Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea31a166-ce12-4108-9868-894ac9df0e65.roa
File: ea31a166-ce12-4108-9868-894ac9df0e65.roa (raw, json)
Hash identifier: MwLepBYNXG3uqsEJLTC1emBIkFEanWNJzCA6nsr87QQ=
Subject key identifier: AE:83:E3:44:91:09:DF:01:84:7F:6F:94:D0:83:E3:94:66:C6:93:B2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 764B97C7A6CB6AFDE5F230A68678025235FE97A3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea31a166-ce12-4108-9868-894ac9df0e65.roa
Signing time: Fri 25 Apr 2025 18:30:26 +0000
ROA not before: Fri 25 Apr 2025 18:30:26 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:b080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:4b:97:c7:a6:cb:6a:fd:e5:f2:30:a6:86:78:02:52:35:fe:97:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:30:26 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=a8218b005ae3f39f0a85d04fcd027702f7ba2ce7a685cdb549ea63f0286f5985, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:7c:bf:f5:ee:56:b2:82:49:aa:ef:ff:b3:7e:
3e:0d:5d:87:5e:4f:d5:e5:6a:1e:8b:49:e1:5a:f2:
e1:c4:1b:56:b1:20:fc:57:d7:3a:b6:b0:43:8c:6a:
85:02:32:2f:ca:5a:db:bb:40:2d:4b:a4:bf:a5:d7:
b3:9d:63:48:4a:bc:eb:86:bf:df:07:11:5e:ad:53:
bc:42:ea:16:a1:f1:bd:ac:cd:31:6a:d4:ce:20:49:
b8:de:19:05:c7:9b:50:73:c0:a8:cf:c3:a0:52:65:
86:66:cb:61:7f:5e:80:39:54:5c:76:f2:19:d1:91:
c0:ba:6f:c7:d2:a9:ff:95:f8:de:20:2f:b9:87:81:
c9:83:67:a3:ce:69:d9:84:43:6a:fc:2e:62:89:b9:
5b:73:f4:cd:db:cf:1b:26:9a:a2:7d:49:60:24:8c:
5c:10:1c:c4:9f:d8:2f:62:71:30:d9:10:5e:aa:ef:
42:61:cf:3d:a1:b1:64:68:a3:9a:20:fc:e4:63:bd:
cc:51:9f:21:9c:de:a4:e8:2a:42:ca:a6:3b:e1:f8:
65:1d:7e:43:65:af:e1:76:12:ab:0c:9f:66:14:b4:
2b:25:33:aa:0c:69:c4:28:92:26:5e:d2:8c:55:29:
57:42:65:cf:a7:90:84:4f:b1:02:ef:53:d9:2e:94:
35:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:83:E3:44:91:09:DF:01:84:7F:6F:94:D0:83:E3:94:66:C6:93:B2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea31a166-ce12-4108-9868-894ac9df0e65.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:b080::/48
Signature Algorithm: sha256WithRSAEncryption
21:fd:91:9a:34:e7:6c:e1:e0:cd:35:28:c7:7f:e7:ec:aa:cc:
c0:c1:d4:f3:55:6a:f6:fd:92:c8:ba:58:29:43:89:cd:d5:1d:
b9:8e:6a:82:dd:93:0a:f3:54:1a:a1:bd:3b:fe:d4:31:2d:ec:
3b:65:c8:1c:c2:82:72:8b:fd:b0:6e:47:53:47:f4:b4:6a:1c:
75:b5:ca:23:e5:91:5c:04:bb:56:0a:0c:7a:11:e9:42:29:18:
51:d1:bc:aa:55:39:c4:69:6f:28:11:5b:3f:2e:0f:49:91:47:
a1:cd:3a:75:28:fc:13:4e:0e:ff:27:8d:bd:d3:5d:cb:01:ca:
0e:0e:7e:4d:83:11:d4:6a:97:c1:76:47:d1:e8:8d:71:30:4d:
0f:aa:22:73:0f:5c:83:6c:bf:1a:16:cc:bc:32:a2:a9:2c:1e:
f8:5c:99:d8:68:21:3f:f3:09:6c:06:6d:ec:14:90:53:70:ae:
7f:6b:dc:4b:59:50:0c:7b:1e:17:bd:40:f0:59:7c:1f:5d:59:
eb:02:82:0c:1e:ef:ab:2e:97:38:e2:44:f3:75:1e:dd:75:bd:
1b:9e:32:11:58:c1:78:47:0f:85:d8:55:7a:62:a9:0b:76:c5:
f1:81:8c:b8:e3:d0:95:1d:5a:d8:4d:da:62:c0:30:64:62:59:
07:f3:34:af
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdkuXx6bLav3l8jCmhngCUjX+l6MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODMwMjZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4MjE4YjAwNWFlM2YzOWYwYTg1ZDA0ZmNkMDI3NzAyZjdiYTJjZTdhNjg1
Y2RiNTQ5ZWE2M2YwMjg2ZjU5ODUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANt8v/XuVrKCSarv/7N+Pg1dh15P1eVqHotJ4Vry4cQbVrEg/FfXOrawQ4xq
hQIyL8pa27tALUukv6XXs51jSEq864a/3wcRXq1TvELqFqHxvazNMWrUziBJuN4Z
BcebUHPAqM/DoFJlhmbLYX9egDlUXHbyGdGRwLpvx9Kp/5X43iAvuYeByYNno85p
2YRDavwuYom5W3P0zdvPGyaaon1JYCSMXBAcxJ/YL2JxMNkQXqrvQmHPPaGxZGij
miD85GO9zFGfIZzepOgqQsqmO+H4ZR1+Q2Wv4XYSqwyfZhS0KyUzqgxpxCiSJl7S
jFUpV0Jlz6eQhE+xAu9T2S6UNdECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSug+NE
kQnfAYR/b5TQg+OUZsaTsjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWEzMWExNjYtY2UxMi00MTA4LTk4NjgtODk0YWM5ZGYwZTY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+w
gDANBgkqhkiG9w0BAQsFAAOCAQEAIf2RmjTnbOHgzTUox3/n7KrMwMHU81Vq9v2S
yLpYKUOJzdUduY5qgt2TCvNUGqG9O/7UMS3sO2XIHMKCcov9sG5HU0f0tGocdbXK
I+WRXAS7VgoMehHpQikYUdG8qlU5xGlvKBFbPy4PSZFHoc06dSj8E04O/yeNvdNd
ywHKDg5+TYMR1GqXwXZH0eiNcTBND6oicw9cg2y/GhbMvDKiqSwe+FyZ2GghP/MJ
bAZt7BSQU3Cuf2vcS1lQDHseF71A8Fl8H11Z6wKCDB7vqy6XOOJE83Ue3XW9G54y
EVjBeEcPhdhVemKpC3bF8YGMuOPQlR1a2E3aYsAwZGJZB/M0rw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:48:16 2025 by rpki-client