Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7c168279-3466-4837-b4c2-65829712acef.roa
File: 7c168279-3466-4837-b4c2-65829712acef.roa (raw, json)
Hash identifier: RQtwWylkilCh018+9MYDv4iJDOfcVzVQWmZ8f6VFxp0=
Subject key identifier: B2:DA:07:54:C5:70:E3:7D:D9:7E:AF:0B:C0:13:82:4C:88:EB:A6:DC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 79F313048778687B9CC74987EAF8A9219D3F9788
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7c168279-3466-4837-b4c2-65829712acef.roa
Signing time: Mon 28 Apr 2025 15:41:02 +0000
ROA not before: Mon 28 Apr 2025 15:41:02 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:f3:13:04:87:78:68:7b:9c:c7:49:87:ea:f8:a9:21:9d:3f:97:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 28 15:41:02 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=5bb3e60d9b552babf54b6b413366934eccfa65d6f6e323470e50b58b41c41b38, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:93:4a:a3:70:34:1c:9f:44:6e:a3:bc:6c:76:
e1:ea:2b:52:fa:90:31:43:20:28:9b:12:60:75:27:
d2:f4:43:fe:08:c3:93:67:91:6b:63:4d:4b:9b:8e:
f7:7e:ad:2b:4b:82:81:53:0d:e0:b2:8e:39:86:49:
4b:b7:d6:74:18:7d:d2:f8:d0:ab:a0:fa:84:61:ca:
38:4a:b1:d9:24:76:dc:ad:29:e2:43:73:02:ae:db:
22:9f:15:de:47:3b:46:b0:4d:0f:fd:b9:9b:22:e8:
33:e1:e6:65:40:2a:b3:1a:6a:1e:64:05:97:c9:2d:
3d:07:6b:18:0c:40:4a:bd:3d:59:f6:74:6b:ba:44:
6b:86:6b:00:99:6c:d1:50:b3:f4:a3:6e:cc:0b:cb:
10:63:56:44:e0:72:83:d1:11:d9:a7:c1:5c:e7:1c:
0e:97:d4:65:79:96:76:04:c4:e1:ef:73:11:57:7a:
a7:a7:f4:05:c4:e9:db:9f:47:36:54:59:18:11:39:
3b:9e:73:88:33:c2:c1:b9:fc:f0:5c:76:7c:4f:f0:
48:42:55:ad:0a:8c:58:2a:ce:7a:0b:9b:9a:5e:5f:
ae:ac:7c:f7:67:9e:cc:99:a7:64:55:e6:ab:23:6c:
5d:49:1b:67:f8:0a:0a:f0:4c:e7:fa:f3:4e:b3:00:
da:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:DA:07:54:C5:70:E3:7D:D9:7E:AF:0B:C0:13:82:4C:88:EB:A6:DC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7c168279-3466-4837-b4c2-65829712acef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:a000::/40
Signature Algorithm: sha256WithRSAEncryption
be:f8:51:81:42:66:1e:72:95:5b:f5:55:86:ff:f9:40:26:d7:
1e:af:aa:99:a0:95:21:d3:9f:09:6a:eb:e9:6a:5a:76:6d:e1:
7c:63:c8:03:d5:31:5d:cc:f5:32:6a:3a:6b:bd:8f:c8:79:b3:
62:9e:8d:4e:91:6b:4f:3f:28:68:03:5f:de:54:cc:03:90:93:
86:af:bb:a9:9b:c9:8f:f7:b5:0f:48:f6:e2:45:b1:86:6f:d5:
e9:7e:29:ea:25:7c:75:fa:a1:7b:11:db:6a:2e:12:32:b6:f2:
36:0c:62:cb:2e:44:04:7f:c0:e6:3d:b1:52:9c:01:80:d7:f8:
f1:5a:31:0e:04:e7:8b:fe:d1:fc:db:bc:e6:7b:fb:50:6a:3b:
3b:6e:60:34:54:c4:86:c0:9c:9a:3a:a6:39:3c:44:9c:48:58:
6c:72:f2:92:f5:bf:63:56:7d:0f:23:08:92:54:00:32:60:81:
ad:8a:00:41:22:30:62:b7:59:c8:f6:0e:8b:45:67:05:75:fe:
af:e8:93:05:57:e1:c7:ce:5c:99:51:6b:75:5e:80:ed:d9:87:
45:4e:8f:4f:da:9b:0a:e4:02:37:e4:39:1b:ea:47:97:3a:df:
fb:3e:92:f6:c3:2e:9a:74:1c:b4:8c:88:8d:a2:bc:ec:4e:66:
c9:47:9b:e2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUefMTBId4aHucx0mH6vipIZ0/l4gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjgxNTQxMDJaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDViYjNlNjBkOWI1NTJiYWJmNTRiNmI0MTMzNjY5MzRlY2NmYTY1ZDZmNmUz
MjM0NzBlNTBiNThiNDFjNDFiMzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL2TSqNwNByfRG6jvGx24eorUvqQMUMgKJsSYHUn0vRD/gjDk2eRa2NNS5uO
936tK0uCgVMN4LKOOYZJS7fWdBh90vjQq6D6hGHKOEqx2SR23K0p4kNzAq7bIp8V
3kc7RrBND/25myLoM+HmZUAqsxpqHmQFl8ktPQdrGAxASr09WfZ0a7pEa4ZrAJls
0VCz9KNuzAvLEGNWROByg9ER2afBXOccDpfUZXmWdgTE4e9zEVd6p6f0BcTp259H
NlRZGBE5O55ziDPCwbn88Fx2fE/wSEJVrQqMWCrOegubml5frqx892eezJmnZFXm
qyNsXUkbZ/gKCvBM5/rzTrMA2gcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSy2gdU
xXDjfdl+rwvAE4JMiOum3DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2MxNjgyNzktMzQ2Ni00ODM3LWI0YzItNjU4Mjk3MTJhY2VmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fmg
MA0GCSqGSIb3DQEBCwUAA4IBAQC++FGBQmYecpVb9VWG//lAJtcer6qZoJUh058J
auvpalp2beF8Y8gD1TFdzPUyajprvY/IebNino1OkWtPPyhoA1/eVMwDkJOGr7up
m8mP97UPSPbiRbGGb9XpfinqJXx1+qF7EdtqLhIytvI2DGLLLkQEf8DmPbFSnAGA
1/jxWjEOBOeL/tH827zme/tQajs7bmA0VMSGwJyaOqY5PEScSFhscvKS9b9jVn0P
IwiSVAAyYIGtigBBIjBit1nI9g6LRWcFdf6v6JMFV+HHzlyZUWt1XoDt2YdFTo9P
2psK5AI35Dkb6keXOt/7PpL2wy6adBy0jIiNorzsTmbJR5vi
-----END CERTIFICATE-----
Generated at Mon May 5 08:43:21 2025 by rpki-client