:70:1c:25:b7:00:40:89:8f:28:ba:78:df:3c:cd:61:ca:
00:52:e4:df:76:da:55:4e:c8:50:8c:09:ec:fe:c4:9d:23:6c:
a0:6a:70:6e:6b:73:15:b8:b1:50:38:cd:5d:e2:51:7d:85:d0:
35:f0:6b:05:d3:e5:92:f8:8e:96:22:10:29:ee:67:45:cb:e2:
8e:cd:64:8e:1a:6e:53:39:6a:57:5b:35:9e:ce:6a:24:13:b5:
48:5e:bb:0d:54:54:bf:d1:4d:2f:8d:4e:b0:1f:da:09:cd:f5:
42:f1:01:7d:ee:d3:ca:48:b2:87:00:21:0e:a7:0d:b6:3c:98:
2a:07:ed:d0:72:f0:8e:41:36:87:3b:cb:3d:8e:b6:34:eb:37:
16:5c:58:ec:ed:41:70:16:c7:7e:21:fd:8f:ec:1b:22:e6:78:
fc:65:fa:70
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBMgXnWSxzL21hmD9c6aWZqTHZVYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTYxOTIyMjBaFw0yNTA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlMTY2ZGQyODQxMmFmODlkNmRmMDZlOTk4M2VkYWFlNjljMDRiYTkyYjA4
YTNmZjk1OTE2MjhiNGRiMTBhMWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANslWb6/7kLVkMhy01ZVpaUyKa4v4PL6RFNSd9vVTz69+6qUwsytsenik7Q2
+KKCgNNfDY+b652W2TXvxLSgBG8KOtlB3LGrPKASj7O5XbgqOMCfYJAdANvdRI3x
L0/KI1jUjKDlkDfH0q6gA8UI50ogfB+5uvowavXEE3g/hGBI0MjjuiBr4uw4J81l
wt+aus9BaCc2nolLi9tjKh5jGhzf5eL8gd6U5t19ykq9F3QFBPR4Vr7NhtJSAKYR
OUkEGhOntB9p1vI6c5nWCHehg7BygnnnYhGf42UaiKau5IxTetNSULbyRz1CZHvr
Wj+0ri6c46mgZEYIH5l80esk1BsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSk+Gz1
l6mQ6Wg89Lh+nZT6ItcmjTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGE0ZGRlOTctMmNhNi00OTdkLTkwODYtZTA5NTczNTJkM2E0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FmA
MA0GCSqGSIb3DQEBCwUAA4IBAQCxwB6LeTb8Yh59iY3/qhWf3lAY/o/aIkX0KGGe
wMADjx2vZoF5L9p2rw4DQTv7nwbyV9fz6qS+s5gHGouUkdSvlCpLnwXbHWsd3cx5
PQC39TT398rkrvE0NTcfRnAcJbcAQImPKLp43zzNYcoAUuTfdtpVTshQjAns/sSd
I2yganBua3MVuLFQOM1d4lF9hdA18GsF0+WS+I6WIhAp7mdFy+KOzWSOGm5TOWpX
WzWezmokE7VIXrsNVFS/0U0vjU6wH9oJzfVC8QF97tPKSLKHACEOpw22PJgqB+3Q
cvCOQTaHO8s9jrY06zcWXFjs7UFwFsd+If2P7Bsi5nj8Zfpw
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:47:25 2025 by rpki-client