Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb1b933f-488b-4999-8d01-1b5c2d8459f9.roa
File: eb1b933f-488b-4999-8d01-1b5c2d8459f9.roa (raw, json)
Hash identifier: 3HpfSrviKsCEtlsIIMbR9fVPycD5nxUf/7hauYCmhaI=
Subject key identifier: 74:40:34:28:18:8E:01:18:A2:C3:C5:9E:B7:50:E3:F5:99:B7:67:46
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 23D626A4F41DFF5E66B7B0C41D142E81C3D10409
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb1b933f-488b-4999-8d01-1b5c2d8459f9.roa
Signing time: Fri 25 Apr 2025 18:40:57 +0000
ROA not before: Fri 25 Apr 2025 18:40:57 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:d6:26:a4:f4:1d:ff:5e:66:b7:b0:c4:1d:14:2e:81:c3:d1:04:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:40:57 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=81daef4d770389898701848086b988be38cf6434652a77bbd267ae95b16a6f50, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b7:be:8b:01:b7:8b:57:90:8d:40:67:17:f1:
7c:f9:9f:80:90:69:11:e2:d3:55:19:47:eb:4a:98:
ef:51:ff:15:6d:62:39:7c:0f:6e:d0:99:c1:18:68:
54:24:af:6b:34:0c:22:5a:bb:ee:cf:39:ea:73:dc:
d8:70:9f:1f:50:f5:17:17:ee:f0:e1:8b:d2:32:09:
aa:38:6a:cd:d4:17:7e:9c:f6:67:08:57:ad:8e:c2:
e9:da:18:cc:94:9c:b0:3f:a1:1a:79:03:e3:68:f7:
e7:6a:ed:1d:1e:f2:78:21:06:23:4f:0c:cd:c8:b3:
ec:1f:e5:ab:50:f4:9b:dd:ba:68:08:1d:fb:76:d3:
3b:94:b3:4b:3e:86:2e:ff:b5:93:b0:eb:eb:5e:c1:
19:ad:88:8d:af:68:ec:13:8b:67:76:12:b7:65:68:
7f:d3:b3:6f:aa:b4:74:fb:b9:61:52:bc:38:fe:e2:
72:c5:aa:19:c4:d8:9b:90:33:8e:ac:b1:3b:ab:69:
c1:d3:ba:75:d4:f0:12:3a:f4:34:64:4a:7d:69:03:
9e:0a:e3:b8:59:9d:4b:d0:2c:80:61:d7:ab:d1:4f:
dc:35:86:45:a9:35:dc:34:37:a2:c9:d0:03:2c:c2:
65:5f:26:81:87:2b:ec:fb:1e:f6:63:ba:a4:40:57:
d0:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:40:34:28:18:8E:01:18:A2:C3:C5:9E:B7:50:E3:F5:99:B7:67:46
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb1b933f-488b-4999-8d01-1b5c2d8459f9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:9000::/40
Signature Algorithm: sha256WithRSAEncryption
94:78:ef:31:62:d7:8c:4a:a4:b1:fe:31:9c:6c:d6:08:1c:39:
f2:fc:d5:5f:97:64:cd:d5:a3:04:5a:77:90:25:4f:be:9f:d6:
a0:00:bd:be:d4:75:74:ca:a8:f6:2a:a9:a4:17:f8:78:0d:40:
ef:6f:73:c5:f5:4c:b0:d6:58:c2:43:c8:5f:16:18:3f:4e:cb:
5f:b2:b7:71:d0:61:d4:f5:db:17:ca:6c:39:d0:1d:d8:b1:1d:
63:0d:bc:ac:cf:12:1b:88:60:22:75:ad:d6:89:89:ee:75:68:
a4:df:c5:34:6b:94:f5:7e:8f:66:8d:eb:b0:57:78:a1:17:1b:
59:a5:3f:8b:38:2e:c8:8b:43:04:48:69:e2:bc:51:aa:34:f3:
20:5c:95:3c:24:7b:20:f4:fe:97:ac:92:c4:5b:2a:76:de:dd:
74:4b:59:0b:b5:9d:69:c0:c7:a1:e5:59:03:51:19:d0:fb:91:
ed:af:65:db:83:7a:ad:3b:3a:64:d8:16:c4:6d:30:21:b5:30:
fa:85:f3:17:6d:98:1e:50:37:17:91:31:0c:68:32:36:93:1a:
09:4b:48:70:96:3e:5d:35:f8:be:3b:7a:01:9a:2f:23:34:c5:
c7:09:68:8e:00:09:cf:2b:b5:af:82:28:b2:2a:d5:85:bf:3b:
8f:f8:48:24
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUI9YmpPQd/15mt7DEHRQugcPRBAkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODQwNTdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxZGFlZjRkNzcwMzg5ODk4NzAxODQ4MDg2Yjk4OGJlMzhjZjY0MzQ2NTJh
NzdiYmQyNjdhZTk1YjE2YTZmNTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ+3vosBt4tXkI1AZxfxfPmfgJBpEeLTVRlH60qY71H/FW1iOXwPbtCZwRho
VCSvazQMIlq77s856nPc2HCfH1D1Fxfu8OGL0jIJqjhqzdQXfpz2ZwhXrY7C6doY
zJScsD+hGnkD42j352rtHR7yeCEGI08Mzciz7B/lq1D0m926aAgd+3bTO5SzSz6G
Lv+1k7Dr617BGa2Ija9o7BOLZ3YSt2Vof9Ozb6q0dPu5YVK8OP7icsWqGcTYm5Az
jqyxO6tpwdO6ddTwEjr0NGRKfWkDngrjuFmdS9AsgGHXq9FP3DWGRak13DQ3osnQ
AyzCZV8mgYcr7Pse9mO6pEBX0MMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR0QDQo
GI4BGKLDxZ63UOP1mbdnRjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWIxYjkzM2YtNDg4Yi00OTk5LThkMDEtMWI1YzJkODQ1OWY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCUeO8xYteMSqSx/jGcbNYIHDny/NVfl2TN1aME
WneQJU++n9agAL2+1HV0yqj2KqmkF/h4DUDvb3PF9Uyw1ljCQ8hfFhg/Tstfsrdx
0GHU9dsXymw50B3YsR1jDbyszxIbiGAida3WiYnudWik38U0a5T1fo9mjeuwV3ih
FxtZpT+LOC7Ii0MESGnivFGqNPMgXJU8JHsg9P6XrJLEWyp23t10S1kLtZ1pwMeh
5VkDURnQ+5Htr2Xbg3qtOzpk2BbEbTAhtTD6hfMXbZgeUDcXkTEMaDI2kxoJS0hw
lj5dNfi+O3oBmi8jNMXHCWiOAAnPK7WvgiiyKtWFvzuP+Egk
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:08 2025 by rpki-client