Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e77f2ecc-83c9-48cf-99e0-a46fa060d297.roa
File: e77f2ecc-83c9-48cf-99e0-a46fa060d297.roa (raw, json)
Hash identifier: p6FCKDIoHHnVNQiK4YxmGfYqPp1J2uZ0K6p9kuNLEow=
Subject key identifier: 61:28:A6:8C:4C:B8:0C:E1:55:E7:CD:9F:EE:CB:35:83:3A:83:43:DD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2CCCB5321EAA33E8405DE6F7256E83B6BE5441C9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e77f2ecc-83c9-48cf-99e0-a46fa060d297.roa
Signing time: Fri 25 Apr 2025 18:40:38 +0000
ROA not before: Fri 25 Apr 2025 18:40:38 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:e080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:cc:b5:32:1e:aa:33:e8:40:5d:e6:f7:25:6e:83:b6:be:54:41:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:40:38 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=d4510a462c488cc8758d9339e2492ea208a77763f4f2e78d622765d10f36d1cd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:0d:5d:fc:44:d5:fe:1f:60:02:01:95:65:88:
ae:da:f4:a8:0b:b4:0c:49:9d:d7:24:f1:2b:bb:0b:
0c:a1:2f:64:42:7c:80:8b:c1:4b:4d:86:65:85:b8:
78:8f:ef:97:90:7a:ec:1e:ff:c9:a8:c2:24:f8:b2:
ab:0c:3a:03:46:10:d5:48:90:03:80:d5:35:ce:c6:
ae:2d:84:b7:fc:aa:d3:4b:9a:01:3d:82:fc:24:70:
c8:72:20:9d:0e:94:e0:af:b1:24:b7:80:a4:f2:a5:
f1:9a:5c:41:ed:b4:bb:b1:91:9d:52:a0:2e:65:b0:
92:02:21:d2:0d:14:e2:c3:17:63:33:c0:50:3f:d9:
83:1b:a9:5b:83:a8:25:9a:5b:2e:da:a0:53:bf:f3:
41:c3:84:d2:e8:2e:b8:0f:63:cd:69:9e:c1:4a:99:
ed:ae:7e:5f:01:5f:13:74:0b:28:3c:80:e1:d7:df:
df:6e:cc:5d:51:52:5a:3a:a3:ae:a2:3f:e8:e7:b5:
6d:30:d3:da:e1:50:bd:c3:f5:b4:8c:ef:00:f3:7d:
94:16:56:c4:4a:9c:e9:41:f4:8f:c6:5f:a8:f1:79:
ea:37:77:ca:a2:4a:91:17:f2:46:8d:f6:0a:e2:d0:
2f:71:d0:a6:37:13:9d:a1:59:1a:d3:e2:7d:0c:03:
07:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:28:A6:8C:4C:B8:0C:E1:55:E7:CD:9F:EE:CB:35:83:3A:83:43:DD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e77f2ecc-83c9-48cf-99e0-a46fa060d297.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:e080::/48
Signature Algorithm: sha256WithRSAEncryption
76:37:74:7b:8b:d5:4e:c3:64:ec:b0:19:73:72:00:02:a2:67:
62:8a:fa:13:68:ab:88:4d:32:2c:67:ff:ec:19:1c:fe:14:6a:
a4:34:10:82:f5:7d:c3:0b:15:fe:91:dd:3f:f2:9e:4c:73:5a:
27:1e:23:13:05:6c:80:2e:33:73:2b:78:04:7e:dc:71:b4:41:
1e:32:1d:29:71:44:1e:9f:ab:05:7a:2b:4e:37:66:52:c2:b3:
6b:5c:70:00:cb:dd:21:98:43:92:bb:ff:04:50:c6:5f:09:0c:
94:54:c4:f5:a1:23:31:44:de:5f:29:f7:42:e1:68:10:be:df:
3c:a3:d7:69:63:f1:64:c1:6c:3b:0b:aa:21:70:4e:d9:4c:66:
fc:c2:f9:29:67:c4:3a:03:13:52:28:b6:d9:78:0d:0f:5e:0d:
15:c3:99:36:42:20:c9:1e:b8:ed:c8:a0:2e:e1:06:2a:6b:57:
72:a1:11:40:8a:e6:b2:08:2b:f5:8e:9e:b8:eb:6b:72:d2:86:
00:b5:35:9d:41:74:d9:b7:5a:09:a6:a7:f6:1b:66:5b:b2:3a:
aa:15:d5:0b:64:dd:fb:53:48:98:7c:8a:d2:d9:1f:24:87:d2:
41:69:a5:90:de:32:81:e1:ee:75:57:e1:4a:63:08:55:c9:46:
d0:cd:ba:ec
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULMy1Mh6qM+hAXeb3JW6Dtr5UQckwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODQwMzhaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0NTEwYTQ2MmM0ODhjYzg3NThkOTMzOWUyNDkyZWEyMDhhNzc3NjNmNGYy
ZTc4ZDYyMjc2NWQxMGYzNmQxY2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKYNXfxE1f4fYAIBlWWIrtr0qAu0DEmd1yTxK7sLDKEvZEJ8gIvBS02GZYW4
eI/vl5B67B7/yajCJPiyqww6A0YQ1UiQA4DVNc7Gri2Et/yq00uaAT2C/CRwyHIg
nQ6U4K+xJLeApPKl8ZpcQe20u7GRnVKgLmWwkgIh0g0U4sMXYzPAUD/ZgxupW4Oo
JZpbLtqgU7/zQcOE0uguuA9jzWmewUqZ7a5+XwFfE3QLKDyA4dff327MXVFSWjqj
rqI/6Oe1bTDT2uFQvcP1tIzvAPN9lBZWxEqc6UH0j8ZfqPF56jd3yqJKkRfyRo32
CuLQL3HQpjcTnaFZGtPifQwDB+kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRhKKaM
TLgM4VXnzZ/uyzWDOoND3TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTc3ZjJlY2MtODNjOS00OGNmLTk5ZTAtYTQ2ZmEwNjBkMjk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HTg
gDANBgkqhkiG9w0BAQsFAAOCAQEAdjd0e4vVTsNk7LAZc3IAAqJnYor6E2iriE0y
LGf/7Bkc/hRqpDQQgvV9wwsV/pHdP/KeTHNaJx4jEwVsgC4zcyt4BH7ccbRBHjId
KXFEHp+rBXorTjdmUsKza1xwAMvdIZhDkrv/BFDGXwkMlFTE9aEjMUTeXyn3QuFo
EL7fPKPXaWPxZMFsOwuqIXBO2Uxm/ML5KWfEOgMTUii22XgND14NFcOZNkIgyR64
7cigLuEGKmtXcqERQIrmsggr9Y6euOtrctKGALU1nUF02bdaCaan9htmW7I6qhXV
C2Td+1NImHyK0tkfJIfSQWmlkN4ygeHudVfhSmMIVclG0M267A==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:58 2025 by rpki-client