Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ddbb8798-3423-4d98-a384-58621b010556.roa
File: ddbb8798-3423-4d98-a384-58621b010556.roa (raw, json)
Hash identifier: 9QJT7AeiVZTWJ+UEsG9CdsVLVwwuR2urJhguwLmO+EM=
Subject key identifier: 05:03:45:F3:A5:47:3D:56:63:EA:57:AE:27:ED:37:8B:2B:2A:02:AB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0F8E85F84E3166735B50A11D2BDA3BACF5761664
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ddbb8798-3423-4d98-a384-58621b010556.roa
Signing time: Fri 25 Apr 2025 20:21:23 +0000
ROA not before: Fri 25 Apr 2025 20:21:23 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d019:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:8e:85:f8:4e:31:66:73:5b:50:a1:1d:2b:da:3b:ac:f5:76:16:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:21:23 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=1843276fc13d5e957fc9fd062b0f417d91acc5c0f4a8451ffb9bac9200201a2b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:92:a8:1d:27:29:01:31:39:9b:4a:1a:e3:73:
43:ba:25:cc:1d:8d:70:e3:8d:a5:33:37:da:72:07:
ac:25:eb:da:84:87:74:17:93:8c:e9:18:8e:b5:eb:
2e:2e:1a:9a:3a:ac:5c:bc:37:28:a0:b9:a8:00:bc:
c3:6f:a8:f9:8a:87:58:ef:02:61:f9:23:15:31:03:
65:b5:01:8a:3e:c2:81:25:db:f0:53:37:c7:23:3f:
5c:71:19:da:fe:93:22:e9:69:e3:f1:b0:10:10:21:
59:b7:87:5a:57:ff:3f:c3:90:f9:24:e1:02:76:a2:
bf:4e:60:7a:a1:01:b7:d4:37:2c:00:f8:8a:86:dd:
42:a7:4b:61:29:ea:e9:7a:c4:dd:ae:98:11:97:95:
9f:66:8b:15:95:26:6a:69:93:79:2d:b0:a8:f9:e7:
6f:21:34:e0:38:72:4f:9c:0d:96:1b:7a:9b:53:58:
00:3d:cd:46:25:1b:41:ad:8c:d0:a1:63:d9:86:5f:
86:a1:1a:3a:69:7e:83:6e:2f:6b:74:e0:93:13:20:
93:13:fd:a1:a7:ed:0c:1b:ab:e2:d1:e1:98:30:17:
0b:a2:14:f8:49:5a:d1:8e:90:b5:b8:85:5b:79:87:
f6:9c:07:6a:34:b9:89:b7:53:fc:bf:eb:25:bf:30:
62:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:03:45:F3:A5:47:3D:56:63:EA:57:AE:27:ED:37:8B:2B:2A:02:AB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ddbb8798-3423-4d98-a384-58621b010556.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d019:c00::/38
Signature Algorithm: sha256WithRSAEncryption
82:9f:52:c6:08:4c:d5:6c:17:2f:49:4e:8e:2c:b8:97:78:ab:
ef:b0:d5:92:66:c9:19:d4:51:3f:ce:5d:d6:be:e2:24:f7:e3:
c2:bc:c3:cf:42:55:22:91:1d:de:17:8f:07:b1:f2:01:cd:13:
1a:46:3f:e4:59:ac:31:4f:4e:06:62:1f:cf:83:43:58:66:11:
2d:26:b9:a8:e3:24:7c:dd:59:01:1a:45:a5:b7:ff:fe:66:ea:
bc:81:c4:09:b8:f6:f8:57:03:c4:21:ba:ba:19:4b:85:02:3e:
c5:57:8d:bf:d1:3f:ea:c6:5a:23:a8:10:25:8c:1d:61:44:5a:
8a:7a:d6:08:5a:31:9d:88:62:7d:ca:98:ed:be:4a:76:38:0f:
4a:70:4b:78:47:44:89:c7:2e:bf:6c:db:9b:85:2d:1b:a7:be:
bb:0b:ee:13:60:ef:b1:a0:a1:9e:1e:b3:26:d1:d6:eb:1c:b1:
d0:f5:fa:ad:08:a1:e9:f0:3c:16:c7:42:e0:da:5a:e0:9a:0e:
f5:2a:c2:e2:11:47:97:fd:2a:b2:16:5a:4b:bf:ff:70:a1:12:
f3:ab:11:b8:b7:b1:0f:77:7b:80:80:66:cc:c1:6c:cf:c9:fb:
d7:ba:3a:1f:a9:80:8e:75:b4:84:78:3c:28:76:db:4a:c0:f8:
2c:42:61:41
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUD46F+E4xZnNbUKEdK9o7rPV2FmQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDIxMjNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4NDMyNzZmYzEzZDVlOTU3ZmM5ZmQwNjJiMGY0MTdkOTFhY2M1YzBmNGE4
NDUxZmZiOWJhYzkyMDAyMDFhMmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+SqB0nKQExOZtKGuNzQ7olzB2NcOONpTM32nIHrCXr2oSHdBeTjOkYjrXr
Li4amjqsXLw3KKC5qAC8w2+o+YqHWO8CYfkjFTEDZbUBij7CgSXb8FM3xyM/XHEZ
2v6TIulp4/GwEBAhWbeHWlf/P8OQ+SThAnaiv05geqEBt9Q3LAD4iobdQqdLYSnq
6XrE3a6YEZeVn2aLFZUmammTeS2wqPnnbyE04DhyT5wNlht6m1NYAD3NRiUbQa2M
0KFj2YZfhqEaOml+g24va3TgkxMgkxP9oaftDBur4tHhmDAXC6IU+Ela0Y6QtbiF
W3mH9pwHajS5ibdT/L/rJb8wYvMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQFA0Xz
pUc9VmPqV64n7TeLKyoCqzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGRiYjg3OTgtMzQyMy00ZDk4LWEzODQtNTg2MjFiMDEwNTU2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BkM
MA0GCSqGSIb3DQEBCwUAA4IBAQCCn1LGCEzVbBcvSU6OLLiXeKvvsNWSZskZ1FE/
zl3WvuIk9+PCvMPPQlUikR3eF48HsfIBzRMaRj/kWawxT04GYh/Pg0NYZhEtJrmo
4yR83VkBGkWlt//+Zuq8gcQJuPb4VwPEIbq6GUuFAj7FV42/0T/qxlojqBAljB1h
RFqKetYIWjGdiGJ9ypjtvkp2OA9KcEt4R0SJxy6/bNubhS0bp767C+4TYO+xoKGe
HrMm0dbrHLHQ9fqtCKHp8DwWx0Lg2lrgmg71KsLiEUeX/SqyFlpLv/9woRLzqxG4
t7EPd3uAgGbMwWzPyfvXujofqYCOdbSEeDwodttKwPgsQmFB
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:50:37 2025 by rpki-client