Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
File: f7a46ea9-b416-4218-a790-28cf84d702ce.roa (raw, json)
Hash identifier: t6teWzU8tEC+2QSntYINClmAGL4iTL7Nzrms2XUPg+E=
Subject key identifier: 11:8F:6E:6F:5C:6E:CC:A0:39:52:15:DF:AC:80:91:30:53:73:7C:6E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 16E876972FABAF5E2DBDDFBA4981686ABE621800
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
Signing time: Fri 25 Apr 2025 20:20:21 +0000
ROA not before: Fri 25 Apr 2025 20:20:21 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d026::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:e8:76:97:2f:ab:af:5e:2d:bd:df:ba:49:81:68:6a:be:62:18:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:20:21 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=f1a3f9595642036086d5bd4d08dbc71f100171d9b50ad343010d2025b9e4fc10, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:85:60:58:35:a6:e6:b7:ee:cd:33:d9:bf:17:
cd:68:49:ec:e7:94:b4:2f:f2:22:73:88:54:59:73:
f6:57:37:fb:8f:07:06:53:73:a4:2c:db:5c:cd:7c:
17:f5:6b:9f:2d:4a:68:6a:ed:5a:41:ed:5c:41:03:
2b:80:7e:8a:a5:b1:cf:44:8d:bc:59:00:e3:bb:51:
55:63:7b:a1:cb:b7:36:7c:6d:ca:43:6f:7d:69:ed:
48:f6:8b:e6:ab:8d:6c:24:68:76:b9:df:36:e5:b3:
fa:f6:8d:05:ce:fb:79:51:e9:b8:3a:fd:e1:f6:69:
9a:4b:55:86:58:d4:6b:f1:b3:53:03:75:c9:27:f9:
d7:ec:12:37:49:ca:0c:89:68:c2:8c:11:72:68:44:
b1:b1:7f:2d:a7:16:a4:93:8e:ec:b0:62:ed:54:7f:
c3:6b:05:95:c7:88:5d:99:a5:7a:8a:db:5f:88:dd:
69:68:47:3f:cf:9e:94:a4:c5:02:ba:3f:c1:e3:36:
da:12:1e:8d:ae:0b:d4:f4:24:0a:b5:ab:1a:09:45:
a0:16:37:3f:03:aa:46:06:f2:22:46:44:8b:4a:9e:
98:5f:4a:9f:dd:79:96:7e:a2:8a:26:63:bc:47:84:
a7:5f:38:f8:10:dc:53:89:21:5d:46:1b:85:7f:7b:
25:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:8F:6E:6F:5C:6E:CC:A0:39:52:15:DF:AC:80:91:30:53:73:7C:6E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d026::/36
Signature Algorithm: sha256WithRSAEncryption
01:7f:c3:9a:4f:46:32:88:3e:c5:6c:f7:64:81:01:0e:cf:f0:
6d:9b:53:1d:d9:98:f2:2c:a4:54:b2:95:fb:a9:1f:39:bf:a1:
c0:a4:c4:34:04:5e:97:ab:00:90:e0:78:bd:28:3a:8d:ba:c6:
62:d3:d2:22:88:95:a4:e2:7b:9d:91:a2:68:83:1b:e0:09:f2:
ab:97:34:6c:0e:d6:72:b7:46:ab:b3:5c:02:74:80:53:6b:6d:
d6:f6:8e:df:b2:d0:52:33:16:e9:bc:1f:35:97:a6:85:f0:16:
0f:7e:41:48:d7:b6:17:95:b6:8b:9c:f6:48:65:e6:40:60:ee:
2d:39:63:4d:ca:a6:99:a5:91:5d:d3:fd:58:59:a1:fc:d8:54:
e0:59:9b:5e:c9:f1:0c:31:10:f6:49:df:66:28:22:e1:86:b3:
5f:e0:0c:7b:e1:f7:cc:c5:da:57:45:06:b7:26:00:3b:f4:5e:
31:29:1e:37:7b:c9:64:43:e3:98:f5:f4:f0:23:b3:d7:b4:5c:
e1:5c:a3:8b:57:6b:e1:9e:0b:cd:5e:56:db:4d:e7:14:60:36:
b3:4d:25:ea:d4:31:1d:fb:6e:33:ee:a6:68:f7:f1:f7:f4:ec:
59:7d:bc:36:7b:47:e5:8b:61:dd:70:2a:a8:c8:bf:58:78:4d:
35:b0:43:75
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFuh2ly+rr14tvd+6SYFoar5iGAAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDIwMjFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxYTNmOTU5NTY0MjAzNjA4NmQ1YmQ0ZDA4ZGJjNzFmMTAwMTcxZDliNTBh
ZDM0MzAxMGQyMDI1YjllNGZjMTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMaFYFg1pua37s0z2b8XzWhJ7OeUtC/yInOIVFlz9lc3+48HBlNzpCzbXM18
F/Vrny1KaGrtWkHtXEEDK4B+iqWxz0SNvFkA47tRVWN7ocu3NnxtykNvfWntSPaL
5quNbCRodrnfNuWz+vaNBc77eVHpuDr94fZpmktVhljUa/GzUwN1ySf51+wSN0nK
DIlowowRcmhEsbF/LacWpJOO7LBi7VR/w2sFlceIXZmleorbX4jdaWhHP8+elKTF
Aro/weM22hIeja4L1PQkCrWrGglFoBY3PwOqRgbyIkZEi0qemF9Kn915ln6iiiZj
vEeEp184+BDcU4khXUYbhX97JXECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQRj25v
XG7MoDlSFd+sgJEwU3N8bjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjdhNDZlYTktYjQxNi00MjE4LWE3OTAtMjhjZjg0ZDcwMmNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CYA
MA0GCSqGSIb3DQEBCwUAA4IBAQABf8OaT0YyiD7FbPdkgQEOz/Btm1Md2ZjyLKRU
spX7qR85v6HApMQ0BF6XqwCQ4Hi9KDqNusZi09IiiJWk4nudkaJogxvgCfKrlzRs
DtZyt0ars1wCdIBTa23W9o7fstBSMxbpvB81l6aF8BYPfkFI17YXlbaLnPZIZeZA
YO4tOWNNyqaZpZFd0/1YWaH82FTgWZteyfEMMRD2Sd9mKCLhhrNf4Ax74ffMxdpX
RQa3JgA79F4xKR43e8lkQ+OY9fTwI7PXtFzhXKOLV2vhngvNXlbbTecUYDazTSXq
1DEd+24z7qZo9/H39OxZfbw2e0fli2HdcCqoyL9YeE01sEN1
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:18 2025 by rpki-client