Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/12099bf5-f9c1-463e-9fc9-eaf791e339e4.roa
File: 12099bf5-f9c1-463e-9fc9-eaf791e339e4.roa (raw, json)
Hash identifier: m6xpYIZeILbwmZJbnT6CPaUFZnPv7Ra6GgWOTB9lXRU=
Subject key identifier: 70:A0:89:EB:0F:FA:16:82:71:34:71:DE:C7:46:CB:77:64:B7:7B:7F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7C83D9DFCF2125B45014B35886B63B12095D97D3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/12099bf5-f9c1-463e-9fc9-eaf791e339e4.roa
Signing time: Fri 25 Apr 2025 20:21:12 +0000
ROA not before: Fri 25 Apr 2025 20:21:12 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:83:d9:df:cf:21:25:b4:50:14:b3:58:86:b6:3b:12:09:5d:97:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:21:12 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=11b341bc8ffda951f03f4857d5a1cdc4cf23e953623ce1e086d055c6e6cb7b96, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e4:aa:3b:4a:0b:1a:05:96:e9:b7:e2:3d:86:
84:83:7e:ed:ce:e6:c3:b3:c0:f4:3e:9d:a1:dc:63:
70:be:72:dc:fe:9b:a6:a8:ea:bc:0f:d4:15:c3:aa:
4b:55:89:eb:e8:66:13:d8:e4:f9:4d:ec:9d:8e:3e:
89:3f:d5:c7:3b:93:30:5a:30:68:f0:0a:8d:3f:7a:
d7:7a:46:4a:0b:b6:db:fb:94:90:5b:f0:d6:4f:19:
29:09:ec:bb:a9:2d:04:c5:57:ae:ed:f3:1f:27:20:
7b:87:05:8c:1b:ff:96:19:62:82:31:b6:07:e1:e6:
26:f0:9b:57:e8:cd:0e:0f:39:ba:5f:93:32:62:ea:
1b:35:a1:11:85:7d:31:f5:36:ab:a3:89:25:04:68:
f2:03:e3:88:ca:b0:ed:d0:ea:6c:9f:7c:e0:aa:2a:
4a:bd:3b:01:3f:39:0a:72:b8:df:58:26:b0:4f:d9:
93:db:7c:a4:75:12:b3:a0:02:28:82:c9:3a:a7:b8:
05:68:6e:28:fb:42:26:d5:e0:27:dd:f2:17:68:3e:
26:7f:e8:8a:95:d3:45:c4:bb:9b:c9:66:51:99:68:
ba:d7:ef:ea:b1:6d:57:95:64:7a:03:57:e0:cc:84:
8f:48:47:0d:31:ce:27:ec:fc:6c:d0:18:54:2d:09:
c9:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:A0:89:EB:0F:FA:16:82:71:34:71:DE:C7:46:CB:77:64:B7:7B:7F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/12099bf5-f9c1-463e-9fc9-eaf791e339e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011::/38
Signature Algorithm: sha256WithRSAEncryption
b9:b2:1d:0e:65:19:f3:b2:68:f0:4c:ca:13:db:ca:fd:71:a4:
91:84:bf:d8:ae:26:19:9c:00:ae:e8:a3:ec:5c:01:63:bc:a7:
09:bd:8c:b7:cd:cb:6e:86:82:5e:5b:1d:1c:0d:fb:b2:c8:a1:
6a:01:e6:9a:8c:6c:37:bf:f6:1d:16:49:1f:d1:e5:39:ff:d8:
ff:dc:db:67:a9:ba:9a:c5:f2:e5:47:cf:88:9a:bc:a2:9f:0c:
34:5d:a6:10:0d:e5:be:11:b1:ff:a0:96:21:7d:fa:f4:5a:33:
f5:11:32:80:b7:6f:89:77:90:07:36:f2:bd:b6:b1:8c:9f:ab:
9e:96:70:fd:0e:53:a5:c0:e3:46:82:b8:d2:23:5d:66:5b:3b:
f4:3c:b2:89:c4:18:eb:55:7a:1d:cb:e5:bb:7d:12:7b:80:ee:
9a:a2:42:13:0b:2f:8b:ba:6f:f0:09:eb:c7:7c:af:23:b2:4b:
6c:e4:9e:17:1f:10:62:22:2b:3c:f3:6e:01:63:c3:d3:a4:04:
04:ea:95:33:09:7e:2b:af:c3:5c:d1:e1:c3:ea:76:a8:c8:11:
de:0c:e3:cb:ad:29:d7:60:0d:d8:ee:c4:70:d9:85:0e:16:bc:
cc:d2:d0:a2:9c:25:e0:a6:28:63:e4:d6:74:91:9a:b7:7d:8d:
09:ae:88:c3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfIPZ388hJbRQFLNYhrY7Egldl9MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDIxMTJaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDExYjM0MWJjOGZmZGE5NTFmMDNmNDg1N2Q1YTFjZGM0Y2YyM2U5NTM2MjNj
ZTFlMDg2ZDA1NWM2ZTZjYjdiOTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALjkqjtKCxoFlum34j2GhIN+7c7mw7PA9D6dodxjcL5y3P6bpqjqvA/UFcOq
S1WJ6+hmE9jk+U3snY4+iT/VxzuTMFowaPAKjT9613pGSgu22/uUkFvw1k8ZKQns
u6ktBMVXru3zHycge4cFjBv/lhligjG2B+HmJvCbV+jNDg85ul+TMmLqGzWhEYV9
MfU2q6OJJQRo8gPjiMqw7dDqbJ984KoqSr07AT85CnK431gmsE/Zk9t8pHUSs6AC
KILJOqe4BWhuKPtCJtXgJ93yF2g+Jn/oipXTRcS7m8lmUZloutfv6rFtV5VkegNX
4MyEj0hHDTHOJ+z8bNAYVC0JyY0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRwoInr
D/oWgnE0cd7HRst3ZLd7fzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTIwOTliZjUtZjljMS00NjNlLTlmYzktZWFmNzkxZTMzOWU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BEA
MA0GCSqGSIb3DQEBCwUAA4IBAQC5sh0OZRnzsmjwTMoT28r9caSRhL/YriYZnACu
6KPsXAFjvKcJvYy3zctuhoJeWx0cDfuyyKFqAeaajGw3v/YdFkkf0eU5/9j/3Ntn
qbqaxfLlR8+Imryinww0XaYQDeW+EbH/oJYhffr0WjP1ETKAt2+Jd5AHNvK9trGM
n6uelnD9DlOlwONGgrjSI11mWzv0PLKJxBjrVXody+W7fRJ7gO6aokITCy+Lum/w
CevHfK8jskts5J4XHxBiIis8824BY8PTpAQE6pUzCX4rr8Nc0eHD6naoyBHeDOPL
rSnXYA3Y7sRw2YUOFrzM0tCinCXgpihj5NZ0kZq3fY0JrojD
-----END CERTIFICATE-----
Generated at Mon May 5 18:42:31 2025 by rpki-client