Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e7efd861-8dc6-40c5-8713-0bcfdbed7c2e.roa
File: e7efd861-8dc6-40c5-8713-0bcfdbed7c2e.roa (raw, json)
Hash identifier: isD5JS+Jv7a9+F8S0/fE+/lHVrZf56yjp70S4KYBkKI=
Subject key identifier: 6C:2A:57:37:18:D4:C2:F0:5D:19:A0:33:8E:48:4A:CE:4C:07:FC:D2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D36BE67897D7892299485C1E958975BF9A1786F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e7efd861-8dc6-40c5-8713-0bcfdbed7c2e.roa
Signing time: Fri 25 Apr 2025 19:50:47 +0000
ROA not before: Fri 25 Apr 2025 19:50:47 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:36:be:67:89:7d:78:92:29:94:85:c1:e9:58:97:5b:f9:a1:78:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:50:47 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=62153ca6c7a4d171e0ce74c63d2b5ade642d8025087ebb78850785164c8b81b5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d0:cb:b9:25:c8:35:99:da:db:ca:cd:5f:c4:
84:09:2c:df:59:8c:7b:05:c0:8a:e2:03:1e:55:6c:
d3:8f:4d:7f:40:40:ab:13:e8:6f:da:44:b9:2f:b8:
08:1c:47:f5:b2:87:c5:54:b0:45:bd:68:90:3d:24:
b3:e5:e2:dd:ad:f4:e0:65:f3:ed:5f:e7:0e:6f:c2:
7c:9f:c3:6d:a5:ae:2a:2c:a8:45:4f:41:cd:38:4e:
62:7e:41:a2:a4:c0:f8:0c:54:49:93:13:16:97:fe:
66:20:68:f2:a3:e4:ed:ad:c5:f4:d4:09:1b:78:f2:
b2:4b:17:5c:bd:6e:72:dd:cf:ec:bb:9d:89:3a:bd:
0f:18:e5:06:6e:c3:d7:f7:bc:05:40:83:80:b0:fd:
67:64:d9:1f:8e:da:7b:d0:63:59:6e:e6:d6:9e:ab:
bc:0c:6f:77:71:e8:25:72:1c:c3:0a:a3:9d:ce:32:
2d:ad:e4:f4:95:15:6d:73:c6:b6:65:03:b1:08:c8:
8b:35:51:28:c9:c8:ef:64:cd:91:c8:fb:00:1a:20:
5c:21:1d:3d:61:a5:c3:13:17:44:bf:53:13:3b:5b:
9c:29:47:20:ea:4a:d1:fe:dd:00:ee:2f:dd:7e:4c:
e5:3a:6f:03:8b:d4:77:96:d9:cc:2c:14:02:95:f2:
d6:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:2A:57:37:18:D4:C2:F0:5D:19:A0:33:8E:48:4A:CE:4C:07:FC:D2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e7efd861-8dc6-40c5-8713-0bcfdbed7c2e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:8000::/40
Signature Algorithm: sha256WithRSAEncryption
a0:e8:c3:c5:33:8e:33:50:70:95:9a:7c:76:65:f8:cc:4f:ba:
3b:f3:d8:de:3a:22:fd:28:5f:3c:8e:47:25:c3:09:66:ff:e9:
15:76:54:c7:76:94:ea:25:2b:9c:c0:4d:fe:91:81:1e:e2:e2:
e7:a6:10:b0:c8:ce:45:96:dd:13:f8:ff:c6:f4:d5:94:54:99:
33:5f:4e:d6:80:cf:bb:0b:f4:57:65:a4:04:0e:ad:75:e3:d3:
29:17:0c:40:ae:3b:8e:ac:51:55:a0:c1:fe:06:dc:06:76:52:
57:17:ef:6f:86:2b:94:75:df:e5:ec:23:2d:5e:75:7c:d9:d4:
c9:e8:80:27:3a:ba:36:82:cb:73:81:46:3a:66:7e:6a:13:00:
28:e9:75:01:ef:c2:70:79:b7:6d:4e:65:4c:ef:c0:fd:07:2e:
97:95:44:32:d0:23:1f:25:bf:16:62:06:f7:f4:7a:77:1f:89:
4b:12:b3:0a:b3:30:dd:26:cb:9c:07:82:05:49:f5:82:55:9d:
59:00:77:fe:76:82:3e:50:10:b8:9f:89:7b:80:cd:90:4b:f1:
6b:f7:6b:42:e1:2b:59:6f:8a:e3:ed:de:f4:13:3e:a1:d5:f9:
e6:99:c2:42:f8:4e:68:11:bf:80:bd:2b:ba:7e:d5:62:96:74:
98:ad:fd:4f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHTa+Z4l9eJIplIXB6ViXW/mheG8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTUwNDdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyMTUzY2E2YzdhNGQxNzFlMGNlNzRjNjNkMmI1YWRlNjQyZDgwMjUwODdl
YmI3ODg1MDc4NTE2NGM4YjgxYjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3Qy7klyDWZ2tvKzV/EhAks31mMewXAiuIDHlVs049Nf0BAqxPob9pEuS+4
CBxH9bKHxVSwRb1okD0ks+Xi3a304GXz7V/nDm/CfJ/DbaWuKiyoRU9BzThOYn5B
oqTA+AxUSZMTFpf+ZiBo8qPk7a3F9NQJG3jysksXXL1uct3P7LudiTq9DxjlBm7D
1/e8BUCDgLD9Z2TZH47ae9BjWW7m1p6rvAxvd3HoJXIcwwqjnc4yLa3k9JUVbXPG
tmUDsQjIizVRKMnI72TNkcj7ABogXCEdPWGlwxMXRL9TEztbnClHIOpK0f7dAO4v
3X5M5TpvA4vUd5bZzCwUApXy1isCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRsKlc3
GNTC8F0ZoDOOSErOTAf80jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTdlZmQ4NjEtOGRjNi00MGM1LTg3MTMtMGJjZmRiZWQ3YzJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DqA
MA0GCSqGSIb3DQEBCwUAA4IBAQCg6MPFM44zUHCVmnx2ZfjMT7o789jeOiL9KF88
jkclwwlm/+kVdlTHdpTqJSucwE3+kYEe4uLnphCwyM5Flt0T+P/G9NWUVJkzX07W
gM+7C/RXZaQEDq1149MpFwxArjuOrFFVoMH+BtwGdlJXF+9vhiuUdd/l7CMtXnV8
2dTJ6IAnOro2gstzgUY6Zn5qEwAo6XUB78JwebdtTmVM78D9By6XlUQy0CMfJb8W
Ygb39Hp3H4lLErMKszDdJsucB4IFSfWCVZ1ZAHf+doI+UBC4n4l7gM2QS/Fr92tC
4StZb4rj7d70Ez6h1fnmmcJC+E5oEb+AvSu6ftVilnSYrf1P
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:22 2025 by rpki-client