Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7c14cb3-24d5-4890-8889-cb7c26338a6d.roa
File: f7c14cb3-24d5-4890-8889-cb7c26338a6d.roa (raw, json)
Hash identifier: bYtdmgJXD2tTXMBLDUTLyhndp3uArdTSdbBXU5sTSWQ=
Subject key identifier: 8F:1F:0D:44:E7:1D:C2:48:1C:10:67:32:3B:A2:CF:5F:F0:A0:B4:EB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4F422A0E26C56161B5AFE61CB5C0ED93BE25AFA4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7c14cb3-24d5-4890-8889-cb7c26338a6d.roa
Signing time: Tue 15 Apr 2025 15:10:13 +0000
ROA not before: Tue 15 Apr 2025 15:10:13 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:42:2a:0e:26:c5:61:61:b5:af:e6:1c:b5:c0:ed:93:be:25:af:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:10:13 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=c81e77af375555856bc6f9fcdbe56804af01eeef65bfcfbcb4125010adb575e8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:72:15:cf:d7:42:04:ef:0f:f8:c7:44:46:23:
bb:ac:50:76:40:7b:d0:e1:fd:e9:a7:4f:6e:50:fa:
dc:77:83:11:ab:83:e2:14:a0:b2:d7:4a:20:98:82:
ce:f1:be:a9:61:6e:72:a0:d5:ce:e6:31:7c:79:65:
a5:76:3c:62:fd:b1:24:df:6a:70:84:ec:5c:f1:6b:
d1:d5:b2:4d:c5:02:7b:fb:dc:7a:16:e0:22:19:5b:
58:27:5c:cf:79:67:8a:9c:b3:ff:09:88:d6:0d:d6:
33:0d:0b:6a:76:f4:be:e8:23:7f:e1:60:6e:38:5c:
a1:24:b7:66:79:2a:5d:0c:4b:d0:aa:ab:15:56:c4:
13:03:d9:5f:29:94:48:f6:c9:72:52:e4:7c:ba:de:
06:52:77:bb:09:94:83:ec:16:88:85:36:5b:e8:a5:
87:9b:43:01:80:df:d1:92:ea:60:98:62:0e:60:a7:
47:0e:5a:21:50:d6:74:3a:13:4b:f0:b0:6a:4c:85:
a7:21:09:07:c9:97:9c:07:ed:9b:1f:3e:c7:b4:05:
df:d3:94:68:08:54:78:92:ec:b8:f4:84:e7:50:b5:
90:81:96:d3:ac:86:d0:e6:e2:a5:82:58:7f:0b:83:
fd:7b:e7:54:f6:91:9c:a3:ee:36:cc:2a:4d:d7:4e:
9a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:1F:0D:44:E7:1D:C2:48:1C:10:67:32:3B:A2:CF:5F:F0:A0:B4:EB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7c14cb3-24d5-4890-8889-cb7c26338a6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:e000::/40
Signature Algorithm: sha256WithRSAEncryption
7e:87:a1:63:29:9f:13:54:e9:86:a3:50:a8:e1:c9:3a:e9:be:
cb:00:38:37:4e:3b:c3:89:43:cf:61:e3:72:af:5b:95:67:b9:
17:4c:80:6d:0e:59:94:2b:c3:cd:07:1e:f5:c2:24:ed:4f:2f:
54:e5:ca:75:65:47:8f:5e:31:3c:86:d8:c1:dc:2c:41:cc:45:
c3:ae:5b:02:ee:d0:8a:88:bf:ff:9d:be:54:b1:9a:6e:b0:0d:
36:c5:e1:74:60:cc:a9:10:04:0d:ac:ab:af:24:b9:c1:86:01:
a7:d0:ab:d0:65:44:29:8c:36:15:e7:fb:4a:17:27:81:dc:c9:
bb:61:2a:31:4b:73:92:f0:38:ca:89:11:39:4b:74:9a:17:c5:
aa:b1:33:ab:ac:25:33:08:02:39:9c:22:dd:72:b0:57:b4:32:
e1:39:92:9c:23:61:d3:59:98:ae:02:ea:38:33:e7:2b:08:2a:
f3:19:27:92:24:36:bc:fe:da:ad:58:e0:ce:71:c3:9b:2f:26:
c4:56:35:97:b0:a7:5f:61:83:f2:ad:2f:d7:0f:de:c6:95:f9:
74:fe:ab:d5:3c:6d:30:b0:32:f6:b5:a6:91:6e:7d:69:04:1c:
a7:d0:59:8a:55:61:2f:96:d0:55:a5:8c:3b:5b:22:f6:4a:fb:
e4:da:32:75
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUT0IqDibFYWG1r+YctcDtk74lr6QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTEwMTNaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGM4MWU3N2FmMzc1NTU1ODU2YmM2ZjlmY2RiZTU2ODA0YWYwMWVlZWY2NWJm
Y2ZiY2I0MTI1MDEwYWRiNTc1ZTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALdyFc/XQgTvD/jHREYju6xQdkB70OH96adPblD63HeDEauD4hSgstdKIJiC
zvG+qWFucqDVzuYxfHllpXY8Yv2xJN9qcITsXPFr0dWyTcUCe/vcehbgIhlbWCdc
z3lnipyz/wmI1g3WMw0Lanb0vugjf+FgbjhcoSS3ZnkqXQxL0KqrFVbEEwPZXymU
SPbJclLkfLreBlJ3uwmUg+wWiIU2W+ilh5tDAYDf0ZLqYJhiDmCnRw5aIVDWdDoT
S/CwakyFpyEJB8mXnAftmx8+x7QF39OUaAhUeJLsuPSE51C1kIGW06yG0ObipYJY
fwuD/XvnVPaRnKPuNswqTddOmg8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSPHw1E
5x3CSBwQZzI7os9f8KC06zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjdjMTRjYjMtMjRkNS00ODkwLTg4ODktY2I3YzI2MzM4YTZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DDg
MA0GCSqGSIb3DQEBCwUAA4IBAQB+h6FjKZ8TVOmGo1Co4ck66b7LADg3TjvDiUPP
YeNyr1uVZ7kXTIBtDlmUK8PNBx71wiTtTy9U5cp1ZUePXjE8htjB3CxBzEXDrlsC
7tCKiL//nb5UsZpusA02xeF0YMypEAQNrKuvJLnBhgGn0KvQZUQpjDYV5/tKFyeB
3Mm7YSoxS3OS8DjKiRE5S3SaF8WqsTOrrCUzCAI5nCLdcrBXtDLhOZKcI2HTWZiu
Auo4M+crCCrzGSeSJDa8/tqtWODOccObLybEVjWXsKdfYYPyrS/XD97Glfl0/qvV
PG0wsDL2taaRbn1pBByn0FmKVWEvltBVpYw7WyL2Svvk2jJ1
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:11 2025 by rpki-client