Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76526233-4062-463b-bfd0-bbe1d12891fa.roa
File: 76526233-4062-463b-bfd0-bbe1d12891fa.roa (raw, json)
Hash identifier: FO0iKrrVL/8WF6rpF8tuexa5I4/a1W9kiGkEkuMiQfM=
Subject key identifier: 26:65:48:23:AD:E4:76:33:EC:8B:63:E5:0E:DB:9D:FE:CE:57:8B:3A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 345E70F9EB6A3E5A92D72B00CAAB1A156113BD03
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76526233-4062-463b-bfd0-bbe1d12891fa.roa
Signing time: Fri 18 Apr 2025 18:30:25 +0000
ROA not before: Fri 18 Apr 2025 18:30:25 +0000
ROA not after: Fri 23 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4010::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:5e:70:f9:eb:6a:3e:5a:92:d7:2b:00:ca:ab:1a:15:61:13:bd:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 18 18:30:25 2025 GMT
Not After : May 23 23:59:59 2025 GMT
Subject: serialNumber=862b3050c6403d8ff9dfda640894b5551520cd742fa50f6b4668853dd193c957, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:28:89:be:d2:8b:71:86:b4:31:9d:bc:57:02:
cf:f7:42:e4:a9:51:8f:6c:42:f2:f2:d6:f3:e8:19:
10:4b:5e:67:e8:9f:51:8c:91:fc:5c:bb:4e:91:62:
af:ad:c5:4b:41:b9:47:c1:c5:f8:96:30:e9:b4:87:
65:20:62:0a:30:ac:95:ef:2e:d5:3e:b9:20:a7:87:
de:e6:7a:68:13:09:24:ba:3c:ec:0b:ae:f4:60:06:
b3:f6:79:b3:c4:4d:95:5a:dd:16:e0:2e:d7:f5:b2:
d8:c4:da:7b:b4:c1:71:18:de:d5:be:13:bf:32:14:
18:d8:9a:5f:62:2b:37:7c:2e:6a:31:cc:c2:ac:69:
52:79:04:4f:1f:d2:97:23:77:cc:0e:2d:dc:62:3a:
3b:82:d7:63:73:2d:4d:81:82:0a:15:ff:39:99:bc:
fe:49:43:be:32:4e:8b:a0:eb:a0:08:8d:d4:b2:10:
3c:f9:71:bd:bc:31:10:cc:76:db:2c:bb:ca:41:ba:
73:e9:ef:0d:81:ea:b1:9d:31:d2:09:c8:a6:e1:c2:
b5:58:12:58:cd:06:63:c9:4c:b0:3f:5c:78:1a:8a:
5c:f5:dd:cf:2e:73:28:c8:4c:d3:f3:67:12:43:c3:
13:61:1d:98:22:be:72:33:bd:a0:b6:e7:17:1f:c2:
35:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:65:48:23:AD:E4:76:33:EC:8B:63:E5:0E:DB:9D:FE:CE:57:8B:3A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76526233-4062-463b-bfd0-bbe1d12891fa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4010::/48
Signature Algorithm: sha256WithRSAEncryption
78:85:27:99:1a:37:7c:9d:51:f8:c7:2b:8e:12:59:cc:ce:aa:
84:1b:28:67:34:39:52:fe:51:d7:1f:2f:72:ef:90:40:8e:ac:
4d:5a:17:8e:e3:a7:2b:47:11:91:f7:5c:75:8b:18:dc:94:7e:
a5:1e:da:df:44:49:d8:bb:1d:5f:ab:f5:5d:ec:ea:26:20:d1:
2e:88:fe:b4:e5:ca:e6:d8:26:0c:f8:f5:9a:10:d3:f1:ea:2c:
77:e9:0a:1c:91:92:4f:5b:52:09:df:f9:4d:f2:07:9d:d0:e7:
fe:28:71:95:26:75:07:52:c0:9e:de:15:14:64:7b:1e:5c:0f:
a3:96:c5:08:ca:2d:88:2c:33:6f:83:43:6a:f5:50:ee:53:b1:
ba:82:a3:1d:80:06:07:bb:39:f9:7a:83:8e:c5:ac:88:24:5a:
d7:92:44:63:b0:c3:f1:f2:02:d8:88:6b:74:05:fc:4e:24:1a:
11:15:de:5c:46:61:a8:28:ba:77:af:f2:05:41:1d:ca:ab:ca:
07:40:95:d5:75:1a:8b:4d:67:f5:aa:f7:96:02:a9:9f:2d:82:
5c:55:f7:73:d2:d9:cd:3d:13:5d:e6:aa:4c:7f:65:74:44:59:
28:e5:81:a9:2a:95:7a:53:54:39:2c:21:f4:51:75:33:fa:4e:
56:43:d4:b0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNF5w+etqPlqS1ysAyqsaFWETvQMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTgxODMwMjVaFw0yNTA1MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDg2MmIzMDUwYzY0MDNkOGZmOWRmZGE2NDA4OTRiNTU1MTUyMGNkNzQyZmE1
MGY2YjQ2Njg4NTNkZDE5M2M5NTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANooib7Si3GGtDGdvFcCz/dC5KlRj2xC8vLW8+gZEEteZ+ifUYyR/Fy7TpFi
r63FS0G5R8HF+JYw6bSHZSBiCjCsle8u1T65IKeH3uZ6aBMJJLo87Auu9GAGs/Z5
s8RNlVrdFuAu1/Wy2MTae7TBcRje1b4TvzIUGNiaX2IrN3wuajHMwqxpUnkETx/S
lyN3zA4t3GI6O4LXY3MtTYGCChX/OZm8/klDvjJOi6DroAiN1LIQPPlxvbwxEMx2
2yy7ykG6c+nvDYHqsZ0x0gnIpuHCtVgSWM0GY8lMsD9ceBqKXPXdzy5zKMhM0/Nn
EkPDE2EdmCK+cjO9oLbnFx/CNTMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQmZUgj
reR2M+yLY+UO253+zleLOjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzY1MjYyMzMtNDA2Mi00NjNiLWJmZDAtYmJlMWQxMjg5MWZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
EDANBgkqhkiG9w0BAQsFAAOCAQEAeIUnmRo3fJ1R+McrjhJZzM6qhBsoZzQ5Uv5R
1x8vcu+QQI6sTVoXjuOnK0cRkfdcdYsY3JR+pR7a30RJ2LsdX6v1XezqJiDRLoj+
tOXK5tgmDPj1mhDT8eosd+kKHJGST1tSCd/5TfIHndDn/ihxlSZ1B1LAnt4VFGR7
HlwPo5bFCMotiCwzb4NDavVQ7lOxuoKjHYAGB7s5+XqDjsWsiCRa15JEY7DD8fIC
2IhrdAX8TiQaERXeXEZhqCi6d6/yBUEdyqvKB0CV1XUai01n9ar3lgKpny2CXFX3
c9LZzT0TXeaqTH9ldERZKOWBqSqVelNUOSwh9FF1M/pOVkPUsA==
-----END CERTIFICATE-----
Generated at Mon May 5 03:56:41 2025 by rpki-client