Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ee424d6-a067-4fb9-a82e-05890cf8a88f.roa
File: 6ee424d6-a067-4fb9-a82e-05890cf8a88f.roa (raw, json)
Hash identifier: 2T6B5NT6tr5DtZGw2uPJwKNrM9aWvghm/MiXWiFEZXo=
Subject key identifier: 3A:51:A2:09:91:CC:60:CF:FC:79:04:29:C8:C4:86:92:7B:37:0C:EF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 086415AF94F7AECB43399B1C6EA7F589C5C97E58
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ee424d6-a067-4fb9-a82e-05890cf8a88f.roa
Signing time: Fri 25 Apr 2025 19:40:20 +0000
ROA not before: Fri 25 Apr 2025 19:40:20 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:64:15:af:94:f7:ae:cb:43:39:9b:1c:6e:a7:f5:89:c5:c9:7e:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:40:20 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=f376ba61e7890afff21f642127a8d579283dd85274ad0733a67d8fa7817aa792, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:70:0b:b7:9d:a2:7f:f8:c6:ef:db:1c:ac:9b:
62:52:5d:aa:26:da:7e:bf:10:37:de:e7:11:ec:ac:
0c:d0:a4:0b:f0:19:e4:02:49:0e:59:1d:3f:43:bb:
f2:da:e1:1a:e8:75:cf:28:25:4e:a1:1f:de:fb:ca:
ec:10:6d:e6:56:7d:72:b0:e8:fe:e0:e4:f4:7e:8e:
c2:10:28:b2:94:44:8c:59:34:98:32:2e:3e:e3:7b:
ad:ab:8a:eb:ae:1a:2f:c1:41:40:01:01:8f:87:d2:
36:be:3b:04:2a:c1:9a:0b:d3:43:bf:87:f3:f0:63:
8e:0f:0c:2d:66:db:34:fd:33:26:da:7e:ce:83:b6:
a4:45:f7:c8:ed:3d:b8:f0:4d:13:01:68:50:77:58:
55:99:66:9b:ef:6f:43:0e:e6:64:04:31:60:72:57:
1e:9d:d7:c6:6d:7b:b2:81:1a:c8:85:e7:5c:16:61:
fe:0f:1d:5d:9c:fd:73:40:46:12:b4:37:4d:5d:57:
9d:cd:e3:0e:23:96:d0:9e:37:54:99:ce:db:37:52:
24:3c:a0:60:54:52:27:e7:a8:c9:35:5f:60:2e:84:
2c:2f:5b:25:32:48:8b:0e:b4:45:01:b3:21:98:47:
ca:1d:c5:b7:1b:86:5d:1b:84:f8:ba:1f:ab:7f:95:
80:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:51:A2:09:91:CC:60:CF:FC:79:04:29:C8:C4:86:92:7B:37:0C:EF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ee424d6-a067-4fb9-a82e-05890cf8a88f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:c000::/40
Signature Algorithm: sha256WithRSAEncryption
16:20:d2:39:01:66:d6:72:b1:22:2d:33:b1:ff:54:3d:a5:65:
0e:3b:40:bc:b8:07:e5:bb:76:7b:d7:a9:4a:32:f5:ab:e9:cc:
eb:ab:72:b1:6b:1e:86:2b:0c:06:82:cc:91:cf:ef:d6:07:68:
ff:f0:d0:c4:e1:7c:8e:67:e9:dc:b5:e5:61:a3:a8:76:41:a9:
60:94:ee:86:bd:88:53:6f:0c:76:87:ff:06:15:35:af:28:7e:
ee:49:96:f3:f0:2e:9b:cc:af:a8:90:e9:1d:90:bb:7c:8c:ab:
1b:65:c7:66:9b:fb:63:38:03:2e:ab:50:dc:37:49:4b:c5:ec:
8f:1f:12:18:1e:85:a6:01:62:9b:e6:e8:a1:3f:1b:1f:99:82:
4e:be:e7:28:43:b6:e5:39:1c:aa:36:bf:34:29:01:9b:3c:1f:
99:98:53:92:63:4a:fb:5e:41:64:4b:52:6c:cd:af:68:44:07:
68:9f:9a:ed:99:33:94:60:fd:e8:e2:2e:93:eb:46:0a:c7:45:
a0:aa:49:82:5c:2a:97:d5:2c:54:8c:eb:4f:b2:ff:f1:c7:c7:
53:d2:c1:a5:13:8f:7a:51:eb:64:51:ec:e4:ac:e4:14:91:80:
d9:96:db:7d:9f:e4:2b:6c:6b:41:46:ff:ff:26:20:e5:2d:8a:
aa:b6:dc:b2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCGQVr5T3rstDOZscbqf1icXJflgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTQwMjBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzNzZiYTYxZTc4OTBhZmZmMjFmNjQyMTI3YThkNTc5MjgzZGQ4NTI3NGFk
MDczM2E2N2Q4ZmE3ODE3YWE3OTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMlwC7edon/4xu/bHKybYlJdqibafr8QN97nEeysDNCkC/AZ5AJJDlkdP0O7
8trhGuh1zyglTqEf3vvK7BBt5lZ9crDo/uDk9H6OwhAospREjFk0mDIuPuN7rauK
664aL8FBQAEBj4fSNr47BCrBmgvTQ7+H8/Bjjg8MLWbbNP0zJtp+zoO2pEX3yO09
uPBNEwFoUHdYVZlmm+9vQw7mZAQxYHJXHp3Xxm17soEayIXnXBZh/g8dXZz9c0BG
ErQ3TV1Xnc3jDiOW0J43VJnO2zdSJDygYFRSJ+eoyTVfYC6ELC9bJTJIiw60RQGz
IZhHyh3FtxuGXRuE+Lofq3+VgAMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ6UaIJ
kcxgz/x5BCnIxIaSezcM7zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmVlNDI0ZDYtYTA2Ny00ZmI5LWE4MmUtMDU4OTBjZjhhODhmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FjA
MA0GCSqGSIb3DQEBCwUAA4IBAQAWINI5AWbWcrEiLTOx/1Q9pWUOO0C8uAflu3Z7
16lKMvWr6czrq3Kxax6GKwwGgsyRz+/WB2j/8NDE4XyOZ+ncteVho6h2QalglO6G
vYhTbwx2h/8GFTWvKH7uSZbz8C6bzK+okOkdkLt8jKsbZcdmm/tjOAMuq1DcN0lL
xeyPHxIYHoWmAWKb5uihPxsfmYJOvucoQ7blORyqNr80KQGbPB+ZmFOSY0r7XkFk
S1Jsza9oRAdon5rtmTOUYP3o4i6T60YKx0WgqkmCXCqX1SxUjOtPsv/xx8dT0sGl
E496UetkUezkrOQUkYDZltt9n+QrbGtBRv//JiDlLYqqttyy
-----END CERTIFICATE-----
Generated at Tue May 6 13:40:25 2025 by rpki-client