Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14c60b75-8947-47da-9c6d-7045cbbbea55.roa
File: 14c60b75-8947-47da-9c6d-7045cbbbea55.roa (raw, json)
Hash identifier: 7/fT8runTWycgMP5Gog9wo/WnfsOA+bVpCmi/21IfLU=
Subject key identifier: 26:A1:8B:8B:84:36:2A:16:E6:DD:B1:70:A4:8E:15:09:55:CC:4B:50
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 04E02304A464B2EFD0435AE76DB8FD6EC0E83A5B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14c60b75-8947-47da-9c6d-7045cbbbea55.roa
Signing time: Mon 28 Apr 2025 15:41:18 +0000
ROA not before: Mon 28 Apr 2025 15:41:18 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:e0:23:04:a4:64:b2:ef:d0:43:5a:e7:6d:b8:fd:6e:c0:e8:3a:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 28 15:41:18 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=57861229ea9dfba7e41fa9d891fa9f624553f0f0be1afc57f3a889da4e3872b7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:44:44:ff:63:08:92:11:68:03:1e:3a:d3:f4:
3f:12:29:f8:cc:04:7f:83:c1:81:b9:fd:e9:6d:f2:
1f:04:35:eb:81:fe:c3:a2:0d:82:b0:52:6f:42:8d:
e6:3b:33:74:0e:8b:88:7a:17:71:30:d4:cb:28:a7:
9b:b1:e7:5a:12:5b:f4:c2:a0:e1:62:1e:85:13:be:
80:dc:96:92:f2:b4:a7:4a:87:48:65:66:35:7f:2b:
5e:bd:67:f5:a0:0c:60:ef:31:2d:ff:df:de:e8:96:
f9:64:e1:65:6a:0d:38:2c:28:ce:ca:c4:b7:29:59:
c8:47:f7:6d:2a:86:c2:4c:1b:a0:d8:8b:d7:bd:13:
23:93:9b:07:5f:ce:97:ec:b8:2d:e9:75:b3:97:38:
ee:6b:a8:1d:2f:25:74:37:03:2b:fb:53:1e:fe:33:
d0:a1:32:5f:5e:85:c4:d2:36:c0:ab:74:5a:1b:20:
e9:14:47:db:91:70:57:34:dc:e1:72:24:ab:9e:23:
1b:9a:ea:ee:c9:80:72:05:f0:3f:87:c5:b4:05:69:
5e:16:99:e9:8f:17:b1:47:13:60:ce:a3:5e:7c:17:
84:40:28:26:3a:1f:fb:10:d2:43:67:be:c9:ba:09:
38:c3:7f:ff:c0:55:0a:57:d7:70:6e:dc:d8:68:97:
f6:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:A1:8B:8B:84:36:2A:16:E6:DD:B1:70:A4:8E:15:09:55:CC:4B:50
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14c60b75-8947-47da-9c6d-7045cbbbea55.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:1000::/40
Signature Algorithm: sha256WithRSAEncryption
3e:5b:72:56:95:dc:e3:fb:5a:ad:07:19:3e:8f:dd:c3:e5:c9:
01:67:33:2f:76:13:85:85:87:03:4d:c1:bd:67:6a:8a:05:3c:
61:9f:00:51:80:e9:1f:2f:d9:1d:54:93:e9:45:ab:d3:75:79:
50:e0:a0:7a:c9:4d:1a:88:22:85:9a:c4:9f:71:0d:93:0b:07:
c1:c4:77:53:ad:ad:ff:c4:f4:c8:de:d7:14:7e:65:93:d0:8b:
0f:88:6e:a5:86:57:ad:38:4d:34:a4:e9:8f:b7:40:17:8a:a1:
32:b2:a1:9b:bd:43:4f:ae:6d:de:aa:3e:e1:45:94:c2:c4:87:
80:91:ff:a3:e5:01:83:d8:7d:c2:69:b1:6d:28:60:43:af:8b:
18:93:d9:32:de:73:d8:00:2a:27:be:54:11:2f:e1:04:2b:4c:
94:99:6d:0a:5b:fb:04:29:7f:20:a3:27:7e:86:e7:21:31:ee:
57:8c:c6:0d:f0:26:a5:c7:be:ad:a4:28:c0:5a:cb:6d:1d:71:
10:39:9e:4c:76:a0:16:db:40:92:6a:db:b8:d2:dd:60:f0:34:
be:d8:7e:11:f0:9f:ea:78:21:87:f8:c8:09:17:51:ad:9d:e4:
5a:25:b4:9a:2a:a4:51:1a:d8:2b:1b:37:5a:6a:ff:33:ab:f1:
b7:50:51:da
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBOAjBKRksu/QQ1rnbbj9bsDoOlswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjgxNTQxMThaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDU3ODYxMjI5ZWE5ZGZiYTdlNDFmYTlkODkxZmE5ZjYyNDU1M2YwZjBiZTFh
ZmM1N2YzYTg4OWRhNGUzODcyYjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALtERP9jCJIRaAMeOtP0PxIp+MwEf4PBgbn96W3yHwQ164H+w6INgrBSb0KN
5jszdA6LiHoXcTDUyyinm7HnWhJb9MKg4WIehRO+gNyWkvK0p0qHSGVmNX8rXr1n
9aAMYO8xLf/f3uiW+WThZWoNOCwozsrEtylZyEf3bSqGwkwboNiL170TI5ObB1/O
l+y4Lel1s5c47muoHS8ldDcDK/tTHv4z0KEyX16FxNI2wKt0Whsg6RRH25FwVzTc
4XIkq54jG5rq7smAcgXwP4fFtAVpXhaZ6Y8XsUcTYM6jXnwXhEAoJjof+xDSQ2e+
yboJOMN//8BVClfXcG7c2GiX9hcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQmoYuL
hDYqFubdsXCkjhUJVcxLUDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTRjNjBiNzUtODk0Ny00N2RhLTljNmQtNzA0NWNiYmJlYTU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G8Q
MA0GCSqGSIb3DQEBCwUAA4IBAQA+W3JWldzj+1qtBxk+j93D5ckBZzMvdhOFhYcD
TcG9Z2qKBTxhnwBRgOkfL9kdVJPpRavTdXlQ4KB6yU0aiCKFmsSfcQ2TCwfBxHdT
ra3/xPTI3tcUfmWT0IsPiG6lhletOE00pOmPt0AXiqEysqGbvUNPrm3eqj7hRZTC
xIeAkf+j5QGD2H3CabFtKGBDr4sYk9ky3nPYAConvlQRL+EEK0yUmW0KW/sEKX8g
oyd+huchMe5XjMYN8Calx76tpCjAWsttHXEQOZ5MdqAW20CSatu40t1g8DS+2H4R
8J/qeCGH+MgJF1GtneRaJbSaKqRRGtgrGzdaav8zq/G3UFHa
-----END CERTIFICATE-----
Generated at Mon May 5 15:59:41 2025 by rpki-client