Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa
File: 7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa (raw, json)
Hash identifier: rzF97dNUqdAqXh/ac1FZ9e0Y5CCN1726AYbRcr90QLU=
Subject key identifier: A4:FA:DA:46:1E:06:3D:46:6C:A9:38:25:BE:A9:7A:69:17:EF:F8:97
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4E603DD6EBEB64E31B7FE875AB1EE57CBD7397B5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa
Signing time: Mon 28 Apr 2025 15:40:33 +0000
ROA not before: Mon 28 Apr 2025 15:40:33 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:60:3d:d6:eb:eb:64:e3:1b:7f:e8:75:ab:1e:e5:7c:bd:73:97:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 28 15:40:33 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=30f974162245d0f9b4bc6833fe21f41f540bb4a0cb743612b85e3706137d030a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:34:8d:b9:d4:30:cd:46:e0:e0:0b:72:75:ea:
b6:82:38:26:55:cb:cb:8c:0e:31:55:4f:00:56:a7:
c8:94:e1:ce:70:94:3b:4d:c5:b3:24:f3:fa:10:ff:
92:c9:79:09:a8:0b:15:b2:8f:ce:3f:6c:1d:63:df:
8a:12:34:99:eb:35:97:3a:86:f9:3e:cf:f4:08:72:
e9:dc:3f:e4:09:3e:86:8c:b4:0a:16:c7:44:ea:83:
7a:19:b8:aa:2d:fa:10:2a:c0:7f:a2:e0:74:c6:19:
4b:17:43:37:0d:1f:32:e4:4d:91:27:91:39:1c:b6:
3f:4c:bb:ef:5d:01:68:69:a4:21:28:3d:36:00:b9:
eb:32:7e:c4:e9:8d:a8:ac:9c:45:be:aa:e1:65:cc:
f2:f8:56:f4:d8:36:2d:14:29:ad:11:4b:85:e7:98:
e3:04:ff:cd:b5:27:86:37:8e:a0:c0:a8:e8:9e:39:
64:83:a6:7e:ad:a9:7f:2b:2b:45:56:86:c6:f7:19:
1e:6f:4d:eb:9f:db:95:15:97:88:4c:71:f2:35:bf:
9c:bf:74:66:38:40:33:c9:0d:fe:32:51:02:cf:54:
21:78:5e:29:a7:22:c8:9a:ce:08:2e:cb:6e:a3:70:
01:ca:3d:62:fa:7b:92:55:23:9f:08:f5:08:40:51:
7d:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:FA:DA:46:1E:06:3D:46:6C:A9:38:25:BE:A9:7A:69:17:EF:F8:97
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:e000::/40
Signature Algorithm: sha256WithRSAEncryption
6a:f9:ee:de:4d:ef:3a:28:f9:39:0b:5e:91:78:7c:2b:c6:25:
8c:d5:b8:fe:3a:8a:e1:45:f9:32:cb:2c:50:2e:72:e5:d2:a5:
5d:8d:31:14:24:68:61:d3:8f:90:65:bd:42:55:b7:13:fa:b2:
d7:2d:be:c6:f1:3f:76:38:5b:9b:56:4a:e7:17:de:14:28:1a:
ac:df:0c:f6:c7:91:a6:59:a7:73:75:e1:23:6d:ca:9a:c3:68:
1a:a6:47:ad:4b:c9:44:cc:8e:d9:2b:a9:04:71:1c:4a:db:18:
ce:53:bd:fb:9a:ca:23:98:a2:6c:83:11:c7:7c:c2:ef:9d:cb:
91:e3:96:44:8a:67:53:1a:22:cd:0a:e8:d9:8a:69:7b:56:8a:
7a:4b:7f:a9:a5:1b:bc:20:ec:a9:4a:16:2f:34:74:bd:46:01:
fc:e0:33:e2:ea:e7:2a:75:1f:a0:93:66:a3:0b:e9:f5:5c:cd:
c9:ca:09:2c:1c:d4:11:0a:f2:5f:17:80:f5:62:ab:a3:f0:ef:
24:f7:ba:43:6a:58:34:92:a4:fa:6e:0c:1b:66:52:69:71:b6:
63:b4:85:bf:37:3f:0f:82:b6:d8:ba:23:f5:38:aa:b0:e3:97:
8e:e9:46:aa:31:db:89:34:db:bf:23:b6:11:28:69:92:8c:b2:
2c:99:73:34
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTmA91uvrZOMbf+h1qx7lfL1zl7UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjgxNTQwMzNaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwZjk3NDE2MjI0NWQwZjliNGJjNjgzM2ZlMjFmNDFmNTQwYmI0YTBjYjc0
MzYxMmI4NWUzNzA2MTM3ZDAzMGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMY0jbnUMM1G4OALcnXqtoI4JlXLy4wOMVVPAFanyJThznCUO03FsyTz+hD/
ksl5CagLFbKPzj9sHWPfihI0mes1lzqG+T7P9Ahy6dw/5Ak+hoy0ChbHROqDehm4
qi36ECrAf6LgdMYZSxdDNw0fMuRNkSeRORy2P0y7710BaGmkISg9NgC56zJ+xOmN
qKycRb6q4WXM8vhW9Ng2LRQprRFLheeY4wT/zbUnhjeOoMCo6J45ZIOmfq2pfysr
RVaGxvcZHm9N65/blRWXiExx8jW/nL90ZjhAM8kN/jJRAs9UIXheKaciyJrOCC7L
bqNwAco9Yvp7klUjnwj1CEBRfY0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSk+tpG
HgY9RmypOCW+qXppF+/4lzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2EyMjE1ZTctNWVlMi00MjBiLThmOTgtNWUwZmFlZjRjYmVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Djg
MA0GCSqGSIb3DQEBCwUAA4IBAQBq+e7eTe86KPk5C16ReHwrxiWM1bj+OorhRfky
yyxQLnLl0qVdjTEUJGhh04+QZb1CVbcT+rLXLb7G8T92OFubVkrnF94UKBqs3wz2
x5GmWadzdeEjbcqaw2gapketS8lEzI7ZK6kEcRxK2xjOU737msojmKJsgxHHfMLv
ncuR45ZEimdTGiLNCujZiml7Vop6S3+ppRu8IOypShYvNHS9RgH84DPi6ucqdR+g
k2ajC+n1XM3JygksHNQRCvJfF4D1Yquj8O8k97pDalg0kqT6bgwbZlJpcbZjtIW/
Nz8PgrbYuiP1OKqw45eO6UaqMduJNNu/I7YRKGmSjLIsmXM0
-----END CERTIFICATE-----
Generated at Mon May 5 08:20:31 2025 by rpki-client