Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a961f3a-fb71-4357-a4fc-28c4024b0441.roa
File: 1a961f3a-fb71-4357-a4fc-28c4024b0441.roa (raw, json)
Hash identifier: qjrXyix1NG0SePJHyXvJ/VCKgE/bUsYQ/9M9xn6FzjU=
Subject key identifier: B0:60:65:26:3F:A3:EE:3F:25:D4:F0:B5:75:80:EB:4C:BE:94:EC:45
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6BDC2A753145683064AA6C2B2F69B0721BE6D631
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a961f3a-fb71-4357-a4fc-28c4024b0441.roa
Signing time: Mon 05 May 2025 16:00:04 +0000
ROA not before: Mon 05 May 2025 16:00:04 +0000
ROA not after: Mon 09 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000::/25 maxlen: 25
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 18:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:dc:2a:75:31:45:68:30:64:aa:6c:2b:2f:69:b0:72:1b:e6:d6:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 5 16:00:04 2025 GMT
Not After : Jun 9 23:59:59 2025 GMT
Subject: serialNumber=375bd86a1a7bf7558a43deba294f714bb98c77b94882e5af4840fe2b9ea45fcc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b9:7a:7f:f1:93:fb:dc:b7:e1:80:c0:b9:fe:
fc:85:93:35:f0:4f:7c:c0:25:ef:8e:e3:95:50:31:
70:81:6f:d4:1d:20:8b:ca:18:2f:cc:2a:8d:f7:f7:
c4:da:20:08:1e:fc:51:fa:50:44:6c:a5:f9:7f:09:
d5:3c:cb:33:8c:5d:59:3b:66:b9:46:bb:2b:08:41:
00:7d:03:b7:67:c7:b8:7f:a6:36:31:40:21:19:55:
80:b0:99:87:2b:0c:8b:e3:21:f3:1f:4d:27:27:3b:
8e:0e:a1:69:c7:a0:b2:2a:71:fa:cc:56:58:f9:d4:
f6:b5:0d:a7:2a:52:36:2d:2a:0e:db:a0:f4:eb:eb:
b2:9d:57:d4:0f:34:53:fa:71:33:3a:f8:12:2d:dc:
ef:d3:63:6c:21:79:c3:81:e4:46:95:92:a4:e1:09:
60:5d:f3:59:0a:7a:11:6f:f2:27:67:54:5d:9a:3c:
0c:12:7a:66:92:25:4b:03:65:60:66:2d:c5:72:59:
60:31:c6:04:1f:82:b1:0a:b7:b4:0e:8e:14:d4:63:
84:97:bb:6b:b5:29:ec:96:6f:d7:51:9e:84:19:37:
fb:0f:29:79:3e:e6:95:2f:3f:e2:07:dd:f4:7e:8b:
29:d4:ad:12:83:06:ad:fd:ae:3f:e8:ca:ac:87:d6:
2d:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:60:65:26:3F:A3:EE:3F:25:D4:F0:B5:75:80:EB:4C:BE:94:EC:45
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a961f3a-fb71-4357-a4fc-28c4024b0441.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000::/25
Signature Algorithm: sha256WithRSAEncryption
4a:bd:47:39:70:93:fb:22:1e:24:38:0d:96:3c:4f:99:15:64:
2f:20:a3:09:c1:13:4a:31:79:5f:ae:19:7c:bf:c8:f7:e2:0a:
4a:20:9a:16:d9:bd:ce:4e:00:3c:37:1b:d2:96:f3:f0:ee:22:
ae:61:25:6a:0e:fe:4f:43:37:fc:b7:71:ef:dd:2e:11:01:e9:
9b:53:36:f9:9b:36:c7:56:8c:da:68:40:5f:73:09:ab:74:b7:
16:d7:ad:e4:7f:91:b0:f6:9f:66:dd:64:6e:44:96:96:24:19:
f6:83:67:c6:4d:30:ef:ee:47:d5:a9:b2:be:60:08:23:d0:19:
6e:5e:51:c9:e4:7c:e5:69:01:a9:19:9d:16:0f:e7:9e:bd:fc:
a1:e0:72:c8:0d:96:6b:d9:63:ce:aa:cc:3c:e8:5b:bd:7d:87:
83:ee:cb:86:fb:54:dc:b6:42:79:c7:ef:d1:b5:d0:22:05:96:
86:bd:6c:7c:34:38:8a:22:90:a2:8e:ff:d2:b3:cb:ea:61:33:
88:fb:de:e1:c6:9f:80:db:fa:5b:fb:7d:c4:a4:eb:41:0b:c0:
b9:bd:44:02:8d:7d:4d:d3:da:52:4d:98:e6:33:2a:fa:4e:53:
1e:5f:39:28:de:4a:ce:a1:09:25:f8:f3:03:64:10:b3:fb:ba:
33:37:e8:33
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUa9wqdTFFaDBkqmwrL2mwchvm1jEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MDUxNjAwMDRaFw0yNTA2MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM3NWJkODZhMWE3YmY3NTU4YTQzZGViYTI5NGY3MTRiYjk4Yzc3Yjk0ODgy
ZTVhZjQ4NDBmZTJiOWVhNDVmY2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJi5en/xk/vct+GAwLn+/IWTNfBPfMAl747jlVAxcIFv1B0gi8oYL8wqjff3
xNogCB78UfpQRGyl+X8J1TzLM4xdWTtmuUa7KwhBAH0Dt2fHuH+mNjFAIRlVgLCZ
hysMi+Mh8x9NJyc7jg6hacegsipx+sxWWPnU9rUNpypSNi0qDtug9Ovrsp1X1A80
U/pxMzr4Ei3c79NjbCF5w4HkRpWSpOEJYF3zWQp6EW/yJ2dUXZo8DBJ6ZpIlSwNl
YGYtxXJZYDHGBB+CsQq3tA6OFNRjhJe7a7Up7JZv11GehBk3+w8peT7mlS8/4gfd
9H6LKdStEoMGrf2uP+jKrIfWLT8CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBSwYGUm
P6PuPyXU8LV1gOtMvpTsRTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWE5NjFmM2EtZmI3MS00MzU3LWE0ZmMtMjhjNDAyNGIwNDQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFByoF0AAw
DQYJKoZIhvcNAQELBQADggEBAEq9Rzlwk/siHiQ4DZY8T5kVZC8gownBE0oxeV+u
GXy/yPfiCkogmhbZvc5OADw3G9KW8/DuIq5hJWoO/k9DN/y3ce/dLhEB6ZtTNvmb
NsdWjNpoQF9zCat0txbXreR/kbD2n2bdZG5ElpYkGfaDZ8ZNMO/uR9Wpsr5gCCPQ
GW5eUcnkfOVpAakZnRYP5569/KHgcsgNlmvZY86qzDzoW719h4Puy4b7VNy2QnnH
79G10CIFloa9bHw0OIoikKKO/9Kzy+phM4j73uHGn4Db+lv7fcSk60ELwLm9RAKN
fU3T2lJNmOYzKvpOUx5fOSjeSs6hCSX48wNkELP7ujM36DM=
-----END CERTIFICATE-----
Generated at Mon May 5 20:59:19 2025 by rpki-client