Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92652652-28d6-49c1-8ea6-f5079f374345.roa
File: 92652652-28d6-49c1-8ea6-f5079f374345.roa (raw, json)
Hash identifier: bq+PaXfhhOS3n2nMEI9gVDADoTtIqa/qNloUVkjZ6W4=
Subject key identifier: E0:4A:36:E7:FF:F4:6F:13:6B:86:63:59:17:71:F6:06:F9:04:43:9F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 73D2E14EFDD20F478C31C372197E85B02F8AD203
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92652652-28d6-49c1-8ea6-f5079f374345.roa
Signing time: Fri 25 Apr 2025 18:50:08 +0000
ROA not before: Fri 25 Apr 2025 18:50:08 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4060::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:d2:e1:4e:fd:d2:0f:47:8c:31:c3:72:19:7e:85:b0:2f:8a:d2:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:50:08 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=ed6a14d04bf26bac269e273e3d984ef23cc1d6bb9512d7556a3a159113fc272b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:66:df:20:be:be:59:f9:6c:25:3d:a6:62:34:
ec:d4:5b:4a:b5:7a:9a:1f:ad:c9:68:22:ba:b6:c6:
6c:54:4c:e2:62:e2:6a:2b:00:a4:3f:04:09:97:b7:
6c:ad:99:b9:e9:40:f4:26:80:5b:87:eb:76:03:82:
98:1a:60:e6:e0:ae:6b:93:4c:81:26:5e:33:06:44:
01:f1:a5:81:4f:79:ae:de:d8:ba:da:ab:63:9d:81:
7b:17:0b:04:3a:12:9e:ef:1a:4d:d4:58:e1:9f:76:
43:9e:98:25:69:8b:60:24:dd:07:6f:51:02:8e:78:
7d:60:d6:ed:7d:55:ec:e6:80:34:cb:d5:94:88:3d:
d6:f1:84:08:63:5e:84:49:8d:39:b2:85:30:e8:c0:
c4:76:ff:b6:d5:52:69:4e:7a:3d:3a:26:1b:d9:b0:
3b:12:31:f6:76:11:92:04:a2:d8:39:4b:a5:d0:e8:
00:8c:25:9b:bd:ef:cf:65:65:b1:2d:bb:bd:3d:f1:
dd:6b:11:22:3c:83:b3:a0:6a:b7:4b:86:ea:3a:8e:
bd:aa:b1:2a:8a:9a:84:5c:f8:65:73:08:80:70:29:
6a:d1:b4:90:64:1d:88:91:f5:00:53:70:89:db:2f:
46:be:b7:1d:be:07:48:d4:d4:43:2c:3b:2f:61:ee:
e8:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:4A:36:E7:FF:F4:6F:13:6B:86:63:59:17:71:F6:06:F9:04:43:9F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92652652-28d6-49c1-8ea6-f5079f374345.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4060::/48
Signature Algorithm: sha256WithRSAEncryption
4b:2e:3f:a5:13:43:eb:14:dd:6d:7a:8c:05:d7:7b:bd:f1:6a:
5a:ae:94:0f:ba:b2:c0:c2:8a:d5:4c:4d:c7:ef:d8:d0:e6:64:
f4:0e:d9:b4:40:a8:bb:04:30:96:82:b6:ee:90:a1:3d:6d:4a:
5b:46:a8:60:33:d3:d4:2c:2f:09:a5:de:5c:0e:0b:8b:25:36:
dc:6b:1a:62:65:05:ab:74:5b:4d:03:a3:e0:83:1c:62:6b:6c:
ac:81:02:70:a6:8a:b7:dc:0d:03:69:26:87:f2:34:2c:af:bb:
b6:fe:15:08:35:ac:e6:b8:0e:92:fd:57:09:3b:4a:c0:ce:fd:
1d:e1:f3:97:5c:e7:1e:ea:62:5e:1e:16:44:c8:0e:1f:eb:ac:
fb:3b:ed:b2:0a:24:94:ae:35:47:0b:92:73:90:da:e0:2e:5d:
c1:3d:4a:96:44:bf:d6:07:dd:3d:70:47:e2:a4:f0:ba:c4:42:
d2:7d:3e:de:ab:04:f4:7b:93:d9:10:4a:75:60:ff:1a:c9:69:
ba:59:ee:84:39:81:b2:1d:0b:a7:b3:f1:ff:23:bf:71:e4:fc:
c5:71:fa:fd:30:0b:ae:4e:40:5d:a6:37:bd:08:93:48:27:55:
9b:7a:b6:28:ed:75:3c:ea:25:9a:e6:e7:40:a0:14:58:1d:a4:
c8:6e:e3:fb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUc9LhTv3SD0eMMcNyGX6FsC+K0gMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODUwMDhaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkNmExNGQwNGJmMjZiYWMyNjllMjczZTNkOTg0ZWYyM2NjMWQ2YmI5NTEy
ZDc1NTZhM2ExNTkxMTNmYzI3MmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMdm3yC+vln5bCU9pmI07NRbSrV6mh+tyWgiurbGbFRM4mLiaisApD8ECZe3
bK2ZuelA9CaAW4frdgOCmBpg5uCua5NMgSZeMwZEAfGlgU95rt7YutqrY52BexcL
BDoSnu8aTdRY4Z92Q56YJWmLYCTdB29RAo54fWDW7X1V7OaANMvVlIg91vGECGNe
hEmNObKFMOjAxHb/ttVSaU56PTomG9mwOxIx9nYRkgSi2DlLpdDoAIwlm73vz2Vl
sS27vT3x3WsRIjyDs6Bqt0uG6jqOvaqxKoqahFz4ZXMIgHApatG0kGQdiJH1AFNw
idsvRr63Hb4HSNTUQyw7L2Hu6CMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTgSjbn
//RvE2uGY1kXcfYG+QRDnzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTI2NTI2NTItMjhkNi00OWMxLThlYTYtZjUwNzlmMzc0MzQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
YDANBgkqhkiG9w0BAQsFAAOCAQEASy4/pRND6xTdbXqMBdd7vfFqWq6UD7qywMKK
1UxNx+/Y0OZk9A7ZtECouwQwloK27pChPW1KW0aoYDPT1CwvCaXeXA4LiyU23Gsa
YmUFq3RbTQOj4IMcYmtsrIECcKaKt9wNA2kmh/I0LK+7tv4VCDWs5rgOkv1XCTtK
wM79HeHzl1znHupiXh4WRMgOH+us+zvtsgoklK41RwuSc5Da4C5dwT1KlkS/1gfd
PXBH4qTwusRC0n0+3qsE9HuT2RBKdWD/GslpulnuhDmBsh0Lp7Px/yO/ceT8xXH6
/TALrk5AXaY3vQiTSCdVm3q2KO11POolmubnQKAUWB2kyG7j+w==
-----END CERTIFICATE-----
Generated at Mon May 5 08:24:43 2025 by rpki-client