Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa
File: 2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa (raw, json)
Hash identifier: sU50iHl0FxB1pWIToigpKRvTyQcFrleezQkK+r6RStM=
Subject key identifier: 87:4E:9F:A1:14:64:50:62:9F:29:91:CB:65:57:ED:E4:11:B3:04:C6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7346106BF798AA7B5CB5628B8EAE06451473CF76
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa
Signing time: Fri 25 Apr 2025 19:50:19 +0000
ROA not before: Fri 25 Apr 2025 19:50:19 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:46:10:6b:f7:98:aa:7b:5c:b5:62:8b:8e:ae:06:45:14:73:cf:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:50:19 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=2f4862b2f0f7a6a1beabee8667c515a21c4b8143d92337b62762e28b48794a40, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:79:ac:07:db:ad:d2:6e:dc:7e:19:b2:96:ae:
53:f1:a7:e7:c9:9c:7f:a4:25:4a:73:75:db:35:f7:
1c:e8:82:c7:1e:e3:10:73:78:dc:d6:72:28:82:7d:
f8:66:14:ac:74:97:32:8e:21:42:77:92:98:0e:fd:
e5:59:04:de:32:c6:d7:af:e7:50:d6:d4:0d:73:08:
6a:e0:00:02:58:70:df:4b:ef:ed:2c:14:f8:bd:84:
9b:9f:02:f7:10:bb:e5:8a:63:af:b6:8b:f9:92:f6:
1c:c9:e1:cc:00:e3:b4:f6:68:45:15:80:fe:df:01:
37:9f:09:97:8d:2a:05:8a:d7:31:50:de:41:cb:a1:
41:d9:24:1e:0f:ff:0a:01:e9:f1:26:4d:ce:ab:55:
2c:80:75:18:c6:0d:db:46:2d:bb:a9:6c:26:e9:cc:
3d:ed:60:7c:a9:bf:1a:7e:a9:73:63:77:ea:24:a9:
42:40:7b:10:0d:1b:81:44:fa:2c:3f:c4:7d:fb:7d:
cb:76:8a:ec:1a:c0:e4:f8:7b:75:80:af:01:bc:ac:
6c:c6:e0:1f:1c:32:69:90:58:34:63:be:ba:ca:9b:
18:cf:e4:70:94:3d:c2:6c:7e:64:d2:b3:c5:cf:c7:
e2:57:29:71:e0:81:ee:e8:dd:cf:7f:89:d2:e5:cd:
b2:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:4E:9F:A1:14:64:50:62:9F:29:91:CB:65:57:ED:E4:11:B3:04:C6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:a000::/40
Signature Algorithm: sha256WithRSAEncryption
8e:e1:12:4c:3f:ed:24:f4:fd:ed:95:6b:cf:95:86:09:45:2c:
ac:e2:8d:0e:30:0a:42:66:aa:6f:96:19:7d:3b:a5:67:10:a3:
e0:7a:3f:af:66:9d:da:ec:2e:26:c3:b8:11:66:ea:81:2e:93:
19:8b:c7:5b:e2:b0:d2:5d:f7:32:e2:f1:01:02:59:e2:37:1c:
c5:2c:9a:23:ae:22:16:55:46:d1:68:77:d9:a9:e2:a3:46:43:
3a:24:08:e0:65:a0:c5:84:2e:2e:76:50:18:0d:38:be:16:09:
4a:e8:d4:ae:15:67:b6:55:26:e8:b2:ce:78:d5:00:d2:32:12:
bf:d2:88:97:08:8f:37:fb:ae:08:8e:3d:43:e7:0f:94:f1:6b:
2f:f8:17:69:5d:f0:bf:37:fc:4f:43:8b:f5:06:37:02:19:5d:
e8:06:f1:af:3c:d0:80:9c:eb:5f:dd:ef:0d:05:b0:ba:1d:a2:
d9:f1:d1:ef:01:36:11:ef:c5:97:4d:aa:e2:66:60:66:ab:e0:
c7:e9:dd:1e:42:77:5a:68:3a:81:33:e2:e3:a1:12:62:cf:c3:
39:95:32:52:3a:e8:3c:71:95:16:dc:2e:c2:5d:16:f1:68:d7:
d6:4b:d1:8d:3f:40:03:30:bd:18:73:35:8c:9c:26:bd:ac:a8:
35:1a:ad:36
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUc0YQa/eYqntctWKLjq4GRRRzz3YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTUwMTlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmNDg2MmIyZjBmN2E2YTFiZWFiZWU4NjY3YzUxNWEyMWM0YjgxNDNkOTIz
MzdiNjI3NjJlMjhiNDg3OTRhNDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIN5rAfbrdJu3H4ZspauU/Gn58mcf6QlSnN12zX3HOiCxx7jEHN43NZyKIJ9
+GYUrHSXMo4hQneSmA795VkE3jLG16/nUNbUDXMIauAAAlhw30vv7SwU+L2Em58C
9xC75Ypjr7aL+ZL2HMnhzADjtPZoRRWA/t8BN58Jl40qBYrXMVDeQcuhQdkkHg//
CgHp8SZNzqtVLIB1GMYN20Ytu6lsJunMPe1gfKm/Gn6pc2N36iSpQkB7EA0bgUT6
LD/Efft9y3aK7BrA5Ph7dYCvAbysbMbgHxwyaZBYNGO+usqbGM/kcJQ9wmx+ZNKz
xc/H4lcpceCB7ujdz3+J0uXNsmsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSHTp+h
FGRQYp8pkctlV+3kEbMExjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmRjN2I1NjQtYzNlMS00OWVmLWE3OGMtZjM2ZjQxMzliNDNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hig
MA0GCSqGSIb3DQEBCwUAA4IBAQCO4RJMP+0k9P3tlWvPlYYJRSys4o0OMApCZqpv
lhl9O6VnEKPgej+vZp3a7C4mw7gRZuqBLpMZi8db4rDSXfcy4vEBAlniNxzFLJoj
riIWVUbRaHfZqeKjRkM6JAjgZaDFhC4udlAYDTi+FglK6NSuFWe2VSboss541QDS
MhK/0oiXCI83+64Ijj1D5w+U8Wsv+BdpXfC/N/xPQ4v1BjcCGV3oBvGvPNCAnOtf
3e8NBbC6HaLZ8dHvATYR78WXTariZmBmq+DH6d0eQndaaDqBM+LjoRJiz8M5lTJS
Oug8cZUW3C7CXRbxaNfWS9GNP0ADML0YczWMnCa9rKg1Gq02
-----END CERTIFICATE-----
Generated at Tue May 6 13:40:16 2025 by rpki-client