Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa
File: 0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa (raw, json)
Hash identifier: jO1NLMWz1J0NW1QODr+7hBPaU1tGiBeYJQnHvhLl5OA=
Subject key identifier: 1E:A8:4D:99:55:1C:42:25:EC:69:16:5F:0C:85:68:92:00:A9:76:8B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 79513986D70859C0F9D954BC86F139EF771F118D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa
Signing time: Fri 25 Apr 2025 20:30:10 +0000
ROA not before: Fri 25 Apr 2025 20:30:10 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018:1000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:51:39:86:d7:08:59:c0:f9:d9:54:bc:86:f1:39:ef:77:1f:11:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:30:10 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=6af8aa49cfb2d755daf97698d14872a2273a51af8c87d91eb76f7e3783d42527, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:57:4d:0c:66:b8:74:f7:04:4a:94:29:9d:bb:
f2:a8:6a:c6:4c:3c:a8:90:44:ca:d6:08:ee:2b:0c:
11:3c:95:2d:94:de:a2:55:35:f8:50:e8:24:5a:17:
9d:72:95:c0:b6:17:c9:e1:08:fc:77:bf:9f:55:d1:
80:fe:4d:a9:ca:3d:12:68:35:42:35:a1:0b:da:9c:
f6:11:94:f3:80:42:a8:8a:87:86:b5:53:24:73:ff:
84:d2:c4:08:35:77:34:6f:8a:3b:1c:40:c4:04:be:
f4:16:1b:f8:f6:c8:19:2c:c1:1b:17:f1:d0:b1:d5:
ff:49:8d:61:39:3d:fb:48:95:d5:1d:05:c3:7e:25:
39:6d:e2:44:82:87:e8:6e:a0:e0:15:8f:73:87:df:
a2:87:62:2f:ac:ac:98:46:36:4b:fe:52:52:f5:92:
33:6d:59:be:28:9e:27:02:72:74:6c:7f:4b:38:cb:
51:d9:3f:d2:c9:42:63:b4:d3:42:5d:48:c6:9f:90:
62:f8:bc:2a:e9:cc:69:b8:d0:8f:77:00:d9:4b:bc:
74:16:48:e8:18:c5:9b:4b:d7:a5:b2:6b:64:bb:80:
2f:a4:43:57:09:c9:a2:06:d3:9f:7a:f4:b7:65:60:
b8:a3:43:8a:20:65:5c:39:e0:f8:08:aa:b1:6c:f3:
36:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:A8:4D:99:55:1C:42:25:EC:69:16:5F:0C:85:68:92:00:A9:76:8B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018:1000::/36
Signature Algorithm: sha256WithRSAEncryption
0c:69:93:e2:f0:1b:bc:42:da:94:9e:88:c9:68:9d:7d:5d:07:
36:47:54:02:0c:d1:ab:a1:ce:b3:30:1b:80:3e:b1:b9:ec:e6:
59:a8:6f:05:9d:59:60:97:7c:e5:f0:58:48:40:ce:39:9a:b9:
80:63:73:6b:30:20:0c:db:51:54:37:09:94:e4:58:97:c0:ec:
34:95:59:c7:8e:4c:94:bb:7a:ae:80:08:29:9b:ca:d4:55:26:
13:c8:80:6a:52:88:6e:f5:58:bd:37:f5:43:09:5d:b3:1f:48:
7a:82:2b:f5:25:fb:0c:35:f5:76:f3:e3:9d:d2:61:8e:b0:ec:
f3:1f:2b:1c:7a:2f:a7:de:6a:37:98:46:8d:98:c9:17:40:d2:
60:89:2d:6f:0a:02:1c:3e:fe:7a:d3:aa:bf:9d:75:aa:88:7c:
5c:e6:2f:02:63:8b:90:f6:26:f2:5d:f4:62:a7:e0:81:62:ec:
43:18:cd:2d:70:01:4b:94:26:71:ec:91:9b:ee:55:d6:db:ec:
2a:dc:0e:62:9b:53:9d:45:82:9a:79:01:93:a9:d7:d4:d4:c9:
2e:fd:65:36:2f:95:6c:b4:8a:35:de:ba:f1:ec:4e:4b:22:2a:
c4:e5:b6:aa:97:46:3f:a1:4a:8f:d3:d4:73:a1:1d:76:a9:02:
f4:16:24:10
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeVE5htcIWcD52VS8hvE573cfEY0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDMwMTBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhZjhhYTQ5Y2ZiMmQ3NTVkYWY5NzY5OGQxNDg3MmEyMjczYTUxYWY4Yzg3
ZDkxZWI3NmY3ZTM3ODNkNDI1MjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKdXTQxmuHT3BEqUKZ278qhqxkw8qJBEytYI7isMETyVLZTeolU1+FDoJFoX
nXKVwLYXyeEI/He/n1XRgP5Nqco9Emg1QjWhC9qc9hGU84BCqIqHhrVTJHP/hNLE
CDV3NG+KOxxAxAS+9BYb+PbIGSzBGxfx0LHV/0mNYTk9+0iV1R0Fw34lOW3iRIKH
6G6g4BWPc4ffoodiL6ysmEY2S/5SUvWSM21ZviieJwJydGx/SzjLUdk/0slCY7TT
Ql1Ixp+QYvi8KunMabjQj3cA2Uu8dBZI6BjFm0vXpbJrZLuAL6RDVwnJogbTn3r0
t2VguKNDiiBlXDng+AiqsWzzNk8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQeqE2Z
VRxCJexpFl8MhWiSAKl2izAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGJmNmNlZjgtOGM2MC00YTBlLTg5MzItY2ZkYTY0OGQyNzcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAMaZPi8Bu8QtqUnojJaJ19XQc2R1QCDNGroc6z
MBuAPrG57OZZqG8FnVlgl3zl8FhIQM45mrmAY3NrMCAM21FUNwmU5FiXwOw0lVnH
jkyUu3qugAgpm8rUVSYTyIBqUohu9Vi9N/VDCV2zH0h6giv1JfsMNfV28+Od0mGO
sOzzHyscei+n3mo3mEaNmMkXQNJgiS1vCgIcPv5606q/nXWqiHxc5i8CY4uQ9iby
XfRip+CBYuxDGM0tcAFLlCZx7JGb7lXW2+wq3A5im1OdRYKaeQGTqdfU1Mku/WU2
L5VstIo13rrx7E5LIirE5baql0Y/oUqP09RzoR12qQL0FiQQ
-----END CERTIFICATE-----
Generated at Mon May 5 18:40:12 2025 by rpki-client