Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ead335a6-c944-4428-8125-039e74da6674.roa
File: ead335a6-c944-4428-8125-039e74da6674.roa (raw, json)
Hash identifier: k5oi2BhwcgVL3+76oyWadntzRViADSQ2eWRCPUupZws=
Subject key identifier: 65:DE:35:0D:8E:76:40:7D:C8:E2:D2:10:1A:D1:E4:85:60:C5:F5:FC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 79A662986E1A74581AB7ED80A3177B62221F7FD4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ead335a6-c944-4428-8125-039e74da6674.roa
Signing time: Fri 25 Apr 2025 19:41:11 +0000
ROA not before: Fri 25 Apr 2025 19:41:11 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:a6:62:98:6e:1a:74:58:1a:b7:ed:80:a3:17:7b:62:22:1f:7f:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:41:11 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=e2941dfcc6f2dcf2b2b8392abf35247d393bc942eab7848aa8bdb40a37fe4561, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:a1:8d:ef:d8:45:42:ca:f1:9e:32:bc:ce:03:
a2:84:0b:7c:ad:26:a6:5a:83:76:97:2d:a7:92:64:
67:74:2d:a9:67:35:fc:89:15:c9:3b:44:49:88:39:
91:33:c2:4e:36:64:04:73:56:e8:09:91:72:fb:8f:
0f:2d:be:2f:bd:1a:ef:65:74:ce:6e:58:18:d1:18:
fc:88:5d:e3:8f:a8:c6:8e:2b:e9:d4:1b:be:62:3a:
24:ca:d2:b9:5f:e4:d7:62:07:18:37:63:2a:87:ec:
63:49:95:cb:ed:bd:47:6a:47:6b:39:d6:ce:56:4c:
15:17:cc:92:f6:c4:38:77:66:13:e3:a0:2a:00:31:
de:85:cc:c0:9e:52:fc:cd:c5:d5:a0:05:28:79:15:
ce:e0:fb:72:d1:53:79:c5:bf:81:57:cd:56:b6:35:
d1:7b:9c:41:bb:46:86:80:5c:62:c1:fa:9d:f2:9f:
10:95:50:db:98:a5:a6:d6:7a:34:45:d0:fd:15:27:
d9:34:89:b2:7b:14:a1:eb:3c:63:44:9d:c3:57:f1:
92:b2:5d:42:90:19:72:92:22:29:31:55:ae:34:80:
d4:9a:af:dc:97:37:7c:9a:5d:2a:ec:be:25:64:12:
85:c8:ec:0d:2c:11:94:1a:31:4d:51:4c:9f:6a:ab:
3e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:DE:35:0D:8E:76:40:7D:C8:E2:D2:10:1A:D1:E4:85:60:C5:F5:FC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ead335a6-c944-4428-8125-039e74da6674.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:2000::/40
Signature Algorithm: sha256WithRSAEncryption
7d:93:5d:ec:b4:a0:e4:70:2b:08:2f:57:e5:dc:3b:6d:09:79:
a2:05:0d:13:c2:c5:ed:0e:a7:7d:54:cc:06:6f:e7:d5:25:f2:
27:70:3c:43:6c:1a:ba:d1:ed:97:b5:92:dc:40:b3:8c:84:79:
3f:33:32:28:5f:5b:63:0c:bf:f3:9f:33:2e:fa:ed:d6:b7:3e:
52:da:6c:7c:52:3a:43:b7:c0:9c:99:4b:c1:df:a4:b6:f4:c1:
9b:16:45:b6:4d:ec:8f:a6:39:a5:17:de:27:39:6e:1a:c1:cc:
4a:67:72:f7:a1:dd:ab:0a:41:7b:e8:0f:44:45:1d:48:88:2e:
3a:a7:57:f9:bf:8a:c6:4c:bc:c6:52:78:98:09:5a:15:cb:72:
4b:8a:4d:b0:9e:48:16:ce:d7:b6:fe:b9:44:c3:d2:c6:91:ac:
33:6e:1b:28:e3:0e:ed:ac:78:7b:6e:c4:91:d7:b1:b7:b1:18:
05:f1:79:15:90:10:c4:34:c0:ba:d7:98:03:66:31:c8:92:08:
19:94:a4:75:19:7b:60:82:4a:53:b0:b5:7e:6f:82:b3:bf:9f:
4e:0c:73:0e:47:fd:12:79:01:36:16:8d:5a:b3:4c:a2:9a:c3:
76:57:41:1e:7e:86:32:44:5b:ab:c1:38:37:57:92:05:fe:a4:
35:3b:39:54
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeaZimG4adFgat+2Aoxd7YiIff9QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTQxMTFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyOTQxZGZjYzZmMmRjZjJiMmI4MzkyYWJmMzUyNDdkMzkzYmM5NDJlYWI3
ODQ4YWE4YmRiNDBhMzdmZTQ1NjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANyhje/YRULK8Z4yvM4DooQLfK0mplqDdpctp5JkZ3QtqWc1/IkVyTtESYg5
kTPCTjZkBHNW6AmRcvuPDy2+L70a72V0zm5YGNEY/Ihd44+oxo4r6dQbvmI6JMrS
uV/k12IHGDdjKofsY0mVy+29R2pHaznWzlZMFRfMkvbEOHdmE+OgKgAx3oXMwJ5S
/M3F1aAFKHkVzuD7ctFTecW/gVfNVrY10XucQbtGhoBcYsH6nfKfEJVQ25ilptZ6
NEXQ/RUn2TSJsnsUoes8Y0Sdw1fxkrJdQpAZcpIiKTFVrjSA1Jqv3Jc3fJpdKuy+
JWQShcjsDSwRlBoxTVFMn2qrPj0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRl3jUN
jnZAfcji0hAa0eSFYMX1/DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWFkMzM1YTYtYzk0NC00NDI4LTgxMjUtMDM5ZTc0ZGE2Njc0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hsg
MA0GCSqGSIb3DQEBCwUAA4IBAQB9k13stKDkcCsIL1fl3DttCXmiBQ0TwsXtDqd9
VMwGb+fVJfIncDxDbBq60e2XtZLcQLOMhHk/MzIoX1tjDL/znzMu+u3Wtz5S2mx8
UjpDt8CcmUvB36S29MGbFkW2TeyPpjmlF94nOW4awcxKZ3L3od2rCkF76A9ERR1I
iC46p1f5v4rGTLzGUniYCVoVy3JLik2wnkgWzte2/rlEw9LGkawzbhso4w7trHh7
bsSR17G3sRgF8XkVkBDENMC615gDZjHIkggZlKR1GXtggkpTsLV+b4Kzv59ODHMO
R/0SeQE2Fo1as0yimsN2V0EefoYyRFurwTg3V5IF/qQ1OzlU
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:47:12 2025 by rpki-client