Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7381c075-d96b-43bf-8a89-25dbab9a1a8d.roa
File: 7381c075-d96b-43bf-8a89-25dbab9a1a8d.roa (raw, json)
Hash identifier: RKVos7y1xQB3/+oiEx9JFbViwRI5Y8S2X1sEdCP3mVU=
Subject key identifier: F0:F0:73:00:C9:DA:FD:1A:F4:EE:1A:0A:1E:0A:50:AE:AB:27:51:0A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4B777526101357EDD8CE69E8AAF0EA75FB3D7934
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7381c075-d96b-43bf-8a89-25dbab9a1a8d.roa
Signing time: Wed 30 Apr 2025 00:10:16 +0000
ROA not before: Wed 30 Apr 2025 00:10:16 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d010::/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 13:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:77:75:26:10:13:57:ed:d8:ce:69:e8:aa:f0:ea:75:fb:3d:79:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 30 00:10:16 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=6b50cd4ee5aaf72c3a6c471eca6e584184e4a94c272046de444a559775b583ea, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:04:49:3f:e0:7a:1c:11:77:c4:c4:d9:a7:4c:
9e:9d:54:4d:d5:2a:92:be:e5:c3:6c:f3:0f:c1:64:
9c:b1:8a:37:cd:d2:ac:0c:c6:11:25:17:bb:91:5e:
e7:b4:31:1a:19:ed:93:e3:9e:79:24:3d:9f:72:32:
3e:3f:c3:0f:42:4c:40:73:de:31:83:d8:2f:64:fc:
a1:b6:cf:7d:f1:10:45:34:7d:04:60:a4:79:a5:de:
3e:63:40:0f:24:f2:58:1a:61:e9:95:d6:e5:8d:0f:
0d:b4:f2:8a:fd:e0:1f:f1:d5:79:a4:65:ba:c9:1d:
fa:49:3b:11:ef:18:b3:e6:6b:12:fa:6a:de:67:23:
8f:78:94:c5:fa:6a:26:dc:e9:bd:44:b5:75:f6:4b:
91:6b:fa:d0:97:83:24:b3:09:01:5b:ee:33:fe:02:
9e:58:4b:d4:5c:0d:b9:52:f9:12:0f:ee:63:d0:05:
76:5a:78:af:b6:e1:26:09:92:1e:ad:3c:26:7a:16:
f4:55:96:16:e0:ce:60:59:7b:c4:02:62:6f:34:08:
31:96:13:82:77:7c:64:cb:85:17:91:dd:05:ce:20:
10:9c:15:5c:94:de:64:76:3e:4b:b1:f7:ac:d1:4b:
9d:f9:be:7b:85:ff:4f:d3:81:2a:97:71:74:1a:71:
02:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:F0:73:00:C9:DA:FD:1A:F4:EE:1A:0A:1E:0A:50:AE:AB:27:51:0A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7381c075-d96b-43bf-8a89-25dbab9a1a8d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d010::/28
Signature Algorithm: sha256WithRSAEncryption
97:23:da:31:c2:7f:b6:85:54:c3:d6:2d:70:1f:e7:ed:7b:d0:
e1:60:40:66:ac:06:f5:ae:84:b4:e6:68:d0:6a:2f:f1:a7:05:
b3:87:82:a7:37:5f:8f:1c:d3:17:2e:fe:c9:ac:57:11:c3:3e:
18:0a:ac:cd:a6:67:56:94:a8:e4:a4:e3:77:2f:9a:ba:4f:68:
85:9c:47:01:9b:2d:9c:87:fd:5e:ef:d6:8b:57:fa:d2:58:9f:
7f:8a:ea:cd:13:22:1b:9e:b3:aa:36:b0:ec:cc:53:b1:3f:d5:
29:ad:e1:7b:79:6a:57:11:f9:49:c5:5c:52:98:03:04:d8:5c:
3f:63:0b:ea:94:7a:c4:9d:71:49:0c:65:d1:4a:78:bc:99:6d:
e8:4b:07:79:09:43:e2:49:ba:61:eb:7d:28:8a:9f:0b:ea:ef:
7d:d8:9d:73:ba:ed:f2:51:02:59:8d:e3:a2:e8:08:79:98:a8:
0e:34:82:16:24:63:d3:9b:f6:17:c7:3f:2d:fa:b1:42:f8:f6:
a5:f2:53:b7:06:66:e1:6c:3f:6f:80:0e:e9:1c:18:c0:29:d7:
51:d4:c7:2b:ad:ac:7d:3b:75:82:f4:53:dc:66:35:10:05:46:
1a:b6:8c:3c:e5:05:28:b9:7d:15:a5:8c:a2:fb:37:2c:eb:1f:
a4:4e:44:c0
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUS3d1JhATV+3YzmnoqvDqdfs9eTQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MzAwMDEwMTZaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDZiNTBjZDRlZTVhYWY3MmMzYTZjNDcxZWNhNmU1ODQxODRlNGE5NGMyNzIw
NDZkZTQ0NGE1NTk3NzViNTgzZWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMUEST/gehwRd8TE2adMnp1UTdUqkr7lw2zzD8FknLGKN83SrAzGESUXu5Fe
57QxGhntk+OeeSQ9n3IyPj/DD0JMQHPeMYPYL2T8obbPffEQRTR9BGCkeaXePmNA
DyTyWBph6ZXW5Y0PDbTyiv3gH/HVeaRluskd+kk7Ee8Ys+ZrEvpq3mcjj3iUxfpq
JtzpvUS1dfZLkWv60JeDJLMJAVvuM/4CnlhL1FwNuVL5Eg/uY9AFdlp4r7bhJgmS
Hq08JnoW9FWWFuDOYFl7xAJibzQIMZYTgnd8ZMuFF5HdBc4gEJwVXJTeZHY+S7H3
rNFLnfm+e4X/T9OBKpdxdBpxArUCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTw8HMA
ydr9GvTuGgoeClCuqydRCjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzM4MWMwNzUtZDk2Yi00M2JmLThhODktMjVkYmFiOWExYThkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFBCoF0BAw
DQYJKoZIhvcNAQELBQADggEBAJcj2jHCf7aFVMPWLXAf5+170OFgQGasBvWuhLTm
aNBqL/GnBbOHgqc3X48c0xcu/smsVxHDPhgKrM2mZ1aUqOSk43cvmrpPaIWcRwGb
LZyH/V7v1otX+tJYn3+K6s0TIhues6o2sOzMU7E/1Smt4Xt5alcR+UnFXFKYAwTY
XD9jC+qUesSdcUkMZdFKeLyZbehLB3kJQ+JJumHrfSiKnwvq733YnXO67fJRAlmN
46LoCHmYqA40ghYkY9Ob9hfHPy36sUL49qXyU7cGZuFsP2+ADukcGMAp11HUxyut
rH07dYL0U9xmNRAFRhq2jDzlBSi5fRWljKL7NyzrH6RORMA=
-----END CERTIFICATE-----
Generated at Wed May 7 19:49:41 2025 by rpki-client