Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/26750169-59df-4208-bbd4-d751d66a7b35.roa
File: 26750169-59df-4208-bbd4-d751d66a7b35.roa (raw, json)
Hash identifier: 6CkgnIkVZ/YB4iLS/vSBz++zdCgDyYt0qQjqmuRpHDA=
Subject key identifier: C4:B3:D6:B8:F5:4E:5A:41:2F:6B:C3:65:BB:50:08:0C:35:D0:C0:65
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 48C7523013F469415E2F0157F591CA3E8CA28147
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/26750169-59df-4208-bbd4-d751d66a7b35.roa
Signing time: Fri 25 Apr 2025 19:10:16 +0000
ROA not before: Fri 25 Apr 2025 19:10:16 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:8080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 08:37:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:c7:52:30:13:f4:69:41:5e:2f:01:57:f5:91:ca:3e:8c:a2:81:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:10:16 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=17179d8bacd8fbf0525cf6b8a375e4eac7fdfce4daf7cbb101ed78b90c4ee144, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4f:20:3a:b4:ac:95:92:4b:e7:f2:e8:71:1f:
13:bb:08:30:08:8f:f8:4e:73:65:31:a8:ae:ef:be:
7a:72:17:67:f4:ae:f5:c8:a7:cf:da:a3:bf:6a:69:
08:85:24:9a:1d:48:86:e4:ce:e9:31:a6:df:87:d9:
d3:a9:27:9e:3d:b2:f3:05:32:be:99:64:b0:11:30:
7a:7b:b3:04:e5:9c:04:d4:9e:51:8b:5c:6e:ce:ff:
b3:e6:a0:7c:f1:03:55:88:00:44:a0:01:01:47:bf:
14:e9:36:dc:29:66:18:66:2c:87:6c:fc:2c:e3:50:
a3:3b:88:d6:b0:cb:c4:c3:e7:e4:d2:7e:82:32:25:
c1:a6:fa:99:e5:7d:1b:c5:fb:01:7a:40:c3:67:20:
5e:11:eb:5e:ca:d5:3b:41:75:7d:b5:7a:5b:0a:81:
b4:b3:66:72:a0:d1:fe:7c:e3:c4:cb:79:c3:71:a8:
dd:c7:84:04:48:26:2c:15:c4:ad:2a:a8:9d:8b:5f:
b3:51:ba:20:16:10:fc:29:7c:9a:dd:d2:cc:11:f9:
2c:19:57:a8:85:4b:ee:cf:2b:93:26:49:e3:17:96:
82:b5:8b:55:ab:89:ff:e3:d8:a7:58:66:d6:27:22:
92:8a:d9:75:a8:36:ab:03:37:8e:cb:d7:2e:c3:38:
71:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:B3:D6:B8:F5:4E:5A:41:2F:6B:C3:65:BB:50:08:0C:35:D0:C0:65
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/26750169-59df-4208-bbd4-d751d66a7b35.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:8080::/46
Signature Algorithm: sha256WithRSAEncryption
ba:05:f9:11:64:35:6d:01:b3:dc:58:21:9a:b4:61:ab:7f:f0:
2a:a2:56:f1:9c:fb:e4:a4:83:4b:be:49:08:a6:30:45:78:53:
b1:f5:d2:db:88:9d:fd:dc:14:12:a8:a8:ff:e4:0c:38:d1:4f:
a2:ff:d0:cd:92:7c:c1:da:fe:e3:fb:ea:c6:f3:c7:0c:3d:a8:
23:a9:49:5b:20:d4:a3:27:0d:93:e8:53:74:ab:c2:9d:15:bf:
5c:cc:20:96:bd:2a:74:4b:63:56:4e:a5:91:6b:4b:fd:e1:88:
4e:8d:28:d6:94:12:45:37:5a:81:f3:7f:86:da:01:68:0b:0c:
a4:d8:40:b5:3a:4c:55:c1:e2:41:58:39:dd:50:17:fa:9f:d3:
cc:6b:70:40:44:4a:d1:ad:68:08:ad:c9:7b:9a:2f:f3:09:45:
24:6e:36:cf:d9:53:93:fd:14:0c:0c:ee:03:21:d2:b2:be:d4:
24:15:09:64:52:37:40:84:e3:d9:b7:58:f5:b9:03:67:42:7f:
b0:9d:87:77:6c:ba:76:d9:a3:62:99:1a:36:fb:18:13:55:2b:
be:95:1b:5e:d5:4f:f0:2d:5a:79:eb:32:f6:74:ba:0e:5e:e8:
45:8f:95:61:fc:af:fc:da:01:25:32:ae:a4:a8:0b:1b:fe:f3:
2a:5d:27:67
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSMdSMBP0aUFeLwFX9ZHKPoyigUcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTEwMTZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3MTc5ZDhiYWNkOGZiZjA1MjVjZjZiOGEzNzVlNGVhYzdmZGZjZTRkYWY3
Y2JiMTAxZWQ3OGI5MGM0ZWUxNDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALxPIDq0rJWSS+fy6HEfE7sIMAiP+E5zZTGoru++enIXZ/Su9cinz9qjv2pp
CIUkmh1IhuTO6TGm34fZ06knnj2y8wUyvplksBEwenuzBOWcBNSeUYtcbs7/s+ag
fPEDVYgARKABAUe/FOk23ClmGGYsh2z8LONQozuI1rDLxMPn5NJ+gjIlwab6meV9
G8X7AXpAw2cgXhHrXsrVO0F1fbV6WwqBtLNmcqDR/nzjxMt5w3Go3ceEBEgmLBXE
rSqonYtfs1G6IBYQ/Cl8mt3SzBH5LBlXqIVL7s8rkyZJ4xeWgrWLVauJ/+PYp1hm
1icikorZdag2qwM3jsvXLsM4cYcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTEs9a4
9U5aQS9rw2W7UAgMNdDAZTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjY3NTAxNjktNTlkZi00MjA4LWJiZDQtZDc1MWQ2NmE3YjM1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HeA
gDANBgkqhkiG9w0BAQsFAAOCAQEAugX5EWQ1bQGz3FghmrRhq3/wKqJW8Zz75KSD
S75JCKYwRXhTsfXS24id/dwUEqio/+QMONFPov/QzZJ8wdr+4/vqxvPHDD2oI6lJ
WyDUoycNk+hTdKvCnRW/XMwglr0qdEtjVk6lkWtL/eGITo0o1pQSRTdagfN/htoB
aAsMpNhAtTpMVcHiQVg53VAX+p/TzGtwQERK0a1oCK3Je5ov8wlFJG42z9lTk/0U
DAzuAyHSsr7UJBUJZFI3QITj2bdY9bkDZ0J/sJ2Hd2y6dtmjYpkaNvsYE1UrvpUb
XtVP8C1aeesy9nS6Dl7oRY+VYfyv/NoBJTKupKgLG/7zKl0nZw==
-----END CERTIFICATE-----
Generated at Mon May 5 13:25:09 2025 by rpki-client