Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
File: eb69b216-60d5-4f56-b2b8-3401f331f31e.roa (raw, json)
Hash identifier: fjCsuyUjidpwzRK+dag5DR4GLstUJTf71FMGEZHVNa4=
Subject key identifier: 0D:02:4A:B8:37:DF:3D:21:4E:5E:33:6F:4F:BA:83:54:1D:DC:19:0D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5690B6F4B605490944951B6463151F55D8EE9D0A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
Signing time: Fri 25 Apr 2025 20:01:04 +0000
ROA not before: Fri 25 Apr 2025 20:01:04 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:90:b6:f4:b6:05:49:09:44:95:1b:64:63:15:1f:55:d8:ee:9d:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:01:04 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=730f3e24f1223384fd47cc270da7bac08fe81b3160607dc436670dcbc5de727d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:89:7b:bd:c8:94:42:16:30:20:34:a5:35:3a:
50:72:52:4e:2a:2c:9d:83:b9:b9:64:44:1e:4c:b4:
9a:3e:f4:84:0f:bb:09:e7:9f:63:cf:a2:a3:f2:e6:
ef:88:a7:9f:51:0e:27:2c:32:4b:04:39:25:36:c8:
58:22:92:87:f3:96:16:9d:82:15:b0:aa:66:22:b6:
92:c0:f5:cf:48:bf:6d:a4:2d:d4:01:00:13:4b:5c:
2c:b4:f2:c2:2b:f9:14:cd:13:9c:f4:b1:05:3e:91:
3b:73:88:8e:9e:e0:63:02:6d:6c:4e:e6:a5:33:67:
bd:64:63:92:cf:c5:8a:58:ea:71:78:62:84:b1:19:
44:85:6c:7e:f5:15:57:a9:92:08:29:ba:15:2c:ae:
ff:42:62:a9:db:fe:c9:a7:85:4a:f7:8d:73:21:02:
73:f5:05:3e:84:6e:9c:41:53:43:05:81:55:5f:bb:
be:b3:11:9e:91:25:20:71:58:6d:49:79:c4:be:5f:
25:f9:35:58:ec:67:20:e0:a2:c1:a3:68:c2:75:e0:
f8:6a:23:d2:dc:cb:e9:33:7e:bc:24:6d:7c:22:b9:
6b:d1:98:24:52:18:5d:93:0e:29:4d:a2:03:3e:e2:
72:26:2a:08:43:19:b4:74:28:28:68:10:3b:8f:1d:
05:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:02:4A:B8:37:DF:3D:21:4E:5E:33:6F:4F:BA:83:54:1D:DC:19:0D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:4000::/40
Signature Algorithm: sha256WithRSAEncryption
b9:bb:0c:4c:60:2b:21:e5:47:6d:b2:3e:b1:02:1b:82:a0:7f:
82:7b:4f:cc:14:4c:70:7c:56:6e:6c:e1:77:71:1d:4d:bf:3f:
f4:16:74:66:d2:35:03:94:5d:14:c5:39:8c:0d:b3:70:b6:f7:
1e:fd:dc:fd:c3:07:ef:57:c0:2c:d8:2e:f0:3e:e1:8a:c3:f4:
3e:e1:50:9c:44:48:9c:fc:97:dd:d2:f8:d9:6d:f2:23:4b:81:
24:51:70:d8:50:63:d5:51:90:a2:cd:f4:96:3c:01:99:5c:9d:
9e:79:92:72:61:17:0e:0b:32:51:8b:43:27:28:7e:51:b2:50:
c0:b2:c4:37:b3:2b:60:1b:14:9f:70:c6:58:c5:7a:b9:39:2f:
d1:03:eb:f2:cb:0c:ff:81:f5:d1:2d:b8:f9:7b:06:58:7f:89:
a7:88:f0:24:37:83:ba:84:82:a2:be:fe:0a:22:26:12:c4:2f:
71:ec:b9:29:c6:c6:a5:6a:84:e9:24:d2:0f:86:f8:35:4b:57:
5d:47:e6:db:fa:ef:6a:a2:1c:65:5d:4c:e6:2d:a7:e6:b6:35:
2e:00:39:bc:eb:98:cc:20:79:76:f4:3e:bb:4b:d2:a5:44:1a:
fb:5d:95:c6:cc:1b:b0:e6:33:61:c3:e8:a6:3f:89:0a:f5:2b:
4a:44:44:86
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVpC29LYFSQlElRtkYxUfVdjunQowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDAxMDRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDczMGYzZTI0ZjEyMjMzODRmZDQ3Y2MyNzBkYTdiYWMwOGZlODFiMzE2MDYw
N2RjNDM2NjcwZGNiYzVkZTcyN2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMWJe73IlEIWMCA0pTU6UHJSTiosnYO5uWREHky0mj70hA+7CeefY8+io/Lm
74inn1EOJywySwQ5JTbIWCKSh/OWFp2CFbCqZiK2ksD1z0i/baQt1AEAE0tcLLTy
wiv5FM0TnPSxBT6RO3OIjp7gYwJtbE7mpTNnvWRjks/FiljqcXhihLEZRIVsfvUV
V6mSCCm6FSyu/0Jiqdv+yaeFSveNcyECc/UFPoRunEFTQwWBVV+7vrMRnpElIHFY
bUl5xL5fJfk1WOxnIOCiwaNownXg+Goj0tzL6TN+vCRtfCK5a9GYJFIYXZMOKU2i
Az7iciYqCEMZtHQoKGgQO48dBZsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQNAkq4
N989IU5eM29PuoNUHdwZDTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWI2OWIyMTYtNjBkNS00ZjU2LWIyYjgtMzQwMWYzMzFmMzFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HpA
MA0GCSqGSIb3DQEBCwUAA4IBAQC5uwxMYCsh5Udtsj6xAhuCoH+Ce0/MFExwfFZu
bOF3cR1Nvz/0FnRm0jUDlF0UxTmMDbNwtvce/dz9wwfvV8As2C7wPuGKw/Q+4VCc
REic/Jfd0vjZbfIjS4EkUXDYUGPVUZCizfSWPAGZXJ2eeZJyYRcOCzJRi0MnKH5R
slDAssQ3sytgGxSfcMZYxXq5OS/RA+vyywz/gfXRLbj5ewZYf4mniPAkN4O6hIKi
vv4KIiYSxC9x7LkpxsalaoTpJNIPhvg1S1ddR+bb+u9qohxlXUzmLafmtjUuADm8
65jMIHl29D67S9KlRBr7XZXGzBuw5jNhw+imP4kK9StKRESG
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:12 2025 by rpki-client