Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/699ed05f-92ce-48c3-8186-6564a7373323.roa
File: 699ed05f-92ce-48c3-8186-6564a7373323.roa (raw, json)
Hash identifier: rz/lx9QSgOXXDTMJYDRGS/cto1Xoj17Bns4bMsrzZ00=
Subject key identifier: 77:67:3B:F7:92:C3:39:56:C9:BC:FF:95:17:55:07:DD:DA:A2:1E:70
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B8561A24ABA0D3D1DBBC0FDB6F241B377DD6FDF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/699ed05f-92ce-48c3-8186-6564a7373323.roa
Signing time: Fri 25 Apr 2025 18:11:14 +0000
ROA not before: Fri 25 Apr 2025 18:11:14 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:c040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 18:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:85:61:a2:4a:ba:0d:3d:1d:bb:c0:fd:b6:f2:41:b3:77:dd:6f:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:11:14 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=a24c3d70f2d20f31c9c14872a03aacd9c3b78e120358b4435f2d72117d1d76ec, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:74:a2:03:6d:d3:7a:71:18:80:ca:9c:9e:28:
ac:a6:4a:4f:7b:ef:5c:3c:ca:33:1d:07:73:81:eb:
e7:5d:43:0d:81:b7:be:02:cf:c6:34:f2:5f:e2:09:
27:53:f5:df:7e:c8:73:ae:10:43:b0:3d:3f:ba:8a:
0a:04:01:40:fd:63:80:52:ac:77:80:64:01:de:06:
de:29:25:ef:d0:a8:9d:3c:f2:f3:23:26:3e:01:35:
5b:32:dd:57:c1:3f:38:53:9f:c8:86:26:c1:4a:d2:
77:5c:95:b9:18:de:9d:41:d0:d8:1c:ec:60:64:b8:
2a:06:c1:db:10:c5:b1:e5:95:97:9d:d3:12:18:90:
14:bc:13:1e:24:8c:a9:ca:fb:27:e9:96:9c:68:3a:
e6:db:30:d1:9b:2e:26:dd:77:fb:ed:1d:fc:b5:3a:
59:c9:fd:a8:fb:b0:78:a2:54:07:a3:de:74:ad:cb:
76:16:bf:f2:1e:04:b5:41:80:18:5c:ca:30:da:93:
37:ca:61:2a:72:85:c8:cc:e1:fe:1c:bc:81:b3:3a:
48:02:24:02:4d:f6:aa:56:de:7c:f5:0b:70:94:c4:
1d:55:d7:71:3c:ba:0e:1f:f7:45:5d:c4:ad:6b:ca:
d4:76:06:bc:f4:f6:48:b4:f1:f0:61:ca:45:bf:e6:
84:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:67:3B:F7:92:C3:39:56:C9:BC:FF:95:17:55:07:DD:DA:A2:1E:70
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/699ed05f-92ce-48c3-8186-6564a7373323.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:c040::/48
Signature Algorithm: sha256WithRSAEncryption
18:7e:5b:dc:0f:42:21:eb:ba:32:e1:41:00:9b:48:bb:f4:71:
a9:51:0b:00:d6:93:04:da:6c:a8:88:f9:fe:cb:52:42:b8:ae:
d2:00:c4:cb:7c:d9:cf:a1:67:20:dc:49:db:3f:7e:47:4d:37:
82:c8:78:fb:16:83:d1:eb:7e:e0:da:51:93:47:62:9c:0b:c2:
7d:d7:4a:6f:2a:b2:2a:1a:d1:1c:77:57:dc:28:37:d3:c0:04:
c8:03:32:3d:ad:59:ea:8f:52:d5:b0:42:70:8a:6e:97:77:81:
a4:60:1c:80:9c:3d:49:72:61:06:f9:80:f2:bc:9d:a3:6a:8c:
6b:d0:d5:56:40:a5:ff:3f:30:36:f6:5b:eb:90:12:bf:06:38:
b8:a0:89:a3:e0:73:e3:e6:e8:fb:1a:f7:85:02:17:c2:0b:8c:
54:9f:10:f5:b7:14:23:6b:24:c7:00:d9:8c:0b:79:b1:e4:fa:
d7:a0:19:bd:50:81:8c:43:67:62:b5:33:6c:af:ba:31:1c:03:
06:d2:14:1d:1b:c4:a2:64:26:01:68:78:e8:53:a1:14:bd:13:
93:6e:7e:00:23:ab:80:36:92:70:6d:b6:6f:5f:86:0f:31:a7:
66:57:86:6d:4b:e6:24:77:6d:fb:82:16:6d:86:16:a9:e8:bb:
a8:99:81:c7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUC4Vhokq6DT0du8D9tvJBs3fdb98wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODExMTRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGEyNGMzZDcwZjJkMjBmMzFjOWMxNDg3MmEwM2FhY2Q5YzNiNzhlMTIwMzU4
YjQ0MzVmMmQ3MjExN2QxZDc2ZWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJh0ogNt03pxGIDKnJ4orKZKT3vvXDzKMx0Hc4Hr511DDYG3vgLPxjTyX+IJ
J1P1337Ic64QQ7A9P7qKCgQBQP1jgFKsd4BkAd4G3ikl79ConTzy8yMmPgE1WzLd
V8E/OFOfyIYmwUrSd1yVuRjenUHQ2BzsYGS4KgbB2xDFseWVl53TEhiQFLwTHiSM
qcr7J+mWnGg65tsw0ZsuJt13++0d/LU6Wcn9qPuweKJUB6PedK3Ldha/8h4EtUGA
GFzKMNqTN8phKnKFyMzh/hy8gbM6SAIkAk32qlbefPULcJTEHVXXcTy6Dh/3RV3E
rWvK1HYGvPT2SLTx8GHKRb/mhJsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR3Zzv3
ksM5Vsm8/5UXVQfd2qIecDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Njk5ZWQwNWYtOTJjZS00OGMzLTgxODYtNjU2NGE3MzczMzIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHA
QDANBgkqhkiG9w0BAQsFAAOCAQEAGH5b3A9CIeu6MuFBAJtIu/RxqVELANaTBNps
qIj5/stSQriu0gDEy3zZz6FnINxJ2z9+R003gsh4+xaD0et+4NpRk0dinAvCfddK
byqyKhrRHHdX3Cg308AEyAMyPa1Z6o9S1bBCcIpul3eBpGAcgJw9SXJhBvmA8ryd
o2qMa9DVVkCl/z8wNvZb65ASvwY4uKCJo+Bz4+bo+xr3hQIXwguMVJ8Q9bcUI2sk
xwDZjAt5seT616AZvVCBjENnYrUzbK+6MRwDBtIUHRvEomQmAWh46FOhFL0Tk25+
ACOrgDaScG22b1+GDzGnZleGbUvmJHdt+4IWbYYWqei7qJmBxw==
-----END CERTIFICATE-----
Generated at Mon May 5 23:38:31 2025 by rpki-client