Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f72f8fe2-ef1f-4297-9d10-01e7c6506312.roa
File: f72f8fe2-ef1f-4297-9d10-01e7c6506312.roa (raw, json)
Hash identifier: DBkVwfhiGlLukk/kQwFcgTDVoXhJYdrhvlMlmQNiQBs=
Subject key identifier: C7:F9:4E:D5:91:4B:4C:7C:5B:C9:90:2D:EF:FC:45:2B:F7:CE:A2:26
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 27EB5BC03915CBA9DE0C48126E736F265697C521
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f72f8fe2-ef1f-4297-9d10-01e7c6506312.roa
Signing time: Fri 25 Apr 2025 19:10:07 +0000
ROA not before: Fri 25 Apr 2025 19:10:07 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:8080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:eb:5b:c0:39:15:cb:a9:de:0c:48:12:6e:73:6f:26:56:97:c5:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:10:07 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=c4bf9a3b092ab8fa181ce915a73b131ee000d7fb549842cd3c1c18cfa9f2591f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d1:f9:50:8f:6c:69:3f:56:a2:19:1b:ca:9b:
6f:e9:35:1f:58:54:ea:65:6a:36:49:14:c3:8d:99:
f6:04:0b:cc:47:1c:6d:a9:1a:63:d5:a1:6b:e1:d6:
2e:e2:31:2f:b3:53:c3:e9:c8:4b:4f:f9:2c:26:e8:
57:9e:a7:bd:a8:17:64:99:60:70:a6:ae:89:96:de:
f0:0a:3e:1a:ec:bf:55:1d:2a:2c:03:cb:e5:bd:e0:
0d:10:e2:61:36:dc:e5:ad:51:30:3c:f8:ca:9c:7f:
62:68:0c:7d:ca:55:56:9d:8c:ba:16:c9:0d:95:bb:
8b:b9:b1:79:87:2c:fd:22:44:70:00:23:90:8d:b4:
4a:f3:85:4b:b7:b0:1c:7a:8d:e3:e1:ce:4c:72:fa:
1d:a5:b9:39:59:02:fb:b1:62:e5:08:2d:bb:24:89:
df:d0:19:9d:2c:f4:e9:6e:e4:d1:eb:e6:19:11:1b:
ca:35:5b:97:7c:86:0f:8f:95:d3:e9:84:c7:38:05:
f4:54:05:5c:f9:82:91:f0:9b:9c:aa:c4:90:06:a5:
f9:b1:24:64:22:0b:2c:21:ff:41:8b:b9:ae:90:f4:
e5:4f:3f:83:62:cb:de:a3:a3:52:83:83:24:be:14:
3c:b2:f3:f6:b8:42:e5:d6:30:75:b4:51:83:04:11:
2c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:F9:4E:D5:91:4B:4C:7C:5B:C9:90:2D:EF:FC:45:2B:F7:CE:A2:26
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f72f8fe2-ef1f-4297-9d10-01e7c6506312.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:8080::/46
Signature Algorithm: sha256WithRSAEncryption
77:b7:2a:6e:49:e8:07:5f:04:7c:d7:91:ae:32:68:cb:24:06:
1f:e5:02:5e:1b:be:43:b3:12:11:f9:53:16:a8:eb:d2:90:26:
4b:90:17:07:6a:a7:24:e8:41:f5:47:70:8d:fb:31:74:f1:31:
19:9f:fc:c1:fe:b3:9b:f2:17:b6:d8:5d:49:0f:99:79:70:09:
41:16:9b:2f:58:26:c8:d5:a1:8a:32:d6:2b:5c:86:4e:a6:11:
8f:2d:23:1f:f1:25:79:6f:d3:04:d8:fb:4e:76:17:e1:e4:bb:
2f:dd:d3:d2:0a:67:5c:c6:30:7f:1f:06:46:b3:bd:9f:bf:a5:
e8:0e:62:a4:27:c8:11:9e:fd:83:dc:3f:5a:82:0c:07:36:9a:
47:e6:df:25:ea:31:d9:6e:4a:25:aa:56:45:c3:17:d9:e3:48:
62:a6:17:09:76:fe:b2:5d:85:43:e3:2b:25:37:3f:75:0b:d1:
89:9f:0e:69:cc:75:da:ae:3e:c2:35:31:2e:2d:9c:df:59:c9:
a6:01:9f:07:52:b2:c9:fc:11:59:80:4e:a2:ac:a2:bc:5b:a4:
35:b4:e0:aa:cc:96:4b:eb:d8:e7:a8:78:36:97:7b:26:61:34:
73:a6:43:fe:41:c6:0b:f2:41:bc:f3:f7:9f:d5:e0:55:65:35:
3d:4a:57:ad
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJ+tbwDkVy6neDEgSbnNvJlaXxSEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTEwMDdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0YmY5YTNiMDkyYWI4ZmExODFjZTkxNWE3M2IxMzFlZTAwMGQ3ZmI1NDk4
NDJjZDNjMWMxOGNmYTlmMjU5MWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKzR+VCPbGk/VqIZG8qbb+k1H1hU6mVqNkkUw42Z9gQLzEccbakaY9Wha+HW
LuIxL7NTw+nIS0/5LCboV56nvagXZJlgcKauiZbe8Ao+Guy/VR0qLAPL5b3gDRDi
YTbc5a1RMDz4ypx/YmgMfcpVVp2MuhbJDZW7i7mxeYcs/SJEcAAjkI20SvOFS7ew
HHqN4+HOTHL6HaW5OVkC+7Fi5QgtuySJ39AZnSz06W7k0evmGREbyjVbl3yGD4+V
0+mExzgF9FQFXPmCkfCbnKrEkAal+bEkZCILLCH/QYu5rpD05U8/g2LL3qOjUoOD
JL4UPLLz9rhC5dYwdbRRgwQRLBMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTH+U7V
kUtMfFvJkC3v/EUr986iJjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjcyZjhmZTItZWYxZi00Mjk3LTlkMTAtMDFlN2M2NTA2MzEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HuA
gDANBgkqhkiG9w0BAQsFAAOCAQEAd7cqbknoB18EfNeRrjJoyyQGH+UCXhu+Q7MS
EflTFqjr0pAmS5AXB2qnJOhB9UdwjfsxdPExGZ/8wf6zm/IXtthdSQ+ZeXAJQRab
L1gmyNWhijLWK1yGTqYRjy0jH/EleW/TBNj7TnYX4eS7L93T0gpnXMYwfx8GRrO9
n7+l6A5ipCfIEZ79g9w/WoIMBzaaR+bfJeox2W5KJapWRcMX2eNIYqYXCXb+sl2F
Q+MrJTc/dQvRiZ8Oacx12q4+wjUxLi2c31nJpgGfB1KyyfwRWYBOoqyivFukNbTg
qsyWS+vY56h4Npd7JmE0c6ZD/kHGC/JBvPP3n9XgVWU1PUpXrQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:59 2025 by rpki-client