Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68ece0e7-075e-4bcd-873e-0c74882a8546.roa
File: 68ece0e7-075e-4bcd-873e-0c74882a8546.roa (raw, json)
Hash identifier: k3g/15JSwu0tD42/KIjUXwh8GRFidivm1lwKi2ESK+E=
Subject key identifier: 9E:A1:D3:88:22:E4:82:94:5C:22:0E:EA:1D:1F:64:6A:C1:0B:D1:B0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1A3217931AB4A66BE61FF87412EBF78BA3331255
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68ece0e7-075e-4bcd-873e-0c74882a8546.roa
Signing time: Fri 25 Apr 2025 19:00:23 +0000
ROA not before: Fri 25 Apr 2025 19:00:23 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:32:17:93:1a:b4:a6:6b:e6:1f:f8:74:12:eb:f7:8b:a3:33:12:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:00:23 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=df6c9223a36b56ebf2101bd689f775e6c4f7f5c9f6ba32df683d0ece9da3bd65, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b1:f5:9a:85:b6:7d:7c:8a:99:f2:d0:18:d7:
b8:e4:bb:1b:d1:31:03:97:69:0e:68:aa:cd:2d:9f:
31:ef:10:88:71:74:90:81:03:ee:a8:0b:9d:0a:39:
5d:9c:1c:4d:85:4d:a5:c4:f4:18:f5:30:21:ac:22:
f0:f7:5c:c8:0b:07:54:e7:c2:63:7d:42:f7:6e:d8:
10:b2:e5:40:0a:fc:57:95:0c:c1:4c:4f:8d:78:9f:
5d:f4:aa:5d:c9:34:91:7b:ee:9b:e6:02:0a:6f:aa:
36:5a:cc:ee:f5:ad:47:9f:04:f4:f8:1b:d9:3f:4c:
38:5e:11:ab:07:41:e6:11:f1:af:33:ad:fd:a9:0b:
59:af:c8:8d:e5:51:55:2b:3c:26:2d:e9:19:e0:ab:
4d:88:c3:5c:aa:d5:bb:46:bb:38:34:12:e0:a9:41:
da:aa:59:2d:38:91:56:42:28:64:3a:f3:97:0c:95:
d8:13:d8:77:47:f1:3d:a1:c5:21:94:c1:c3:c6:63:
5e:38:a5:79:4f:f7:cb:28:7c:e1:5c:61:fd:92:03:
f9:51:e6:47:78:18:77:67:51:52:8b:cb:f9:df:31:
83:47:c8:4c:86:5f:7d:f6:c7:a9:20:d3:c5:f0:60:
b8:80:82:f9:f5:e9:45:b5:d7:d8:17:37:98:05:f2:
c8:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:A1:D3:88:22:E4:82:94:5C:22:0E:EA:1D:1F:64:6A:C1:0B:D1:B0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68ece0e7-075e-4bcd-873e-0c74882a8546.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8080::/48
Signature Algorithm: sha256WithRSAEncryption
9d:89:9e:9d:c9:e7:65:9d:99:85:0e:69:b0:d0:a4:a2:b9:fc:
36:82:5b:27:df:53:da:6f:03:f9:f1:56:8e:df:7f:66:90:86:
74:7a:63:cf:45:16:eb:a3:f7:be:8d:c5:bc:29:db:54:3c:ef:
1a:32:9c:83:a8:0d:81:a6:73:8d:df:40:c6:b3:2d:31:05:da:
91:fb:f1:93:7b:f6:56:81:c8:71:b5:4d:21:33:ef:a3:d0:6e:
ad:14:8b:46:c0:43:30:9e:16:78:43:2e:30:05:a0:ae:ab:f5:
67:b7:7c:22:e6:e7:d7:d5:4e:e9:6e:c2:0e:27:52:11:de:04:
5c:0f:ce:39:71:b8:f6:ba:93:3d:4e:9d:0d:69:90:df:f4:07:
65:bb:c9:11:58:1d:d1:b9:46:35:66:f6:30:06:97:55:8b:ac:
23:20:cc:8b:60:10:5d:c9:96:51:83:79:7e:8b:5c:53:3f:b0:
56:73:f3:a4:4d:f6:c2:10:eb:eb:09:4a:9b:ea:bb:68:da:76:
ae:a1:d7:f7:ce:cc:2c:e2:15:25:20:99:d7:4c:4f:30:09:af:
13:bf:b5:9f:7d:eb:61:f2:d8:aa:f0:b8:9f:e4:b9:6b:92:69:
98:c0:aa:f7:d0:ad:ab:f2:11:bb:24:c5:18:23:69:0b:d4:55:
d3:dc:e7:3b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGjIXkxq0pmvmH/h0Euv3i6MzElUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTAwMjNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGRmNmM5MjIzYTM2YjU2ZWJmMjEwMWJkNjg5Zjc3NWU2YzRmN2Y1YzlmNmJh
MzJkZjY4M2QwZWNlOWRhM2JkNjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKWx9ZqFtn18ipny0BjXuOS7G9ExA5dpDmiqzS2fMe8QiHF0kIED7qgLnQo5
XZwcTYVNpcT0GPUwIawi8PdcyAsHVOfCY31C927YELLlQAr8V5UMwUxPjXifXfSq
Xck0kXvum+YCCm+qNlrM7vWtR58E9Pgb2T9MOF4RqwdB5hHxrzOt/akLWa/IjeVR
VSs8Ji3pGeCrTYjDXKrVu0a7ODQS4KlB2qpZLTiRVkIoZDrzlwyV2BPYd0fxPaHF
IZTBw8ZjXjileU/3yyh84Vxh/ZID+VHmR3gYd2dRUovL+d8xg0fITIZfffbHqSDT
xfBguICC+fXpRbXX2Bc3mAXyyKECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSeodOI
IuSClFwiDuodH2RqwQvRsDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjhlY2UwZTctMDc1ZS00YmNkLTg3M2UtMGM3NDg4MmE4NTQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
gDANBgkqhkiG9w0BAQsFAAOCAQEAnYmencnnZZ2ZhQ5psNCkorn8NoJbJ99T2m8D
+fFWjt9/ZpCGdHpjz0UW66P3vo3FvCnbVDzvGjKcg6gNgaZzjd9AxrMtMQXakfvx
k3v2VoHIcbVNITPvo9BurRSLRsBDMJ4WeEMuMAWgrqv1Z7d8Iubn19VO6W7CDidS
Ed4EXA/OOXG49rqTPU6dDWmQ3/QHZbvJEVgd0blGNWb2MAaXVYusIyDMi2AQXcmW
UYN5fotcUz+wVnPzpE32whDr6wlKm+q7aNp2rqHX987MLOIVJSCZ10xPMAmvE7+1
n33rYfLYqvC4n+S5a5JpmMCq99Ctq/IRuyTFGCNpC9RV09znOw==
-----END CERTIFICATE-----
Generated at Tue May 6 11:13:18 2025 by rpki-client