Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f51bf20f-531a-411e-baff-37a38bc29ce9.roa
File: f51bf20f-531a-411e-baff-37a38bc29ce9.roa (raw, json)
Hash identifier: 5FxEQ4H2WFeW8lsTXFMfKxq9BrUcj/lF7rCL8Rh+TpA=
Subject key identifier: 9E:52:23:45:D0:BF:77:60:57:88:5C:9E:9B:8F:62:B3:82:BE:5D:1A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1E1AD427F8955EAA2C3A961C55CF772E7ACAB86C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f51bf20f-531a-411e-baff-37a38bc29ce9.roa
Signing time: Fri 25 Apr 2025 18:41:31 +0000
ROA not before: Fri 25 Apr 2025 18:41:31 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:1a:d4:27:f8:95:5e:aa:2c:3a:96:1c:55:cf:77:2e:7a:ca:b8:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:41:31 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=b9243cb15d029e76a23aae408110787a036e66b130718235e959774f5aabf1ab, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:06:17:bf:c3:ff:80:b5:cd:47:55:30:33:ef:
d2:ea:51:6b:91:41:bd:5c:ce:41:79:db:60:f6:b5:
83:e4:5a:f1:06:a8:6c:6a:a3:76:d2:b1:48:32:78:
83:5b:81:5e:3c:71:9c:9e:14:00:e4:a1:35:8f:8f:
db:67:6c:0a:d3:52:f4:6e:4d:4e:38:20:dc:b2:f1:
dc:89:a2:5e:fc:7f:4c:75:fa:f7:0d:4d:60:f7:81:
09:e4:ec:70:43:72:08:95:d1:8c:17:ba:7a:01:a8:
95:61:05:8a:6c:c1:59:65:54:48:23:fd:f7:d0:19:
5f:f7:56:c3:96:68:76:16:09:9f:c2:df:dc:2a:c3:
3a:a8:93:4a:27:9d:fe:51:fd:20:ce:ac:55:f1:1d:
f4:ae:91:ab:87:8c:af:91:8a:ef:04:25:65:93:ea:
e2:38:8d:79:6a:6e:93:ff:91:75:21:5f:57:e7:f9:
ef:ae:32:f0:58:0c:9e:54:46:c6:a6:09:53:c5:86:
15:81:0e:c3:45:cd:4e:9d:81:6d:a3:1c:95:5b:55:
c2:37:62:54:69:a1:13:51:b1:cb:22:75:0c:e7:b8:
ee:6e:ae:53:33:a5:0e:ff:73:59:de:68:49:70:14:
e7:9a:56:85:0d:3a:a3:27:aa:1f:dc:f2:49:bc:f0:
97:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:52:23:45:D0:BF:77:60:57:88:5C:9E:9B:8F:62:B3:82:BE:5D:1A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f51bf20f-531a-411e-baff-37a38bc29ce9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8020::/48
Signature Algorithm: sha256WithRSAEncryption
c4:dd:f6:8b:e8:c9:04:17:79:ad:32:e8:49:cb:c4:a7:bb:7d:
34:d1:6b:2c:f3:79:93:41:a2:77:a2:1b:c5:71:db:36:59:e7:
60:de:0c:e8:36:35:e8:7d:92:42:fe:08:0b:e6:78:9c:79:1e:
a2:cb:9e:b2:01:83:54:08:49:e2:27:e1:6a:08:ba:2b:41:e1:
52:2c:81:40:d5:22:bf:c8:f8:f9:e5:21:66:dc:99:c1:d7:6b:
60:a6:ac:c5:95:bd:a5:5e:24:74:33:a4:1a:e1:88:27:db:b3:
f9:cb:94:ff:7d:1c:b8:12:55:2e:fe:8d:b2:8a:ca:73:61:06:
5a:0a:62:4c:b9:3a:62:2a:25:cc:b7:25:96:da:fb:20:26:f5:
c1:1f:d2:ab:76:65:c3:84:df:7a:7f:75:58:67:26:12:cd:94:
c2:ff:42:1b:c1:f9:be:f1:19:ee:39:e9:80:72:d0:70:a1:a9:
63:85:9d:f4:90:ef:75:61:78:04:91:46:89:77:f1:44:6c:89:
0b:71:ea:5b:51:7e:57:b3:90:fb:58:e5:e7:81:a0:2d:9a:d2:
3e:20:bc:1c:6f:ac:fa:9a:d1:9a:ec:95:0d:2f:39:87:71:76:
ce:cf:63:06:1e:c6:37:f7:c4:85:55:90:37:5a:82:fc:3b:1f:
47:97:53:12
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHhrUJ/iVXqosOpYcVc93LnrKuGwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODQxMzFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5MjQzY2IxNWQwMjllNzZhMjNhYWU0MDgxMTA3ODdhMDM2ZTY2YjEzMDcx
ODIzNWU5NTk3NzRmNWFhYmYxYWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN4GF7/D/4C1zUdVMDPv0upRa5FBvVzOQXnbYPa1g+Ra8QaobGqjdtKxSDJ4
g1uBXjxxnJ4UAOShNY+P22dsCtNS9G5NTjgg3LLx3ImiXvx/THX69w1NYPeBCeTs
cENyCJXRjBe6egGolWEFimzBWWVUSCP999AZX/dWw5ZodhYJn8Lf3CrDOqiTSied
/lH9IM6sVfEd9K6Rq4eMr5GK7wQlZZPq4jiNeWpuk/+RdSFfV+f5764y8FgMnlRG
xqYJU8WGFYEOw0XNTp2BbaMclVtVwjdiVGmhE1GxyyJ1DOe47m6uUzOlDv9zWd5o
SXAU55pWhQ06oyeqH9zySbzwl9sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSeUiNF
0L93YFeIXJ6bj2Kzgr5dGjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjUxYmYyMGYtNTMxYS00MTFlLWJhZmYtMzdhMzhiYzI5Y2U5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
IDANBgkqhkiG9w0BAQsFAAOCAQEAxN32i+jJBBd5rTLoScvEp7t9NNFrLPN5k0Gi
d6IbxXHbNlnnYN4M6DY16H2SQv4IC+Z4nHkeosuesgGDVAhJ4ifhagi6K0HhUiyB
QNUiv8j4+eUhZtyZwddrYKasxZW9pV4kdDOkGuGIJ9uz+cuU/30cuBJVLv6NsorK
c2EGWgpiTLk6YiolzLclltr7ICb1wR/Sq3Zlw4Tfen91WGcmEs2Uwv9CG8H5vvEZ
7jnpgHLQcKGpY4Wd9JDvdWF4BJFGiXfxRGyJC3HqW1F+V7OQ+1jl54GgLZrSPiC8
HG+s+prRmuyVDS85h3F2zs9jBh7GN/fEhVWQN1qC/DsfR5dTEg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:54 2025 by rpki-client