Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7e690adc-099c-4d58-ad1b-856f693d90b3.roa
File: 7e690adc-099c-4d58-ad1b-856f693d90b3.roa (raw, json)
Hash identifier: MiGwRvLizkWPZ1yAdEw+CwNphlBNUnfv8D2L+iiw7sQ=
Subject key identifier: 70:F2:83:7A:7E:22:BB:88:8A:00:01:E9:57:B9:59:DB:FD:58:47:8D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B92A4DF86005370E383F39DC2F5C8B0BEBF97BB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7e690adc-099c-4d58-ad1b-856f693d90b3.roa
Signing time: Tue 15 Apr 2025 15:10:07 +0000
ROA not before: Tue 15 Apr 2025 15:10:07 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 18:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:92:a4:df:86:00:53:70:e3:83:f3:9d:c2:f5:c8:b0:be:bf:97:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:10:07 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=9a57c5f8dbe03eefaa96e5328476dc4b265c4acae8ef9e5cd5f5af361b086363, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b3:33:02:74:d6:56:c4:92:5e:c6:df:da:fa:
bd:99:bd:9a:5d:5a:a8:bb:0b:5d:53:e6:cf:75:3d:
d3:8b:af:88:b0:8d:f7:66:3c:24:d3:5a:9e:0c:4b:
61:88:91:06:a7:45:2f:ad:51:9b:a4:19:7d:d9:e2:
2e:8f:f1:13:29:7a:e0:a9:3a:6c:0a:98:05:60:6e:
59:5b:51:af:d2:e7:8f:71:25:a8:37:33:62:89:a3:
a6:7b:42:2c:86:d4:bb:f1:6d:67:83:71:e2:f4:bc:
82:b2:7b:a4:74:6d:51:5c:85:27:c2:52:eb:ca:fd:
32:cb:32:d8:76:37:6c:41:90:39:51:f5:00:20:2b:
a9:4b:b2:f1:af:69:93:c9:da:a8:08:8b:b7:09:9b:
6a:48:5e:d4:48:2d:a2:53:36:03:ef:73:ec:f0:96:
5d:9d:2a:86:c7:94:67:73:51:8a:e8:26:22:45:b6:
12:51:49:2f:5d:6c:43:7f:76:2e:e9:c2:48:b0:1f:
60:e4:a4:ac:fa:ca:bf:61:22:21:0b:19:00:a1:31:
c4:65:7f:4d:67:be:bf:41:e7:d2:45:9e:89:ec:b5:
ac:b6:37:de:84:b6:67:37:0b:0f:4c:c0:99:07:10:
b7:5d:4e:1e:c2:19:7e:cc:20:67:7a:61:63:da:47:
3c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:F2:83:7A:7E:22:BB:88:8A:00:01:E9:57:B9:59:DB:FD:58:47:8D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7e690adc-099c-4d58-ad1b-856f693d90b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:c000::/40
Signature Algorithm: sha256WithRSAEncryption
a3:c2:92:9c:d9:2a:72:4b:af:b6:ff:3e:1c:98:3a:5f:4f:85:
60:64:95:10:9d:16:f9:13:60:dc:96:5c:90:82:e7:b5:25:3a:
13:e4:f3:a2:5a:46:66:b6:6a:36:f5:10:c4:ba:43:80:a8:38:
1c:5e:2d:9a:ec:ac:c7:e4:67:60:fd:79:e1:1d:a8:1c:56:a1:
cc:b5:b9:36:5f:a0:ea:a9:f1:92:a7:1d:98:e2:86:74:fc:f0:
05:3f:e5:8a:83:db:b0:c0:54:5d:c6:0e:59:57:be:37:46:55:
7a:1e:3d:23:37:b5:a6:aa:1b:14:26:0c:c1:25:f9:8a:6f:dd:
5e:1e:82:7e:f4:1c:e7:ea:25:7e:0a:1c:85:24:b1:06:1d:8f:
64:8d:8b:18:86:29:9a:3b:3e:b1:78:d8:75:a4:cb:74:6a:2e:
de:c0:5c:61:03:28:30:66:a0:b8:7b:99:c3:a0:3c:3e:6a:c4:
1d:c7:10:50:c8:00:c3:62:ce:ea:67:bd:f8:6e:cf:f6:9d:07:
a7:7d:47:c4:c5:2b:96:ee:96:77:f9:a9:a4:97:13:aa:0c:58:
73:78:c0:51:a4:4e:9d:20:d2:85:09:5f:91:1b:f1:2b:dc:b5:
13:24:d0:4c:ab:55:81:9b:55:47:5d:3e:35:2b:47:76:41:46:
9c:46:dd:e1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUC5Kk34YAU3Djg/OdwvXIsL6/l7swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTEwMDdaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhNTdjNWY4ZGJlMDNlZWZhYTk2ZTUzMjg0NzZkYzRiMjY1YzRhY2FlOGVm
OWU1Y2Q1ZjVhZjM2MWIwODYzNjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKGzMwJ01lbEkl7G39r6vZm9ml1aqLsLXVPmz3U904uviLCN92Y8JNNangxL
YYiRBqdFL61Rm6QZfdniLo/xEyl64Kk6bAqYBWBuWVtRr9Lnj3ElqDczYomjpntC
LIbUu/FtZ4Nx4vS8grJ7pHRtUVyFJ8JS68r9Mssy2HY3bEGQOVH1ACArqUuy8a9p
k8naqAiLtwmbakhe1EgtolM2A+9z7PCWXZ0qhseUZ3NRiugmIkW2ElFJL11sQ392
LunCSLAfYOSkrPrKv2EiIQsZAKExxGV/TWe+v0Hn0kWeiey1rLY33oS2ZzcLD0zA
mQcQt11OHsIZfswgZ3phY9pHPL0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRw8oN6
fiK7iIoAAelXuVnb/VhHjTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2U2OTBhZGMtMDk5Yy00ZDU4LWFkMWItODU2ZjY5M2Q5MGIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DDA
MA0GCSqGSIb3DQEBCwUAA4IBAQCjwpKc2SpyS6+2/z4cmDpfT4VgZJUQnRb5E2Dc
llyQgue1JToT5POiWkZmtmo29RDEukOAqDgcXi2a7KzH5Gdg/XnhHagcVqHMtbk2
X6DqqfGSpx2Y4oZ0/PAFP+WKg9uwwFRdxg5ZV743RlV6Hj0jN7WmqhsUJgzBJfmK
b91eHoJ+9Bzn6iV+ChyFJLEGHY9kjYsYhimaOz6xeNh1pMt0ai7ewFxhAygwZqC4
e5nDoDw+asQdxxBQyADDYs7qZ734bs/2nQenfUfExSuW7pZ3+amklxOqDFhzeMBR
pE6dINKFCV+RG/Er3LUTJNBMq1WBm1VHXT41K0d2QUacRt3h
-----END CERTIFICATE-----
Generated at Mon May 5 20:58:33 2025 by rpki-client