Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f6aec084-593c-47be-8e46-9024b5572011.roa
File: f6aec084-593c-47be-8e46-9024b5572011.roa (raw, json)
Hash identifier: 7GY1FcYWtJZKm6gtzGeCiHHAKRKRf7B2ldv4lk/qIqg=
Subject key identifier: DE:53:35:DB:08:6B:8B:69:95:84:5D:F3:94:A2:25:8F:F9:99:C3:57
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2FD016128289EEDB419C85A7B96505699F2FA817
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f6aec084-593c-47be-8e46-9024b5572011.roa
Signing time: Tue 15 Apr 2025 15:10:13 +0000
ROA not before: Tue 15 Apr 2025 15:10:13 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:d0:16:12:82:89:ee:db:41:9c:85:a7:b9:65:05:69:9f:2f:a8:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:10:13 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=a0a86518dd5e70a7f6c295ce38245676c701c7f66c72c3b42b8fd00b5c0e8dd1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b2:35:4d:00:a8:7b:a9:47:d7:c2:21:d4:4a:
dc:e2:5b:bf:e5:d5:32:33:0f:0f:ae:07:d0:cd:24:
bc:85:43:bb:4c:22:17:1d:af:93:95:a0:ca:a0:31:
20:b3:6d:af:6c:80:e3:98:f6:7d:e0:ee:aa:35:ed:
33:c7:78:3d:e0:85:dd:76:b2:38:45:53:93:be:d8:
e4:21:73:8f:2f:00:65:71:ee:46:e4:9a:b1:47:28:
87:14:23:1d:80:b2:32:1c:8c:9d:3f:21:cc:0c:76:
32:76:40:08:2c:d0:e8:4a:82:87:18:4e:ca:37:de:
40:4d:25:51:d2:27:30:ea:3c:5a:69:d3:6a:12:cb:
bb:9c:89:1f:65:56:d2:b9:2c:ec:05:89:d3:d5:c1:
a6:9f:18:0b:56:9f:4a:12:70:93:56:ab:84:7d:3a:
35:b9:86:89:bc:ad:f3:30:5e:4e:22:41:b6:57:ab:
a1:8b:d3:89:0b:77:29:11:8f:76:fd:5e:5c:e4:ad:
ab:ab:4d:8c:99:d4:4f:11:97:77:11:79:d8:c0:9c:
0a:e0:d7:40:90:31:50:ba:25:b3:10:a8:ce:cd:4c:
0c:6d:3b:fb:ff:4a:a3:ef:e4:f5:95:17:b7:f9:2e:
4c:a9:06:a2:d0:65:8e:2e:40:5d:98:08:cb:d3:d2:
cb:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:53:35:DB:08:6B:8B:69:95:84:5D:F3:94:A2:25:8F:F9:99:C3:57
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f6aec084-593c-47be-8e46-9024b5572011.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:e000::/40
Signature Algorithm: sha256WithRSAEncryption
2b:27:d0:3b:6c:bc:1e:76:50:d7:b6:bf:05:c2:59:9e:a4:b2:
d7:a2:03:ee:85:98:7f:a5:56:f6:d4:29:58:d3:b8:ad:0f:ba:
b2:7b:bc:f9:94:dc:32:b4:3c:21:5e:7b:ef:b2:96:6c:f8:16:
fc:cc:3e:ff:90:c5:59:64:a6:63:a8:4f:64:e9:1a:0d:46:3f:
e3:3c:13:e2:d2:19:58:a9:be:86:cc:a0:31:3c:45:03:5c:cd:
6c:2b:da:78:57:4e:e1:a3:2c:78:90:2d:1e:5e:90:a7:d4:a8:
b0:55:23:bd:25:7b:e0:74:66:65:8b:6f:99:06:b7:4a:50:14:
c5:55:9c:1c:e7:30:be:04:7a:3b:35:69:79:c1:e5:f2:95:7d:
c2:7f:05:13:3e:06:a9:6d:16:b0:9d:48:94:62:77:d7:47:73:
41:e2:df:de:bc:bd:cf:20:5f:84:f5:e9:aa:ee:14:88:8a:5a:
a5:16:5e:c9:c7:d7:c0:a9:ff:90:b6:cc:42:c2:5b:16:51:05:
f2:ab:a4:71:72:87:95:04:32:46:ca:e9:2c:c7:ed:94:1f:f6:
9c:47:b6:45:8a:d6:ad:14:4c:a1:34:29:74:d1:e2:ab:3a:b0:
bd:91:c0:de:7e:8b:e9:63:11:17:90:fc:ea:45:9f:e3:5c:01:
59:1b:4a:79
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUL9AWEoKJ7ttBnIWnuWUFaZ8vqBcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTEwMTNaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGEwYTg2NTE4ZGQ1ZTcwYTdmNmMyOTVjZTM4MjQ1Njc2YzcwMWM3ZjY2Yzcy
YzNiNDJiOGZkMDBiNWMwZThkZDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMSyNU0AqHupR9fCIdRK3OJbv+XVMjMPD64H0M0kvIVDu0wiFx2vk5WgyqAx
ILNtr2yA45j2feDuqjXtM8d4PeCF3XayOEVTk77Y5CFzjy8AZXHuRuSasUcohxQj
HYCyMhyMnT8hzAx2MnZACCzQ6EqChxhOyjfeQE0lUdInMOo8WmnTahLLu5yJH2VW
0rks7AWJ09XBpp8YC1afShJwk1arhH06NbmGibyt8zBeTiJBtleroYvTiQt3KRGP
dv1eXOStq6tNjJnUTxGXdxF52MCcCuDXQJAxULolsxCozs1MDG07+/9Ko+/k9ZUX
t/kuTKkGotBlji5AXZgIy9PSyz8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTeUzXb
CGuLaZWEXfOUoiWP+ZnDVzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjZhZWMwODQtNTkzYy00N2JlLThlNDYtOTAyNGI1NTcyMDExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DDg
MA0GCSqGSIb3DQEBCwUAA4IBAQArJ9A7bLwedlDXtr8FwlmepLLXogPuhZh/pVb2
1ClY07itD7qye7z5lNwytDwhXnvvspZs+Bb8zD7/kMVZZKZjqE9k6RoNRj/jPBPi
0hlYqb6GzKAxPEUDXM1sK9p4V07hoyx4kC0eXpCn1KiwVSO9JXvgdGZli2+ZBrdK
UBTFVZwc5zC+BHo7NWl5weXylX3CfwUTPgapbRawnUiUYnfXR3NB4t/evL3PIF+E
9emq7hSIilqlFl7Jx9fAqf+QtsxCwlsWUQXyq6RxcoeVBDJGyuksx+2UH/acR7ZF
itatFEyhNCl00eKrOrC9kcDefovpYxEXkPzqRZ/jXAFZG0p5
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:14 2025 by rpki-client