Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68f2af14-43e2-4447-a8a7-f8fe713e249e.roa
File: 68f2af14-43e2-4447-a8a7-f8fe713e249e.roa (raw, json)
Hash identifier: hfhsC+fykG5AMQD/yixmt0k3iJTlZk43oIPqevzumm8=
Subject key identifier: 51:35:54:AD:18:C5:92:77:64:B5:C5:9D:E3:98:72:00:A3:52:41:70
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 719D8B72EFB9F44F6B3336D4C3218687D14C320C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68f2af14-43e2-4447-a8a7-f8fe713e249e.roa
Signing time: Wed 30 Apr 2025 00:10:16 +0000
ROA not before: Wed 30 Apr 2025 00:10:16 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01f:800::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:9d:8b:72:ef:b9:f4:4f:6b:33:36:d4:c3:21:86:87:d1:4c:32:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 30 00:10:16 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=06944f166baa0980b5dbd211076aebcc1853d88d6612330bb2ecf5aa20e71522, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:37:3b:d8:62:43:17:e3:5b:7b:9b:c6:02:de:
25:cf:28:ab:39:2d:26:41:d6:0e:a2:cc:3a:de:00:
1e:48:af:67:b8:2e:65:4a:10:9b:b7:54:01:c4:0b:
2b:bc:6e:50:09:c4:10:72:3b:f9:df:8c:b1:b0:3d:
2d:ff:38:5c:24:d1:e7:e5:45:8e:c2:3b:7c:1a:73:
42:a8:f9:e3:90:58:48:89:46:9e:16:d0:cf:a0:3e:
32:40:d0:c8:b8:f3:d7:65:d3:0a:cb:29:5e:28:d8:
df:21:16:30:88:eb:41:ec:30:b4:c6:a4:f6:77:ff:
cd:ba:05:2e:3d:34:a2:c7:86:1a:fd:38:df:83:1b:
eb:e8:4a:95:5a:76:7c:be:06:fa:54:f5:1d:d0:af:
c0:6d:46:04:3f:28:cd:a4:6b:a7:fe:fd:d4:e4:a0:
72:b1:6d:a4:5f:d2:0d:62:51:dc:f5:d8:42:ba:96:
06:78:77:fd:96:6b:df:94:c6:88:f2:ed:0b:27:fe:
fe:f0:a1:98:11:53:02:3d:63:8d:b5:b2:ad:8f:fe:
a1:b4:a1:3a:51:a1:70:08:57:8a:cd:33:3e:78:e1:
35:0e:ca:37:df:ac:18:6f:46:ad:9a:cc:9b:cc:22:
3e:a7:10:10:70:20:7d:eb:52:e0:97:77:0c:87:36:
cb:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:35:54:AD:18:C5:92:77:64:B5:C5:9D:E3:98:72:00:A3:52:41:70
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68f2af14-43e2-4447-a8a7-f8fe713e249e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01f:800::/37
Signature Algorithm: sha256WithRSAEncryption
0d:4e:7a:22:3d:13:e4:d3:b4:33:e3:2e:db:3a:9b:c0:a1:f7:
c5:57:3c:2d:8c:a4:6b:94:26:a9:70:b2:fc:7a:a7:2b:fc:0b:
88:82:2b:e1:22:99:4e:51:ef:a4:49:ad:db:42:60:eb:c1:7b:
3f:ca:24:07:38:f8:77:e0:bd:36:42:2a:30:a1:18:79:21:b0:
c4:69:a0:14:2d:1a:cf:02:78:63:91:4f:4e:e3:81:0d:6f:f2:
f5:52:19:d8:86:a4:a8:7d:60:bc:a5:d1:f6:9f:6a:77:29:44:
a4:16:4b:c5:19:13:22:8f:c6:1e:87:eb:c9:dd:e3:75:e6:d2:
f8:c0:b3:9e:83:d6:52:12:ce:a3:10:a7:22:bf:cb:7f:a1:f7:
61:cb:cb:81:08:53:53:b3:b9:f7:ce:99:18:81:d1:58:6b:76:
96:b2:8d:60:74:a2:7b:70:ab:e4:69:52:dc:13:90:6f:d9:6b:
fb:89:a5:ab:4b:c2:72:6b:b9:58:db:09:bd:cc:77:ad:a1:d4:
a6:b7:d0:81:fc:0e:92:2d:b6:c9:58:49:15:74:6b:4e:32:1f:
1e:e1:18:8b:51:23:0a:ab:06:c4:1d:25:78:e2:76:a9:62:c5:
5e:56:a1:a7:b6:0e:6b:5a:06:85:f2:15:a9:03:f4:1d:cb:92:
44:4b:37:24
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcZ2Lcu+59E9rMzbUwyGGh9FMMgwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MzAwMDEwMTZaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2OTQ0ZjE2NmJhYTA5ODBiNWRiZDIxMTA3NmFlYmNjMTg1M2Q4OGQ2NjEy
MzMwYmIyZWNmNWFhMjBlNzE1MjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL43O9hiQxfjW3ubxgLeJc8oqzktJkHWDqLMOt4AHkivZ7guZUoQm7dUAcQL
K7xuUAnEEHI7+d+MsbA9Lf84XCTR5+VFjsI7fBpzQqj545BYSIlGnhbQz6A+MkDQ
yLjz12XTCsspXijY3yEWMIjrQewwtMak9nf/zboFLj00oseGGv0434Mb6+hKlVp2
fL4G+lT1HdCvwG1GBD8ozaRrp/791OSgcrFtpF/SDWJR3PXYQrqWBnh3/ZZr35TG
iPLtCyf+/vChmBFTAj1jjbWyrY/+obShOlGhcAhXis0zPnjhNQ7KN9+sGG9GrZrM
m8wiPqcQEHAgfetS4Jd3DIc2y6sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRRNVSt
GMWSd2S1xZ3jmHIAo1JBcDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjhmMmFmMTQtNDNlMi00NDQ3LWE4YTctZjhmZTcxM2UyNDllLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0B8I
MA0GCSqGSIb3DQEBCwUAA4IBAQANTnoiPRPk07Qz4y7bOpvAoffFVzwtjKRrlCap
cLL8eqcr/AuIgivhIplOUe+kSa3bQmDrwXs/yiQHOPh34L02QiowoRh5IbDEaaAU
LRrPAnhjkU9O44ENb/L1UhnYhqSofWC8pdH2n2p3KUSkFkvFGRMij8Yeh+vJ3eN1
5tL4wLOeg9ZSEs6jEKciv8t/ofdhy8uBCFNTs7n3zpkYgdFYa3aWso1gdKJ7cKvk
aVLcE5Bv2Wv7iaWrS8Jya7lY2wm9zHetodSmt9CB/A6SLbbJWEkVdGtOMh8e4RiL
USMKqwbEHSV44napYsVeVqGntg5rWgaF8hWpA/Qdy5JESzck
-----END CERTIFICATE-----
Generated at Mon May 5 10:32:59 2025 by rpki-client