Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/868cbba8-4804-4fbd-b9b8-7e9402c44956.roa
File: 868cbba8-4804-4fbd-b9b8-7e9402c44956.roa (raw, json)
Hash identifier: 2Knaifd10VNMpequutPEHf0mjcXyFEI/cnIoMjHPKIw=
Subject key identifier: 82:DC:8A:42:21:3F:EA:C8:FD:10:13:38:82:DF:78:84:B8:5A:25:E2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 09C869FE3FEBF0AEF619467961DEB093F6C11124
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/868cbba8-4804-4fbd-b9b8-7e9402c44956.roa
Signing time: Mon 28 Apr 2025 15:40:04 +0000
ROA not before: Mon 28 Apr 2025 15:40:04 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:c8:69:fe:3f:eb:f0:ae:f6:19:46:79:61:de:b0:93:f6:c1:11:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 28 15:40:04 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=ab0189f1936aeafd8183bdddec179ed68b8de034fcce5369240b344bce6d6cc8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:8b:88:9f:1c:e3:5c:83:56:cb:e2:50:3c:c4:
0a:08:ac:77:ba:23:80:ee:90:6e:07:a3:ee:92:ca:
83:de:39:37:92:39:2f:53:6d:b1:36:08:81:d7:aa:
f3:7b:00:a9:ee:e3:58:21:c7:70:26:cf:82:3f:84:
42:05:89:f6:d9:66:dc:b8:8b:67:35:5e:fe:c6:db:
68:a0:00:34:02:3d:df:1e:00:43:f4:03:7c:b6:7c:
b5:83:96:a0:f1:c0:53:0a:3e:6e:98:cf:18:8e:58:
7f:6c:20:a1:5b:a2:d4:33:65:9d:22:3a:79:b4:fd:
07:73:cc:87:42:2e:44:3f:98:55:a2:58:4e:de:03:
5d:1e:a8:d8:15:43:e4:c9:44:d6:8d:fb:ca:a3:1f:
88:7a:24:14:7e:5e:19:6b:aa:30:ff:f9:82:1c:7a:
26:86:5a:07:7f:44:f9:64:77:9e:fd:53:1e:6e:99:
2f:b0:25:7d:cb:4a:24:e6:2d:ab:c1:ce:a3:41:7d:
45:fd:81:4e:d3:79:36:91:a9:db:8e:70:a7:25:94:
cc:f6:78:8d:c0:49:cb:ba:2f:eb:c6:b0:40:1a:94:
37:5d:00:89:56:cd:df:ca:9e:84:fb:41:6f:0f:d4:
80:21:63:ad:57:00:28:6b:07:6e:d3:4d:0b:33:40:
83:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:DC:8A:42:21:3F:EA:C8:FD:10:13:38:82:DF:78:84:B8:5A:25:E2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/868cbba8-4804-4fbd-b9b8-7e9402c44956.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:9000::/40
Signature Algorithm: sha256WithRSAEncryption
2c:01:be:25:c9:ef:fc:7d:8e:8e:12:61:1b:e3:ed:e1:d8:7a:
9e:46:95:21:7e:24:56:30:80:17:1a:3e:fa:79:27:39:ec:72:
44:5c:7b:73:f4:34:d9:8c:75:95:bd:fb:5e:a3:8c:43:e7:70:
73:9e:16:89:9b:58:37:41:2d:b4:3a:bb:52:4e:64:ed:6a:17:
36:15:63:94:9f:ea:19:df:c1:10:b0:a1:c9:2b:43:42:c3:51:
08:28:18:dc:7e:ed:46:9b:f3:b3:cb:68:da:5b:79:d2:b9:8a:
b4:00:b9:31:d2:5f:56:dd:a3:56:7a:96:c1:88:05:5a:68:00:
a8:c3:dd:b8:d8:ac:6c:1a:8f:94:52:9a:85:15:d2:47:5a:d1:
8f:80:b5:67:91:1e:59:a9:df:4d:c8:71:05:e3:49:da:10:1c:
a2:e4:be:f5:7f:9e:43:c7:24:75:3d:ec:c2:7e:55:39:11:73:
65:06:9f:7e:7d:6a:36:4d:4b:a6:6e:67:f8:2e:9d:49:ef:2d:
d6:fa:2e:c8:b1:90:7f:ad:1a:c6:34:09:8f:48:38:e0:ef:b9:
82:da:31:ca:63:9e:dd:96:c3:0e:e9:29:e0:8c:61:a1:6b:04:
17:0a:e5:44:69:af:ab:ed:8e:99:63:44:68:08:0b:47:d7:88:
b6:62:c5:bb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCchp/j/r8K72GUZ5Yd6wk/bBESQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjgxNTQwMDRaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGFiMDE4OWYxOTM2YWVhZmQ4MTgzYmRkZGVjMTc5ZWQ2OGI4ZGUwMzRmY2Nl
NTM2OTI0MGIzNDRiY2U2ZDZjYzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI6LiJ8c41yDVsviUDzECgisd7ojgO6Qbgej7pLKg945N5I5L1NtsTYIgdeq
83sAqe7jWCHHcCbPgj+EQgWJ9tlm3LiLZzVe/sbbaKAANAI93x4AQ/QDfLZ8tYOW
oPHAUwo+bpjPGI5Yf2wgoVui1DNlnSI6ebT9B3PMh0IuRD+YVaJYTt4DXR6o2BVD
5MlE1o37yqMfiHokFH5eGWuqMP/5ghx6JoZaB39E+WR3nv1THm6ZL7AlfctKJOYt
q8HOo0F9Rf2BTtN5NpGp245wpyWUzPZ4jcBJy7ov68awQBqUN10AiVbN38qehPtB
bw/UgCFjrVcAKGsHbtNNCzNAgwsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSC3IpC
IT/qyP0QEziC33iEuFol4jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODY4Y2JiYTgtNDgwNC00ZmJkLWI5YjgtN2U5NDAyYzQ0OTU2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+Q
MA0GCSqGSIb3DQEBCwUAA4IBAQAsAb4lye/8fY6OEmEb4+3h2HqeRpUhfiRWMIAX
Gj76eSc57HJEXHtz9DTZjHWVvfteo4xD53BznhaJm1g3QS20OrtSTmTtahc2FWOU
n+oZ38EQsKHJK0NCw1EIKBjcfu1Gm/Ozy2jaW3nSuYq0ALkx0l9W3aNWepbBiAVa
aACow9242KxsGo+UUpqFFdJHWtGPgLVnkR5Zqd9NyHEF40naEByi5L71f55DxyR1
PezCflU5EXNlBp9+fWo2TUumbmf4Lp1J7y3W+i7IsZB/rRrGNAmPSDjg77mC2jHK
Y57dlsMO6SngjGGhawQXCuVEaa+r7Y6ZY0RoCAtH14i2YsW7
-----END CERTIFICATE-----
Generated at Tue May 6 14:00:22 2025 by rpki-client