Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f0de92d9-9b14-4323-b2e0-a464f60f76b6.roa
File: f0de92d9-9b14-4323-b2e0-a464f60f76b6.roa (raw, json)
Hash identifier: IJxB3zggYm93BYNFTZ5Oi3Obio4b69aLZ3DSsW54N/w=
Subject key identifier: 1B:29:26:7B:64:B9:59:E4:C2:96:83:C6:02:DB:A8:7B:1A:0D:38:77
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6BBB080C4AAE47C5F9760A84CF98C6D59F9FE62E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f0de92d9-9b14-4323-b2e0-a464f60f76b6.roa
Signing time: Fri 25 Apr 2025 19:31:22 +0000
ROA not before: Fri 25 Apr 2025 19:31:22 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:bb:08:0c:4a:ae:47:c5:f9:76:0a:84:cf:98:c6:d5:9f:9f:e6:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:31:22 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=cdc45674a58d89e017173f6bb60efc60f2090a35797ab431d8f3b0aac3f55c02, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:98:f9:92:34:c7:c9:8f:9f:a3:b2:24:d5:d2:
42:83:56:df:0f:12:91:23:d1:66:6a:28:8d:29:4b:
cd:7f:08:70:b5:f0:81:d1:35:33:5e:f6:b1:cc:4e:
95:50:79:73:95:13:a3:94:73:48:e4:da:10:2b:56:
84:10:1f:d5:5b:8c:5c:2e:06:68:34:25:90:99:49:
1f:1f:3f:17:af:3c:e8:3b:80:4e:1a:22:40:49:87:
02:4c:05:b1:54:44:7a:a0:f6:b0:2e:0d:54:ab:09:
ae:f2:7c:16:da:34:34:f7:13:e7:21:26:ec:2a:96:
7e:90:e3:7d:f5:69:a3:52:5a:a0:21:d8:68:1f:4c:
16:43:74:ad:8e:5c:8f:39:08:f4:ed:1c:f9:62:85:
54:8c:11:57:33:96:c6:0b:1f:f4:61:78:80:5d:9a:
87:83:f7:6e:e3:44:8d:99:4a:62:ed:1f:99:f7:fa:
eb:79:ed:d0:1a:fa:78:8f:e4:cc:77:bc:0a:dc:75:
c3:9f:42:f1:3e:98:5c:d9:86:4d:22:02:58:67:b9:
77:43:25:7b:01:8f:55:ab:c9:de:40:46:15:c7:8d:
ad:92:24:4d:a1:ac:39:48:10:25:65:10:44:7a:0a:
ce:c4:11:f6:72:ff:23:f9:55:05:94:b9:ae:14:29:
14:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:29:26:7B:64:B9:59:E4:C2:96:83:C6:02:DB:A8:7B:1A:0D:38:77
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f0de92d9-9b14-4323-b2e0-a464f60f76b6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:1000::/40
Signature Algorithm: sha256WithRSAEncryption
c9:89:f7:4d:2f:a3:4d:37:16:70:fc:ad:c2:87:2b:e3:36:c0:
ae:d3:fd:64:dc:03:d1:16:1f:19:b3:fb:17:7b:b6:72:92:db:
fb:8b:46:da:39:9a:f6:a7:9d:2b:30:63:b2:b9:a5:85:e8:a7:
1d:fe:1a:1a:b1:7f:a2:56:4e:38:96:ed:e3:33:db:82:9b:71:
44:ae:1e:3f:3e:70:8f:a9:5f:fc:b8:57:2d:c3:b7:92:83:c8:
82:6e:1a:29:e7:78:0f:91:41:27:b3:b0:d1:4b:f3:c5:d3:3b:
e2:e5:fd:44:39:a2:de:8f:07:d9:9c:b0:14:63:95:dd:56:17:
ee:53:b1:c2:15:6e:0e:eb:62:e6:99:b1:93:1c:82:bd:e2:2f:
e6:e4:55:f9:28:9f:93:a8:cb:20:70:f0:ea:5c:17:b4:91:52:
b5:67:55:bb:48:55:41:a7:1b:df:c0:20:b8:dd:1c:59:f7:d2:
45:01:6d:56:1c:36:47:a7:a5:a1:e6:61:c6:c1:3a:28:4c:e0:
ee:db:a9:f8:ce:2d:3a:87:be:8a:e2:6b:ea:93:46:33:61:48:
3e:e0:24:d7:0f:e7:2a:53:23:e4:f6:f9:e9:68:6f:f4:8a:27:
87:27:9a:98:03:16:cf:93:53:3d:cc:1d:d6:cb:e7:1d:35:9b:
24:04:f6:01
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUa7sIDEquR8X5dgqEz5jG1Z+f5i4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTMxMjJaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGNkYzQ1Njc0YTU4ZDg5ZTAxNzE3M2Y2YmI2MGVmYzYwZjIwOTBhMzU3OTdh
YjQzMWQ4ZjNiMGFhYzNmNTVjMDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKeY+ZI0x8mPn6OyJNXSQoNW3w8SkSPRZmoojSlLzX8IcLXwgdE1M172scxO
lVB5c5UTo5RzSOTaECtWhBAf1VuMXC4GaDQlkJlJHx8/F6886DuAThoiQEmHAkwF
sVREeqD2sC4NVKsJrvJ8Fto0NPcT5yEm7CqWfpDjffVpo1JaoCHYaB9MFkN0rY5c
jzkI9O0c+WKFVIwRVzOWxgsf9GF4gF2ah4P3buNEjZlKYu0fmff663nt0Br6eI/k
zHe8Ctx1w59C8T6YXNmGTSICWGe5d0MlewGPVavJ3kBGFceNrZIkTaGsOUgQJWUQ
RHoKzsQR9nL/I/lVBZS5rhQpFBkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQbKSZ7
ZLlZ5MKWg8YC26h7Gg04dzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjBkZTkyZDktOWIxNC00MzIzLWIyZTAtYTQ2NGY2MGY3NmI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DUQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDJifdNL6NNNxZw/K3ChyvjNsCu0/1k3APRFh8Z
s/sXe7Zyktv7i0baOZr2p50rMGOyuaWF6Kcd/hoasX+iVk44lu3jM9uCm3FErh4/
PnCPqV/8uFctw7eSg8iCbhop53gPkUEns7DRS/PF0zvi5f1EOaLejwfZnLAUY5Xd
VhfuU7HCFW4O62LmmbGTHIK94i/m5FX5KJ+TqMsgcPDqXBe0kVK1Z1W7SFVBpxvf
wCC43RxZ99JFAW1WHDZHp6Wh5mHGwTooTODu26n4zi06h76K4mvqk0YzYUg+4CTX
D+cqUyPk9vnpaG/0iieHJ5qYAxbPk1M9zB3Wy+cdNZskBPYB
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:05 2025 by rpki-client