Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fb9d4716-bf0f-40e5-beb1-4ea5ef01bd1c.roa
File: fb9d4716-bf0f-40e5-beb1-4ea5ef01bd1c.roa (raw, json)
Hash identifier: cpcRQ+Geb/zpCxr8jPFmYbJ8LcaAVAxDlnK7MVFP7vc=
Subject key identifier: 8A:21:47:E6:A2:40:56:56:F1:B1:2A:DA:B3:A3:51:74:1C:83:FE:E3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2C18ADE8523220BE3ECA09D6FE2966F1A98F0F96
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fb9d4716-bf0f-40e5-beb1-4ea5ef01bd1c.roa
Signing time: Fri 25 Apr 2025 18:40:21 +0000
ROA not before: Fri 25 Apr 2025 18:40:21 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:2080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:18:ad:e8:52:32:20:be:3e:ca:09:d6:fe:29:66:f1:a9:8f:0f:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:40:21 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=1f5dbe82f900ad16cdea3eca3219885d5ba79afef83f6e605958e83308504614, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:8a:26:08:6f:72:c9:5e:c2:e8:3f:7e:6c:08:
bf:a2:5e:fd:6f:05:6d:79:37:ff:72:11:e5:d1:21:
4e:d2:11:ea:39:f4:14:d2:0d:68:c9:4e:5e:9b:e8:
7e:93:ef:b2:1e:36:31:d4:68:04:e8:92:66:3c:39:
76:95:f3:6d:6b:38:29:de:25:cf:9f:ae:9c:71:7b:
50:5a:5a:5f:e7:b2:25:a2:34:f7:a3:65:58:c4:41:
c4:d0:0d:10:9b:c5:c1:85:db:aa:e5:b1:72:5e:3f:
b3:d6:0a:10:51:d9:fe:d9:95:74:33:48:59:1d:a4:
4e:32:a9:80:5d:5d:77:25:3a:2d:44:88:83:da:1b:
b3:7a:bf:e2:87:1b:8b:34:48:8e:79:c8:52:8e:82:
34:8b:fa:66:9d:77:ca:7a:05:6d:5b:ea:1f:69:fa:
35:e8:63:77:8b:3c:f2:55:07:76:7f:62:05:39:43:
89:1b:de:d1:7a:83:5c:7d:88:55:91:2e:44:4f:d7:
d5:32:8a:d1:ab:a8:5e:66:ef:15:33:90:b2:9b:64:
63:74:8b:ee:48:c7:c8:b3:02:00:0b:c3:ea:8e:ce:
25:18:31:4c:2d:8c:fe:fd:50:4b:ea:19:f2:85:9e:
48:b6:11:6e:79:72:71:1d:b8:9e:8f:eb:5a:88:95:
3b:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:21:47:E6:A2:40:56:56:F1:B1:2A:DA:B3:A3:51:74:1C:83:FE:E3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fb9d4716-bf0f-40e5-beb1-4ea5ef01bd1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:2080::/48
Signature Algorithm: sha256WithRSAEncryption
02:64:c4:5f:d1:36:96:67:b5:17:18:fe:2b:e5:2c:16:eb:7a:
b9:74:41:4a:31:f7:c0:8a:c0:42:68:e9:57:d4:1f:db:62:a8:
92:7c:f0:88:b4:ee:00:95:60:f7:9c:ba:a8:62:ce:d1:d7:4d:
31:3e:22:21:6d:57:fd:ec:f9:ed:40:16:e6:d9:ec:f0:7f:b1:
95:12:6e:d2:37:0b:78:f8:2e:4f:fe:6a:68:da:55:e9:75:e2:
f8:e7:80:cf:b9:9b:fa:ae:a8:4d:55:f1:80:b7:5d:7e:8a:9b:
bf:37:c6:fe:84:d9:2e:04:8e:68:fc:28:80:92:af:a1:0a:0e:
a8:1f:cf:79:3a:25:51:ec:0e:5f:20:eb:39:28:22:23:53:5f:
b1:16:df:54:51:f1:b7:09:ac:b2:7d:c3:30:60:83:bb:ab:f2:
45:7a:43:2c:42:5b:bc:39:47:cf:c7:d2:8a:7e:e7:60:5c:32:
4d:14:a5:aa:68:3f:ee:30:bc:d6:e4:20:3b:75:97:82:fc:48:
b5:ed:f6:c3:10:f0:a9:a5:e2:f4:bb:75:50:4d:da:8e:0e:e6:
31:6b:9f:b9:a7:10:0c:23:26:e3:dc:2d:2b:1a:13:2b:92:e2:
3d:80:b3:0c:71:a6:83:5a:23:01:cb:14:86:d6:70:9e:cf:2b:
f7:db:7d:94
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULBit6FIyIL4+ygnW/ilm8amPD5YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODQwMjFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDFmNWRiZTgyZjkwMGFkMTZjZGVhM2VjYTMyMTk4ODVkNWJhNzlhZmVmODNm
NmU2MDU5NThlODMzMDg1MDQ2MTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIKKJghvcslewug/fmwIv6Je/W8FbXk3/3IR5dEhTtIR6jn0FNINaMlOXpvo
fpPvsh42MdRoBOiSZjw5dpXzbWs4Kd4lz5+unHF7UFpaX+eyJaI096NlWMRBxNAN
EJvFwYXbquWxcl4/s9YKEFHZ/tmVdDNIWR2kTjKpgF1ddyU6LUSIg9obs3q/4ocb
izRIjnnIUo6CNIv6Zp13ynoFbVvqH2n6Nehjd4s88lUHdn9iBTlDiRve0XqDXH2I
VZEuRE/X1TKK0auoXmbvFTOQsptkY3SL7kjHyLMCAAvD6o7OJRgxTC2M/v1QS+oZ
8oWeSLYRbnlycR24no/rWoiVO9UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSKIUfm
okBWVvGxKtqzo1F0HIP+4zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmI5ZDQ3MTYtYmYwZi00MGU1LWJlYjEtNGVhNWVmMDFiZDFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEg
gDANBgkqhkiG9w0BAQsFAAOCAQEAAmTEX9E2lme1Fxj+K+UsFut6uXRBSjH3wIrA
QmjpV9Qf22KoknzwiLTuAJVg95y6qGLO0ddNMT4iIW1X/ez57UAW5tns8H+xlRJu
0jcLePguT/5qaNpV6XXi+OeAz7mb+q6oTVXxgLddfoqbvzfG/oTZLgSOaPwogJKv
oQoOqB/PeTolUewOXyDrOSgiI1NfsRbfVFHxtwmssn3DMGCDu6vyRXpDLEJbvDlH
z8fSin7nYFwyTRSlqmg/7jC81uQgO3WXgvxIte32wxDwqaXi9Lt1UE3ajg7mMWuf
uacQDCMm49wtKxoTK5LiPYCzDHGmg1ojAcsUhtZwns8r99t9lA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:16 2025 by rpki-client