Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fce7a03b-9e90-4921-9c56-5b0bd4e60ed0.roa
File: fce7a03b-9e90-4921-9c56-5b0bd4e60ed0.roa (raw, json)
Hash identifier: daODjzsGM2H7aZ4Y1DCO5zy5t/voS29cXDwbgvi3fEc=
Subject key identifier: 9F:A2:7B:D3:7B:65:54:0A:B4:41:2E:9F:1B:A8:18:89:F7:43:B2:D8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 163278576734489349C32A019B73AC0CC1C7A23B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fce7a03b-9e90-4921-9c56-5b0bd4e60ed0.roa
Signing time: Fri 25 Apr 2025 18:31:46 +0000
ROA not before: Fri 25 Apr 2025 18:31:46 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:32:78:57:67:34:48:93:49:c3:2a:01:9b:73:ac:0c:c1:c7:a2:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:31:46 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=d04afebc0152322d2540d1285e5c8a5ed870879f1cac0d2396380c4688e7c31c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f3:71:cf:72:9e:0d:b6:d1:1d:5a:85:e3:63:
03:71:1f:f7:1e:fb:d8:06:3a:05:99:40:59:ea:c8:
8d:0d:6a:36:7a:22:79:3b:96:35:10:49:6b:05:49:
c5:be:82:15:b2:d6:9a:40:70:03:4a:e8:e3:67:a5:
74:87:69:9a:40:c5:2c:2a:60:c7:e4:4e:ca:d9:ca:
85:73:61:05:d1:29:01:28:6b:82:f5:51:e3:80:b8:
2c:b4:c8:4b:ea:4d:ca:be:e5:91:6d:82:d9:91:7e:
aa:25:9c:1a:a9:e0:02:20:13:27:eb:de:61:02:57:
2f:4d:6b:1a:84:b2:16:2d:65:d5:0c:36:10:fc:7e:
fd:c8:58:ab:ae:80:33:52:6f:57:4d:01:66:60:e5:
c8:63:45:ae:e0:50:24:3b:72:63:b0:a3:0b:b8:73:
eb:7a:7c:8b:57:a8:a7:8c:85:1c:f7:5f:07:52:b0:
63:ca:ce:b7:9a:e0:70:3d:ec:c9:0f:4a:aa:dc:7f:
bd:91:3c:27:7d:be:3e:48:94:93:87:0d:87:dd:73:
b6:8b:e3:a8:34:e6:bd:99:49:96:be:0d:e8:4b:e6:
6b:14:a6:9e:90:50:da:75:07:7b:45:07:ae:b8:ff:
27:67:46:27:34:2a:3a:db:b7:69:0c:8c:fd:e9:76:
eb:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:A2:7B:D3:7B:65:54:0A:B4:41:2E:9F:1B:A8:18:89:F7:43:B2:D8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fce7a03b-9e90-4921-9c56-5b0bd4e60ed0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
71:a8:98:a8:2b:5e:7b:d3:c8:9a:a6:1b:f8:5d:09:3a:5a:8c:
27:f0:fd:44:13:31:84:a0:29:5e:7a:68:93:83:c4:c2:96:61:
6a:cd:67:a2:b5:43:89:ff:b1:fe:f5:43:2f:fa:82:4d:98:00:
88:02:18:41:85:d1:f0:74:0b:c6:15:9f:6c:46:bc:84:5d:39:
c5:95:28:7c:ed:d1:37:f0:eb:d0:37:6d:82:d0:51:90:90:08:
da:d9:68:37:58:da:dd:9f:b8:43:d2:2f:45:68:3b:b3:51:ed:
0d:b5:26:42:0f:0f:51:1b:cf:c2:55:d9:7b:f0:5f:e5:18:bc:
3f:94:98:c7:ed:a7:43:33:da:41:77:47:0a:7e:78:2d:b2:40:
a7:9b:94:a1:01:19:94:d8:24:4f:42:cb:bc:e5:4b:81:3f:e0:
c3:a7:94:8a:2b:e1:c8:27:cd:26:6d:eb:df:20:d3:63:14:be:
ed:cc:9c:b8:fd:97:88:5e:02:3d:7d:1b:9d:e2:df:25:5e:d8:
63:9c:fa:dd:f5:69:a5:ec:ef:47:a7:fc:24:07:17:e1:dc:b7:
1d:63:ec:39:50:d4:ce:b4:64:91:11:33:c1:2b:0f:ad:f6:6c:
e3:f3:a7:35:af:28:15:f6:91:8b:eb:8a:63:a2:ad:01:aa:1e:
84:1e:86:13
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFjJ4V2c0SJNJwyoBm3OsDMHHojswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODMxNDZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQwNGFmZWJjMDE1MjMyMmQyNTQwZDEyODVlNWM4YTVlZDg3MDg3OWYxY2Fj
MGQyMzk2MzgwYzQ2ODhlN2MzMWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIrzcc9yng220R1aheNjA3Ef9x772AY6BZlAWerIjQ1qNnoieTuWNRBJawVJ
xb6CFbLWmkBwA0ro42eldIdpmkDFLCpgx+ROytnKhXNhBdEpAShrgvVR44C4LLTI
S+pNyr7lkW2C2ZF+qiWcGqngAiATJ+veYQJXL01rGoSyFi1l1Qw2EPx+/chYq66A
M1JvV00BZmDlyGNFruBQJDtyY7CjC7hz63p8i1eop4yFHPdfB1KwY8rOt5rgcD3s
yQ9Kqtx/vZE8J32+PkiUk4cNh91ztovjqDTmvZlJlr4N6EvmaxSmnpBQ2nUHe0UH
rrj/J2dGJzQqOtu3aQyM/el26wECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSfonvT
e2VUCrRBLp8bqBiJ90Oy2DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmNlN2EwM2ItOWU5MC00OTIxLTljNTYtNWIwYmQ0ZTYwZWQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKA
wDANBgkqhkiG9w0BAQsFAAOCAQEAcaiYqCtee9PImqYb+F0JOlqMJ/D9RBMxhKAp
Xnpok4PEwpZhas1norVDif+x/vVDL/qCTZgAiAIYQYXR8HQLxhWfbEa8hF05xZUo
fO3RN/Dr0DdtgtBRkJAI2tloN1ja3Z+4Q9IvRWg7s1HtDbUmQg8PURvPwlXZe/Bf
5Ri8P5SYx+2nQzPaQXdHCn54LbJAp5uUoQEZlNgkT0LLvOVLgT/gw6eUiivhyCfN
Jm3r3yDTYxS+7cycuP2XiF4CPX0bneLfJV7YY5z63fVppezvR6f8JAcX4dy3HWPs
OVDUzrRkkREzwSsPrfZs4/OnNa8oFfaRi+uKY6KtAaoehB6GEw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:33 2025 by rpki-client