Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fb455f5d-6ce6-4373-b5bc-1c1e034a148a.roa
File: fb455f5d-6ce6-4373-b5bc-1c1e034a148a.roa (raw, json)
Hash identifier: F/PQyQw5iQ91iRWVuz1H6je7S+xkooGMZ+VoGn38faA=
Subject key identifier: 82:B8:F9:30:B6:9F:E3:AF:61:EE:6D:4E:96:02:94:8D:5C:C3:64:87
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 19FA5B9172DBB6C543DAFCD2E8856F8A65E216CF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fb455f5d-6ce6-4373-b5bc-1c1e034a148a.roa
Signing time: Fri 25 Apr 2025 18:30:14 +0000
ROA not before: Fri 25 Apr 2025 18:30:14 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4060::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:fa:5b:91:72:db:b6:c5:43:da:fc:d2:e8:85:6f:8a:65:e2:16:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:30:14 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=89bf7ab782e071ac9770089ed67ef56719ceb9072a39651f393b317a72ee7da5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:2c:8e:ec:4d:42:67:4a:ff:19:d1:b2:94:b9:
f1:1b:78:c4:98:f6:ff:d7:00:b0:71:f2:60:7e:ad:
ac:ae:cd:1d:18:c7:4f:20:af:30:8c:50:4f:fe:5e:
40:ce:fe:05:b9:8c:2b:52:4c:4e:67:84:f0:e9:37:
bd:67:c5:d1:58:86:df:d9:df:74:67:0d:29:d9:ae:
07:94:d6:8f:8b:06:98:c4:fe:66:a5:dc:d1:5e:bb:
33:ff:b3:76:50:75:6e:03:c0:db:c3:d5:be:35:c1:
0a:2f:c2:2a:b0:94:cd:9b:db:e9:c6:14:b1:ba:b7:
ff:a7:03:48:87:54:68:f6:a4:9e:bb:48:a4:49:13:
8c:21:d4:47:6b:c6:69:fb:27:c1:aa:ce:c6:c8:81:
ab:90:55:a7:90:c8:b8:09:6a:d6:25:8b:1d:a1:74:
f8:85:68:65:c5:2a:79:94:d4:c0:ad:fc:b7:19:b8:
89:b9:1a:b4:13:25:4c:53:b9:1c:26:ad:bb:83:f8:
24:b5:26:31:fc:72:8a:40:70:1b:bd:64:40:16:d1:
82:4a:84:e6:77:23:17:c0:87:1e:83:ec:7f:ac:e7:
9e:e4:4c:38:b2:ab:77:29:81:f0:43:8f:54:34:2a:
66:a4:91:6a:52:24:b0:b2:86:04:a7:f8:1b:04:01:
79:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:B8:F9:30:B6:9F:E3:AF:61:EE:6D:4E:96:02:94:8D:5C:C3:64:87
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fb455f5d-6ce6-4373-b5bc-1c1e034a148a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4060::/48
Signature Algorithm: sha256WithRSAEncryption
75:61:eb:ad:db:31:81:4f:07:9c:14:76:92:26:14:e0:05:73:
89:04:16:1f:b2:19:ee:81:85:97:d7:07:a3:1b:bb:6c:43:d2:
d4:4d:85:77:44:c2:fa:b8:c6:d4:21:8d:26:78:5c:50:29:32:
eb:b8:91:76:22:cc:a0:a3:ae:ff:96:7c:40:cb:3f:80:fd:38:
05:df:e9:a1:5c:d0:51:4e:85:82:72:a0:9b:4e:c5:17:de:a5:
0f:20:ec:0f:6c:8a:82:d4:ed:bb:21:20:18:04:37:9c:23:ac:
01:d9:ac:0b:b5:22:b1:25:65:11:1f:7a:60:57:d1:66:71:74:
3d:f6:2d:7b:49:a7:3c:90:ad:5f:74:91:44:92:2f:d3:03:e3:
43:a0:12:5a:7e:41:77:60:d1:ec:97:eb:dc:b3:71:48:1d:82:
94:83:37:90:9d:71:c3:6c:26:7e:3b:14:a5:d3:d7:64:eb:03:
45:27:c0:55:b2:86:53:39:88:71:43:15:75:10:a4:c4:9f:df:
aa:5c:ae:56:45:29:e1:73:db:76:3f:80:82:98:db:7d:1c:36:
2c:7f:b8:34:6c:f9:66:06:13:b8:16:5d:7a:3f:47:26:16:fd:
ee:0e:41:1f:dd:52:a5:35:7b:46:4f:4b:0d:c8:56:05:4b:4e:
8c:a4:38:0a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGfpbkXLbtsVD2vzS6IVvimXiFs8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODMwMTRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5YmY3YWI3ODJlMDcxYWM5NzcwMDg5ZWQ2N2VmNTY3MTljZWI5MDcyYTM5
NjUxZjM5M2IzMTdhNzJlZTdkYTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANYsjuxNQmdK/xnRspS58Rt4xJj2/9cAsHHyYH6trK7NHRjHTyCvMIxQT/5e
QM7+BbmMK1JMTmeE8Ok3vWfF0ViG39nfdGcNKdmuB5TWj4sGmMT+ZqXc0V67M/+z
dlB1bgPA28PVvjXBCi/CKrCUzZvb6cYUsbq3/6cDSIdUaPaknrtIpEkTjCHUR2vG
afsnwarOxsiBq5BVp5DIuAlq1iWLHaF0+IVoZcUqeZTUwK38txm4ibkatBMlTFO5
HCatu4P4JLUmMfxyikBwG71kQBbRgkqE5ncjF8CHHoPsf6znnuRMOLKrdymB8EOP
VDQqZqSRalIksLKGBKf4GwQBeUkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSCuPkw
tp/jr2HubU6WApSNXMNkhzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmI0NTVmNWQtNmNlNi00MzczLWI1YmMtMWMxZTAzNGExNDhhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
YDANBgkqhkiG9w0BAQsFAAOCAQEAdWHrrdsxgU8HnBR2kiYU4AVziQQWH7IZ7oGF
l9cHoxu7bEPS1E2Fd0TC+rjG1CGNJnhcUCky67iRdiLMoKOu/5Z8QMs/gP04Bd/p
oVzQUU6FgnKgm07FF96lDyDsD2yKgtTtuyEgGAQ3nCOsAdmsC7UisSVlER96YFfR
ZnF0PfYte0mnPJCtX3SRRJIv0wPjQ6ASWn5Bd2DR7Jfr3LNxSB2ClIM3kJ1xw2wm
fjsUpdPXZOsDRSfAVbKGUzmIcUMVdRCkxJ/fqlyuVkUp4XPbdj+AgpjbfRw2LH+4
NGz5ZgYTuBZdej9HJhb97g5BH91SpTV7Rk9LDchWBUtOjKQ4Cg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:35:27 2025 by rpki-client