Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f76388e2-5824-485d-aa99-c7ea5a481aa2.roa
File: f76388e2-5824-485d-aa99-c7ea5a481aa2.roa (raw, json)
Hash identifier: zxGNWwx+QnFScvYn2dvcq1AAdAvbd9+wyAcHKK9CcL4=
Subject key identifier: 4F:D6:5B:42:BC:95:B5:5B:0F:39:3C:CD:A0:4C:A2:DC:CF:5F:7E:0D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2B86D85271DF462DE9DA1C2845A0081BDD29AA06
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f76388e2-5824-485d-aa99-c7ea5a481aa2.roa
Signing time: Fri 25 Apr 2025 19:10:43 +0000
ROA not before: Fri 25 Apr 2025 19:10:43 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:86:d8:52:71:df:46:2d:e9:da:1c:28:45:a0:08:1b:dd:29:aa:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:10:43 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=f0c1db05080af44137a533d7b1c6f5927c5edd63224d5c81b2e6e3baf758f107, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7b:ad:ef:22:3a:7f:d7:60:e2:e0:2c:5b:54:
06:83:ff:d8:cf:97:2b:60:ac:1c:74:b2:b1:0c:af:
8d:ce:e9:ef:91:6a:73:0e:9c:be:9c:e4:f9:cb:16:
e6:40:24:b6:a8:59:43:9c:ef:8c:00:97:e7:2d:34:
2c:ad:98:c8:3b:b4:16:90:98:2a:c0:17:98:2f:73:
20:9b:05:3c:3f:d0:64:7a:62:a3:e4:25:19:9e:52:
35:e4:0e:9a:6e:4d:09:3e:57:3c:29:43:42:20:4b:
ba:39:60:b2:5c:b8:bb:e9:89:fe:aa:0c:07:fb:4e:
28:89:2d:63:5b:61:b2:2f:48:28:6e:4f:54:6b:1d:
78:9c:a3:b2:a6:76:b0:ad:7e:35:92:bf:25:64:a3:
62:0f:77:54:5e:40:92:aa:46:69:61:57:3d:c1:bd:
3a:86:11:ed:67:c5:7a:ae:fb:5d:80:f0:d0:19:97:
f3:af:53:2f:8b:6f:d4:bf:9d:67:8a:f3:57:a2:b8:
7d:81:e7:08:ee:3d:12:bc:26:06:a3:65:6c:3d:dc:
a0:2f:83:59:85:d4:71:66:00:c5:09:67:ae:ae:f4:
50:ea:57:99:6d:93:7f:9e:12:74:ca:a9:1c:3b:3e:
33:b5:f9:e6:d6:73:e9:f5:f0:4d:93:20:2d:6d:1d:
41:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:D6:5B:42:BC:95:B5:5B:0F:39:3C:CD:A0:4C:A2:DC:CF:5F:7E:0D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f76388e2-5824-485d-aa99-c7ea5a481aa2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:e000::/40
Signature Algorithm: sha256WithRSAEncryption
3b:11:fb:bb:f0:30:ba:f3:5a:7b:53:3c:ea:43:fc:38:f5:1c:
f5:92:45:a0:61:aa:61:6c:cf:ce:ff:2c:15:f4:8a:34:05:58:
1c:35:41:40:37:d5:e7:1f:6b:7c:90:3c:a8:e3:51:c9:de:3c:
39:8e:c6:a1:76:04:b5:2a:bf:dc:7f:0c:16:04:7c:b5:93:fd:
5e:4d:bc:fe:b8:23:2b:55:d3:96:b4:4c:2e:c2:44:bb:b4:c2:
53:c3:0c:d9:5e:6c:07:ed:82:2b:d9:c0:c5:53:0c:81:4d:d9:
ab:fb:bd:29:75:c6:bf:0c:24:aa:55:1c:ae:9f:ca:c6:87:fe:
a5:0f:e4:2e:d9:34:1e:69:a8:88:43:8d:64:53:d0:3f:17:a2:
b0:a3:bc:95:31:ce:d3:2f:5c:87:37:e8:c8:d5:22:87:49:42:
26:43:69:0d:f1:7c:cf:bc:a7:64:48:f4:25:17:02:bb:6f:3a:
eb:74:23:eb:85:93:9d:f9:4a:56:ad:2a:fc:66:e6:bf:b7:3a:
75:6e:9e:e6:e2:99:d4:01:b2:16:d4:88:21:c6:f0:ce:c2:02:
ac:50:ba:9d:0e:ee:e2:83:01:66:da:50:92:c4:67:17:e5:31:
e0:a0:4f:b4:a3:78:13:f6:c4:55:de:e4:90:48:d0:78:95:a2:
4e:88:db:57
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUK4bYUnHfRi3p2hwoRaAIG90pqgYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTEwNDNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGYwYzFkYjA1MDgwYWY0NDEzN2E1MzNkN2IxYzZmNTkyN2M1ZWRkNjMyMjRk
NWM4MWIyZTZlM2JhZjc1OGYxMDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKt7re8iOn/XYOLgLFtUBoP/2M+XK2CsHHSysQyvjc7p75Fqcw6cvpzk+csW
5kAktqhZQ5zvjACX5y00LK2YyDu0FpCYKsAXmC9zIJsFPD/QZHpio+QlGZ5SNeQO
mm5NCT5XPClDQiBLujlgsly4u+mJ/qoMB/tOKIktY1thsi9IKG5PVGsdeJyjsqZ2
sK1+NZK/JWSjYg93VF5AkqpGaWFXPcG9OoYR7WfFeq77XYDw0BmX869TL4tv1L+d
Z4rzV6K4fYHnCO49ErwmBqNlbD3coC+DWYXUcWYAxQlnrq70UOpXmW2Tf54SdMqp
HDs+M7X55tZz6fXwTZMgLW0dQXUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRP1ltC
vJW1Ww85PM2gTKLcz19+DTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Zjc2Mzg4ZTItNTgyNC00ODVkLWFhOTktYzdlYTVhNDgxYWEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H/g
MA0GCSqGSIb3DQEBCwUAA4IBAQA7Efu78DC681p7UzzqQ/w49Rz1kkWgYaphbM/O
/ywV9Io0BVgcNUFAN9XnH2t8kDyo41HJ3jw5jsahdgS1Kr/cfwwWBHy1k/1eTbz+
uCMrVdOWtEwuwkS7tMJTwwzZXmwH7YIr2cDFUwyBTdmr+70pdca/DCSqVRyun8rG
h/6lD+Qu2TQeaaiIQ41kU9A/F6Kwo7yVMc7TL1yHN+jI1SKHSUImQ2kN8XzPvKdk
SPQlFwK7bzrrdCPrhZOd+UpWrSr8Zua/tzp1bp7m4pnUAbIW1IghxvDOwgKsULqd
Du7igwFm2lCSxGcX5THgoE+0o3gT9sRV3uSQSNB4laJOiNtX
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:35:38 2025 by rpki-client