Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da7b8c4e-ee0a-45cd-b6e3-7bacf8a9e2f0.roa
File: da7b8c4e-ee0a-45cd-b6e3-7bacf8a9e2f0.roa (raw, json)
Hash identifier: WPlQAqbuj6NlJaRPN1WEvpGJMZdjCoQ/+87MPISSxxw=
Subject key identifier: 47:7A:B8:A7:B3:F3:10:28:1E:37:26:C5:22:E3:F2:0A:88:96:0A:EC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 37321B8DDDC5F3CA61F250D1F1A02302E79A577A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da7b8c4e-ee0a-45cd-b6e3-7bacf8a9e2f0.roa
Signing time: Mon 21 Apr 2025 18:31:09 +0000
ROA not before: Mon 21 Apr 2025 18:31:09 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:32:1b:8d:dd:c5:f3:ca:61:f2:50:d1:f1:a0:23:02:e7:9a:57:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 21 18:31:09 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=06e1cb6397e651492091ea02f3676b1c1db7cb65d86b1d027296ea8d41b95bce, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:18:f1:ae:cf:d3:59:2c:eb:e8:cf:1d:13:ad:
05:38:cd:82:a7:93:3b:3f:37:e2:bc:74:62:2c:82:
bf:89:15:2a:67:4b:fc:da:11:d5:ac:11:c0:05:be:
29:b9:0e:c5:9b:74:66:c2:09:50:77:50:cc:cb:4b:
39:20:76:dd:35:f8:5c:7f:91:b5:e9:99:1c:c2:b7:
9f:86:de:01:d0:ce:93:ea:14:7f:0b:ec:d8:19:33:
fd:11:23:40:ef:8e:1e:e3:ab:51:9d:04:88:59:46:
99:56:53:9b:74:77:40:ef:ed:90:a3:b1:54:12:ba:
a9:08:5e:57:64:c9:2e:87:c8:c0:4c:2d:d9:0c:53:
02:ed:02:cc:59:8b:c6:d5:97:a4:f2:75:73:36:c5:
bc:45:be:d4:64:4f:3a:a4:7c:2d:f9:a6:d3:eb:28:
d4:3a:2a:76:cd:a5:15:5f:58:4b:cb:57:a7:8c:76:
06:19:ff:55:1a:62:7e:50:45:53:87:3a:7d:e6:9b:
bc:41:cf:90:39:0d:22:2d:f9:06:31:66:66:f4:3e:
06:99:59:60:6b:23:c0:00:be:9e:0d:f2:f9:87:7b:
07:c1:9c:25:32:ce:bd:c2:d0:39:82:64:fb:1e:c2:
82:3a:87:9c:b3:61:e6:2c:b4:1a:c5:cc:6a:af:ce:
8b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:7A:B8:A7:B3:F3:10:28:1E:37:26:C5:22:E3:F2:0A:88:96:0A:EC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da7b8c4e-ee0a-45cd-b6e3-7bacf8a9e2f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:880::/48
Signature Algorithm: sha256WithRSAEncryption
c8:29:d4:3b:90:56:5a:c1:47:bf:2b:a6:9e:1a:8d:c3:fe:8e:
ab:2d:a9:a3:47:c3:f8:e4:36:37:81:53:a0:e7:0e:43:0f:fc:
8d:10:95:b9:6a:9e:f7:d4:2c:9e:83:81:57:c2:dc:a3:dc:a1:
d5:4a:61:70:f4:e4:46:1d:50:66:8e:6a:7c:cd:d9:6b:66:58:
00:0a:33:f0:7c:55:bc:be:ec:c4:9d:3b:69:77:ac:b1:e2:f9:
2a:20:1e:97:17:fc:84:b2:0c:85:58:25:09:05:3e:9e:d1:00:
de:3e:87:23:2e:c9:a4:9e:03:f0:98:08:1a:c2:e1:58:53:68:
d1:25:6f:5f:13:32:e7:ec:93:cb:6e:a3:92:2e:2d:3e:8d:40:
4d:b3:70:7a:29:bc:1f:0e:27:64:23:d3:a4:9a:96:c5:7f:77:
17:b8:f5:22:2a:01:fc:a1:5c:df:fa:0a:6a:e4:9d:de:96:32:
09:db:3f:86:b8:a2:0c:ef:89:f9:5e:9c:00:ea:d8:55:de:a1:
2d:37:9c:5f:68:83:3e:e9:07:5f:29:49:47:ff:1d:c2:b2:e2:
18:48:19:05:4d:a6:bf:95:c7:81:fa:e3:eb:1e:66:48:d0:ea:
c1:ad:af:78:71:4e:ab:8e:df:8c:9d:94:11:0d:a5:42:e8:48:
04:0e:3b:58
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNzIbjd3F88ph8lDR8aAjAueaV3owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjExODMxMDlaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2ZTFjYjYzOTdlNjUxNDkyMDkxZWEwMmYzNjc2YjFjMWRiN2NiNjVkODZi
MWQwMjcyOTZlYThkNDFiOTViY2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANIY8a7P01ks6+jPHROtBTjNgqeTOz834rx0YiyCv4kVKmdL/NoR1awRwAW+
KbkOxZt0ZsIJUHdQzMtLOSB23TX4XH+RtemZHMK3n4beAdDOk+oUfwvs2Bkz/REj
QO+OHuOrUZ0EiFlGmVZTm3R3QO/tkKOxVBK6qQheV2TJLofIwEwt2QxTAu0CzFmL
xtWXpPJ1czbFvEW+1GRPOqR8Lfmm0+so1Doqds2lFV9YS8tXp4x2Bhn/VRpiflBF
U4c6feabvEHPkDkNIi35BjFmZvQ+BplZYGsjwAC+ng3y+Yd7B8GcJTLOvcLQOYJk
+x7CgjqHnLNh5iy0GsXMaq/OixkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRHerin
s/MQKB43JsUi4/IKiJYK7DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGE3YjhjNGUtZWUwYS00NWNkLWI2ZTMtN2JhY2Y4YTllMmYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G8I
gDANBgkqhkiG9w0BAQsFAAOCAQEAyCnUO5BWWsFHvyumnhqNw/6Oqy2po0fD+OQ2
N4FToOcOQw/8jRCVuWqe99QsnoOBV8Lco9yh1UphcPTkRh1QZo5qfM3Za2ZYAAoz
8HxVvL7sxJ07aXesseL5KiAelxf8hLIMhVglCQU+ntEA3j6HIy7JpJ4D8JgIGsLh
WFNo0SVvXxMy5+yTy26jki4tPo1ATbNweim8Hw4nZCPTpJqWxX93F7j1IioB/KFc
3/oKauSd3pYyCds/hriiDO+J+V6cAOrYVd6hLTecX2iDPukHXylJR/8dwrLiGEgZ
BU2mv5XHgfrj6x5mSNDqwa2veHFOq47fjJ2UEQ2lQuhIBA47WA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:01 2025 by rpki-client