Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f3be7af4-35f4-4df2-a374-b4daab598a9f.roa
File: f3be7af4-35f4-4df2-a374-b4daab598a9f.roa (raw, json)
Hash identifier: Cs0ervSUQBEBMTbvGwrfRnvRIfnezxJgQPqZ2MKnDa0=
Subject key identifier: 8E:B8:8B:69:FE:A1:31:82:D6:42:A9:5D:F8:BF:E5:C4:10:53:50:32
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 267EFE800F77B85154D61746D3FDA67BB0A5AC84
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f3be7af4-35f4-4df2-a374-b4daab598a9f.roa
Signing time: Fri 25 Apr 2025 19:41:17 +0000
ROA not before: Fri 25 Apr 2025 19:41:17 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:7e:fe:80:0f:77:b8:51:54:d6:17:46:d3:fd:a6:7b:b0:a5:ac:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:41:17 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=b46c8d645faed2aae68902a1ecaa8e95fe26353449c512cfb07c090ccd4bce6c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:23:60:7f:b9:68:91:3d:7b:55:ea:e2:bd:e4:
8a:0f:41:e2:8e:41:e8:2c:2d:bd:70:45:37:d0:16:
82:35:dd:53:38:06:8e:2d:b7:5a:68:a9:f5:d2:db:
ae:72:14:e2:49:2d:ff:04:70:cc:34:37:77:90:97:
d4:2c:a9:52:7e:c4:3e:a4:08:3f:86:6f:fc:1e:25:
de:19:0f:64:86:5b:ce:1f:7c:2e:a8:d5:40:6c:d2:
9b:05:76:67:6a:dc:ba:74:03:26:d8:e2:fc:4d:36:
fa:f0:ca:1f:8e:2f:ef:1e:af:cf:4e:90:91:3b:33:
da:2b:2a:fe:6d:da:72:3e:5f:48:e4:50:8d:62:5a:
82:a8:dd:93:2c:23:30:d8:ad:f7:9c:2a:d9:1f:45:
2a:fa:9e:e8:8f:8d:fe:e5:8a:0f:d1:a2:ba:6d:eb:
9b:32:c0:22:cd:d9:e7:d9:ed:a0:e4:e7:f4:8d:4d:
e9:ba:d9:ef:39:16:1e:4c:02:9c:5c:f8:11:b1:88:
9e:da:d2:78:bb:aa:91:c5:42:a3:3f:09:8f:1c:ed:
b2:98:ed:92:97:b0:28:41:ee:71:6a:fc:b1:ee:f5:
0f:59:8d:bc:56:09:35:5e:b0:41:52:89:f3:98:1b:
9f:1c:86:e6:2b:92:b6:12:b1:c0:e3:88:d6:ba:ac:
d8:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:B8:8B:69:FE:A1:31:82:D6:42:A9:5D:F8:BF:E5:C4:10:53:50:32
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f3be7af4-35f4-4df2-a374-b4daab598a9f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:1000::/40
Signature Algorithm: sha256WithRSAEncryption
a1:e6:b8:6e:d7:f0:55:fc:87:11:98:dc:97:2f:fd:be:8b:ca:
da:18:1e:aa:7e:0d:e5:43:95:fe:7d:0b:e2:09:59:95:56:99:
0f:06:26:7c:8e:8d:27:ec:64:21:28:26:a0:d7:1d:92:44:6c:
79:b3:7f:b0:b3:36:be:ef:a8:d9:1f:45:c7:5e:d1:72:a3:72:
6c:ab:a1:c2:38:20:83:f9:4f:a2:78:f3:99:78:d9:41:3b:68:
9b:4d:a0:3e:25:8e:bf:1d:e1:92:1d:74:37:25:db:89:16:aa:
7d:09:d3:ca:b8:30:21:59:2b:19:f3:00:77:9a:34:a4:65:66:
25:b7:b1:b2:ac:05:2c:14:18:89:53:4c:ed:1c:61:a1:4e:c1:
01:49:65:74:28:f0:d7:6b:40:5f:8f:e7:86:07:07:57:2a:10:
6b:28:dd:4c:a5:a4:56:fe:7b:69:4a:6a:ce:2f:c1:08:d1:73:
7e:f0:5e:cb:5a:b7:f5:0c:f7:0e:1c:a1:04:a4:07:1b:00:f7:
6e:61:cc:91:6e:c8:8f:2f:a3:38:3d:92:b7:01:8a:b4:9a:b0:
78:9b:d0:97:14:6c:c6:ff:1f:d3:da:85:68:8b:74:ca:4c:eb:
d7:8b:4d:d4:0f:33:bb:93:cc:f5:16:d6:38:7d:6c:4a:b0:0e:
3f:4d:3c:c6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJn7+gA93uFFU1hdG0/2me7ClrIQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTQxMTdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGI0NmM4ZDY0NWZhZWQyYWFlNjg5MDJhMWVjYWE4ZTk1ZmUyNjM1MzQ0OWM1
MTJjZmIwN2MwOTBjY2Q0YmNlNmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOIjYH+5aJE9e1Xq4r3kig9B4o5B6CwtvXBFN9AWgjXdUzgGji23Wmip9dLb
rnIU4kkt/wRwzDQ3d5CX1CypUn7EPqQIP4Zv/B4l3hkPZIZbzh98LqjVQGzSmwV2
Z2rcunQDJtji/E02+vDKH44v7x6vz06QkTsz2isq/m3acj5fSORQjWJagqjdkywj
MNit95wq2R9FKvqe6I+N/uWKD9Gium3rmzLAIs3Z59ntoOTn9I1N6brZ7zkWHkwC
nFz4EbGIntrSeLuqkcVCoz8JjxztspjtkpewKEHucWr8se71D1mNvFYJNV6wQVKJ
85gbnxyG5iuSthKxwOOI1rqs2HcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSOuItp
/qExgtZCqV34v+XEEFNQMjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjNiZTdhZjQtMzVmNC00ZGYyLWEzNzQtYjRkYWFiNTk4YTlmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HsQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCh5rhu1/BV/IcRmNyXL/2+i8raGB6qfg3lQ5X+
fQviCVmVVpkPBiZ8jo0n7GQhKCag1x2SRGx5s3+wsza+76jZH0XHXtFyo3Jsq6HC
OCCD+U+iePOZeNlBO2ibTaA+JY6/HeGSHXQ3JduJFqp9CdPKuDAhWSsZ8wB3mjSk
ZWYlt7GyrAUsFBiJU0ztHGGhTsEBSWV0KPDXa0Bfj+eGBwdXKhBrKN1MpaRW/ntp
SmrOL8EI0XN+8F7LWrf1DPcOHKEEpAcbAPduYcyRbsiPL6M4PZK3AYq0mrB4m9CX
FGzG/x/T2oVoi3TKTOvXi03UDzO7k8z1FtY4fWxKsA4/TTzG
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:10 2025 by rpki-client