Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/66a53b3f-eb55-4869-ac1a-f83569ee728f.roa
File: 66a53b3f-eb55-4869-ac1a-f83569ee728f.roa (raw, json)
Hash identifier: 1asLL9VvW+zAZB3OOlXc4GfKiue2AKk3OsNGWXFA7Vc=
Subject key identifier: F4:EC:7F:A2:8A:60:04:8D:8A:77:96:69:56:9D:57:47:1C:23:D6:EC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7BA7F44BDB64BC19AE54BC1D0481D40BD84A222E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/66a53b3f-eb55-4869-ac1a-f83569ee728f.roa
Signing time: Wed 16 Apr 2025 19:22:28 +0000
ROA not before: Wed 16 Apr 2025 19:22:28 +0000
ROA not after: Wed 21 May 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:a7:f4:4b:db:64:bc:19:ae:54:bc:1d:04:81:d4:0b:d8:4a:22:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 16 19:22:28 2025 GMT
Not After : May 21 23:59:59 2025 GMT
Subject: serialNumber=25da36736940b51b97242abb38429649f624246845411491aced712f75a108e0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ce:e6:88:81:48:41:ab:35:7c:86:a0:e0:6d:
8b:37:fe:6e:4e:ed:53:0b:d3:f8:92:52:9e:c1:44:
e0:38:31:7d:0b:8d:f6:cd:b6:7a:a7:5f:97:45:6a:
76:a4:a8:a5:02:b9:ab:84:5b:44:86:85:7b:4f:ba:
d8:35:12:14:22:ac:92:6a:e8:5a:40:b2:69:09:94:
2d:17:be:f0:9b:4d:61:30:ab:4e:b6:ce:f1:58:b7:
f8:d2:6f:36:d3:8c:5e:e2:07:2e:5c:42:34:09:6d:
13:39:70:15:a6:5d:cd:e3:77:49:3b:6e:2a:85:e5:
0a:a0:b7:25:13:bd:fe:6c:86:8d:42:72:48:77:3f:
ca:15:71:30:54:f2:ff:d1:f2:9a:43:ff:a2:b8:ad:
b0:fe:0d:fe:c9:e4:b7:65:77:41:64:e8:65:0c:c6:
e2:4f:07:2b:2b:cf:1f:a9:d3:3d:68:98:d0:4d:ab:
f3:f1:ce:d0:6e:cf:9c:d0:60:09:2c:ea:9c:e2:a6:
24:27:0b:e4:f2:14:20:13:af:c7:b8:e1:19:48:5a:
11:c7:d5:09:72:07:01:64:97:77:f9:96:ce:95:78:
8d:3d:1c:92:d8:15:48:59:7d:85:f7:36:89:a0:36:
a5:bd:8a:8f:f7:5f:b1:d3:e2:c9:35:64:49:6d:cc:
bf:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:EC:7F:A2:8A:60:04:8D:8A:77:96:69:56:9D:57:47:1C:23:D6:EC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/66a53b3f-eb55-4869-ac1a-f83569ee728f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:8000::/40
Signature Algorithm: sha256WithRSAEncryption
62:61:2b:aa:bc:a8:5f:d7:8f:2a:d8:08:c2:3b:78:ff:e0:d5:
2d:00:0a:50:18:20:ab:0c:4e:dc:c7:25:c0:bd:7c:c9:dd:f1:
e0:21:94:06:2a:9d:86:64:f0:e2:46:6a:ba:4f:eb:79:f7:da:
60:4f:77:b2:fd:cc:57:94:8b:b9:bf:c9:0c:b7:b0:90:e8:9e:
5c:26:55:c8:38:87:9b:7c:28:c4:27:ef:76:93:06:06:8b:d6:
e9:63:54:3e:dd:9a:45:18:a7:fc:28:ef:74:c2:cb:d6:74:03:
81:97:0b:87:7b:84:3a:66:f1:5d:59:1c:03:0c:b5:85:fd:3b:
6b:b9:52:82:d8:38:c9:7a:d9:2f:20:f5:89:69:00:a6:cb:c8:
a1:cb:56:57:cf:63:60:b1:d6:ab:46:a9:d5:dc:c4:01:17:75:
9d:2f:b1:de:ec:77:23:36:b8:94:80:83:bd:b5:e5:65:2a:af:
72:28:f1:83:25:4a:f6:a6:08:7f:02:0f:8f:b0:fb:37:ef:85:
f7:a9:d7:09:70:83:bc:ad:2a:21:f0:c4:48:c1:02:cf:56:ef:
6a:41:b6:e8:6a:aa:6a:0f:06:ed:b8:3a:47:3b:26:1c:2e:82:
06:a2:ce:8e:6e:88:88:e8:29:12:4b:96:85:45:07:1b:ff:53:
fa:da:0c:14
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUe6f0S9tkvBmuVLwdBIHUC9hKIi4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTYxOTIyMjhaFw0yNTA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1ZGEzNjczNjk0MGI1MWI5NzI0MmFiYjM4NDI5NjQ5ZjYyNDI0Njg0NTQx
MTQ5MWFjZWQ3MTJmNzVhMTA4ZTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJLO5oiBSEGrNXyGoOBtizf+bk7tUwvT+JJSnsFE4DgxfQuN9s22eqdfl0Vq
dqSopQK5q4RbRIaFe0+62DUSFCKskmroWkCyaQmULRe+8JtNYTCrTrbO8Vi3+NJv
NtOMXuIHLlxCNAltEzlwFaZdzeN3STtuKoXlCqC3JRO9/myGjUJySHc/yhVxMFTy
/9HymkP/oritsP4N/snkt2V3QWToZQzG4k8HKyvPH6nTPWiY0E2r8/HO0G7PnNBg
CSzqnOKmJCcL5PIUIBOvx7jhGUhaEcfVCXIHAWSXd/mWzpV4jT0cktgVSFl9hfc2
iaA2pb2Kj/dfsdPiyTVkSW3Mv9ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT07H+i
imAEjYp3lmlWnVdHHCPW7DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjZhNTNiM2YtZWI1NS00ODY5LWFjMWEtZjgzNTY5ZWU3MjhmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSA
MA0GCSqGSIb3DQEBCwUAA4IBAQBiYSuqvKhf148q2AjCO3j/4NUtAApQGCCrDE7c
xyXAvXzJ3fHgIZQGKp2GZPDiRmq6T+t599pgT3ey/cxXlIu5v8kMt7CQ6J5cJlXI
OIebfCjEJ+92kwYGi9bpY1Q+3ZpFGKf8KO90wsvWdAOBlwuHe4Q6ZvFdWRwDDLWF
/TtruVKC2DjJetkvIPWJaQCmy8ihy1ZXz2NgsdarRqnV3MQBF3WdL7He7HcjNriU
gIO9teVlKq9yKPGDJUr2pgh/Ag+PsPs374X3qdcJcIO8rSoh8MRIwQLPVu9qQbbo
aqpqDwbtuDpHOyYcLoIGos6OboiI6CkSS5aFRQcb/1P62gwU
-----END CERTIFICATE-----
Generated at Mon May 5 18:42:00 2025 by rpki-client