Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f0b82baf-a862-4798-9499-b15840762228.roa
File: f0b82baf-a862-4798-9499-b15840762228.roa (raw, json)
Hash identifier: 4LTIqPF480h8NyBcNqcqK317DkQk9J7viOz8fuS8ntc=
Subject key identifier: 02:63:28:D4:5D:CD:D3:81:7D:AA:4D:0C:6A:9C:4E:90:2B:5F:1C:94
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E85BBB0A05CB1673B05A77907759835881FEA87
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f0b82baf-a862-4798-9499-b15840762228.roa
Signing time: Thu 17 Apr 2025 16:37:12 +0000
ROA not before: Thu 17 Apr 2025 16:37:12 +0000
ROA not after: Thu 22 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05b:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:85:bb:b0:a0:5c:b1:67:3b:05:a7:79:07:75:98:35:88:1f:ea:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 16:37:12 2025 GMT
Not After : May 22 23:59:59 2025 GMT
Subject: serialNumber=8a1dabd520f2bb4825a3451f18e63a1a4e8e41f36594d0554da3c27fb63cba2c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:41:96:eb:a5:de:ce:97:aa:b4:5a:02:57:5c:
85:af:18:9c:cf:d9:cb:18:96:0f:6c:18:ef:95:ce:
cf:74:ee:be:c7:61:65:d3:2a:34:3b:3e:3d:88:6b:
e3:8b:3f:b7:e6:b6:5f:47:5d:7a:c5:9d:31:7c:30:
52:e5:cb:2f:58:82:ce:5e:34:b0:48:37:04:31:1c:
35:f7:ab:06:7e:5d:38:9e:d9:1b:a1:64:05:bb:bc:
55:96:7d:b9:c6:56:05:60:45:57:b7:2f:b6:3f:de:
f3:72:0a:f7:9f:38:4e:fa:76:03:e0:a9:37:2a:cf:
23:ed:b4:56:4b:2c:e4:01:8a:96:8f:d6:4d:51:24:
04:a2:44:f6:6c:2d:4c:f9:c1:95:20:e1:7c:a7:88:
a0:97:c9:4f:5c:60:a4:a0:9c:b0:44:a5:bf:b0:e1:
a5:58:e7:be:e9:a6:c7:dd:6c:ec:f9:df:3d:ac:73:
f6:bf:eb:29:34:57:02:3d:59:90:86:f6:cc:27:ac:
54:50:bb:75:ca:75:ba:53:40:80:31:49:8c:be:bd:
42:bb:15:ca:ea:20:04:87:18:cc:fa:54:7c:c0:95:
5f:48:6b:4f:d8:e9:42:c1:ee:bc:19:ac:f6:1e:52:
8b:d2:1f:d7:4e:d4:5f:af:61:ba:81:97:f0:d4:3d:
4b:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:63:28:D4:5D:CD:D3:81:7D:AA:4D:0C:6A:9C:4E:90:2B:5F:1C:94
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f0b82baf-a862-4798-9499-b15840762228.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05b:800::/40
Signature Algorithm: sha256WithRSAEncryption
ba:98:71:d4:1c:13:47:13:f5:4f:ef:6e:27:0b:a8:ec:5b:f1:
9a:c4:86:ce:80:8f:ff:eb:3e:7d:06:3d:64:ee:03:b7:ff:b5:
03:cf:67:47:3b:aa:57:ca:c9:f4:30:cf:08:f7:8c:ce:e9:69:
5e:d0:56:2b:09:88:41:43:c2:44:c3:4b:1f:45:a6:7e:8b:d6:
17:c3:1e:8e:c3:1b:dd:08:f7:0f:3f:9f:e4:f2:54:f5:d5:b5:
ca:64:e1:2b:cf:c2:08:3b:dc:7b:fe:53:9b:65:62:c3:56:3e:
b8:12:22:e0:54:ea:f1:83:8b:82:cb:2e:d5:0f:c7:69:3a:a3:
78:9b:ee:72:79:74:de:70:18:3e:aa:f1:88:f9:2c:dc:31:6d:
5b:8b:34:85:62:a7:bf:5b:2e:7c:3a:d9:bb:d4:47:72:60:9e:
3f:35:88:04:22:ec:b7:a9:45:9c:5f:ad:96:6d:64:40:64:f3:
2e:1c:9a:b7:41:1b:58:a0:61:66:c3:38:d5:99:de:5c:8e:7b:
77:ce:5f:36:d1:36:b8:f1:b1:41:d9:9a:e8:4d:a9:1a:41:47:
1d:3d:d9:e0:06:01:ea:26:72:e7:78:89:6f:ed:ee:88:73:69:
26:2e:ca:fa:e1:55:e9:ba:9b:60:b2:72:b1:aa:b9:4d:36:24:
5c:53:fe:4c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfoW7sKBcsWc7Bad5B3WYNYgf6ocwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTcxNjM3MTJaFw0yNTA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDhhMWRhYmQ1MjBmMmJiNDgyNWEzNDUxZjE4ZTYzYTFhNGU4ZTQxZjM2NTk0
ZDA1NTRkYTNjMjdmYjYzY2JhMmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMVBluul3s6XqrRaAldcha8YnM/ZyxiWD2wY75XOz3TuvsdhZdMqNDs+PYhr
44s/t+a2X0ddesWdMXwwUuXLL1iCzl40sEg3BDEcNferBn5dOJ7ZG6FkBbu8VZZ9
ucZWBWBFV7cvtj/e83IK9584Tvp2A+CpNyrPI+20Vkss5AGKlo/WTVEkBKJE9mwt
TPnBlSDhfKeIoJfJT1xgpKCcsESlv7DhpVjnvummx91s7PnfPaxz9r/rKTRXAj1Z
kIb2zCesVFC7dcp1ulNAgDFJjL69QrsVyuogBIcYzPpUfMCVX0hrT9jpQsHuvBms
9h5Si9If107UX69huoGX8NQ9S6kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQCYyjU
Xc3TgX2qTQxqnE6QK18clDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjBiODJiYWYtYTg2Mi00Nzk4LTk0OTktYjE1ODQwNzYyMjI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FsI
MA0GCSqGSIb3DQEBCwUAA4IBAQC6mHHUHBNHE/VP724nC6jsW/GaxIbOgI//6z59
Bj1k7gO3/7UDz2dHO6pXysn0MM8I94zO6Wle0FYrCYhBQ8JEw0sfRaZ+i9YXwx6O
wxvdCPcPP5/k8lT11bXKZOErz8IIO9x7/lObZWLDVj64EiLgVOrxg4uCyy7VD8dp
OqN4m+5yeXTecBg+qvGI+SzcMW1bizSFYqe/Wy58Otm71EdyYJ4/NYgEIuy3qUWc
X62WbWRAZPMuHJq3QRtYoGFmwzjVmd5cjnt3zl820Ta48bFB2ZroTakaQUcdPdng
BgHqJnLneIlv7e6Ic2kmLsr64VXpuptgsnKxqrlNNiRcU/5M
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:47:23 2025 by rpki-client