Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa
File: f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa (raw, json)
Hash identifier: LeIc21J7hwwkgJqFeq4NkUTfjBJtBaenkzH6PTMKyF0=
Subject key identifier: 20:91:69:A1:F5:25:7F:3F:D0:14:83:BF:38:F2:CA:10:99:71:F1:1A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 02489E0EBE952D389D0E7B79C8C58F276AB87CEE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa
Signing time: Fri 25 Apr 2025 20:21:15 +0000
ROA not before: Fri 25 Apr 2025 20:21:15 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d019::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:48:9e:0e:be:95:2d:38:9d:0e:7b:79:c8:c5:8f:27:6a:b8:7c:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:21:15 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=ea360f96b3576da0101c397802727908ef4a7f7368e3ca93883f52c65fc2f038, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:fd:f7:33:6a:10:67:1d:89:e0:48:22:58:86:
95:20:17:28:82:dc:c0:6c:b7:d1:17:73:ce:54:3b:
bd:ed:f3:f9:45:83:d5:e9:b4:10:ab:05:f4:37:ee:
2e:6b:44:a0:ea:1c:e1:e3:9e:88:47:2c:5a:9e:04:
35:e5:15:ae:4b:fd:80:74:ff:d1:a1:b0:d3:65:92:
f7:ac:c0:aa:07:3d:be:19:92:2c:41:58:d2:2f:60:
b8:3b:39:d1:29:b6:39:a7:69:af:b1:5e:be:75:7f:
c6:f0:cb:4c:ee:f5:d5:e6:2a:c0:94:7f:db:6d:9b:
6d:90:90:78:c0:c0:ac:0a:a3:ab:f8:87:4e:76:97:
72:c3:0c:c7:36:eb:27:50:83:fd:20:f2:cf:72:64:
d3:16:f9:26:fb:45:78:19:6d:52:40:90:61:36:55:
8f:96:f4:1e:bb:e5:da:59:ea:cf:37:87:78:d1:18:
af:8d:67:99:6b:18:f4:6a:90:72:18:33:73:a9:17:
4c:09:65:7e:15:52:08:0c:57:fd:b1:1f:97:b4:95:
a0:7d:8a:65:2a:79:cf:44:9c:57:33:77:fe:be:e1:
7b:c4:77:0c:20:84:85:33:fa:27:d2:04:7a:c9:e0:
c4:ba:f6:f6:f3:cd:7a:56:82:49:00:78:c1:f2:b9:
47:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:91:69:A1:F5:25:7F:3F:D0:14:83:BF:38:F2:CA:10:99:71:F1:1A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d019::/36
Signature Algorithm: sha256WithRSAEncryption
20:c7:c5:27:5a:64:30:f9:7b:ad:d0:95:44:65:88:08:44:f5:
73:53:d0:af:7c:24:41:07:31:ec:2b:c0:7b:b0:9c:bb:6e:6d:
00:5d:c1:68:11:45:47:93:a1:c3:69:50:86:a2:ff:72:27:75:
5a:c7:ba:bf:62:cb:53:ee:a3:a8:0d:40:23:6b:55:1e:73:0e:
ef:75:7a:51:97:17:c0:1c:fe:bc:ad:09:d9:ab:10:ca:7a:e5:
2b:33:35:66:7c:ca:b6:89:1d:96:b2:59:42:7b:1d:1b:07:de:
f4:c2:3e:25:03:e2:8c:d1:d2:a6:fa:56:c9:7d:43:de:cd:d7:
fe:b1:cb:bc:b7:18:d0:60:01:27:9c:b5:eb:4f:3e:79:5e:8d:
2f:34:35:ac:13:d3:ef:e2:24:c2:8e:c1:0f:3c:f7:33:35:82:
22:ba:98:15:2d:e3:58:67:a1:db:4f:11:21:f8:dd:65:3f:03:
8c:33:f1:74:b4:a5:25:5c:29:f9:9f:c9:dd:ff:0a:42:50:a1:
3e:2f:84:26:27:34:b6:03:08:89:c5:95:f1:14:ea:80:78:13:
7c:72:5d:54:58:95:96:5f:9b:30:fa:ba:39:71:0f:a1:37:2e:
71:1f:37:26:43:39:52:49:90:63:d3:c9:ed:98:99:9b:46:28:
07:f4:c5:72
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAkieDr6VLTidDnt5yMWPJ2q4fO4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDIxMTVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhMzYwZjk2YjM1NzZkYTAxMDFjMzk3ODAyNzI3OTA4ZWY0YTdmNzM2OGUz
Y2E5Mzg4M2Y1MmM2NWZjMmYwMzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMj99zNqEGcdieBIIliGlSAXKILcwGy30RdzzlQ7ve3z+UWD1em0EKsF9Dfu
LmtEoOoc4eOeiEcsWp4ENeUVrkv9gHT/0aGw02WS96zAqgc9vhmSLEFY0i9guDs5
0Sm2Oadpr7FevnV/xvDLTO711eYqwJR/222bbZCQeMDArAqjq/iHTnaXcsMMxzbr
J1CD/SDyz3Jk0xb5JvtFeBltUkCQYTZVj5b0Hrvl2lnqzzeHeNEYr41nmWsY9GqQ
chgzc6kXTAllfhVSCAxX/bEfl7SVoH2KZSp5z0ScVzN3/r7he8R3DCCEhTP6J9IE
esngxLr29vPNelaCSQB4wfK5R28CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQgkWmh
9SV/P9AUg7848soQmXHxGjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjdmY2NjMmEtYWE4YS00Y2JjLTg5ZDctZDZhOGNhMTIxYmEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BkA
MA0GCSqGSIb3DQEBCwUAA4IBAQAgx8UnWmQw+Xut0JVEZYgIRPVzU9CvfCRBBzHs
K8B7sJy7bm0AXcFoEUVHk6HDaVCGov9yJ3Vax7q/YstT7qOoDUAja1Uecw7vdXpR
lxfAHP68rQnZqxDKeuUrMzVmfMq2iR2WsllCex0bB970wj4lA+KM0dKm+lbJfUPe
zdf+scu8txjQYAEnnLXrTz55Xo0vNDWsE9Pv4iTCjsEPPPczNYIiupgVLeNYZ6Hb
TxEh+N1lPwOMM/F0tKUlXCn5n8nd/wpCUKE+L4QmJzS2AwiJxZXxFOqAeBN8cl1U
WJWWX5sw+ro5cQ+hNy5xHzcmQzlSSZBj08ntmJmbRigH9MVy
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:12 2025 by rpki-client