Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94b73df2-00f3-4adc-a2a1-c8b41e531cf2.roa
File: 94b73df2-00f3-4adc-a2a1-c8b41e531cf2.roa (raw, json)
Hash identifier: PvdXR8w007dWSKUO6CrMnEWPsF5WHLECfBoRgMyeJoc=
Subject key identifier: FD:CC:0D:7C:47:92:17:23:CD:2A:24:F1:EB:3A:91:53:BB:46:09:01
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 68C57FF4B4EB0288B36A80630301F322D2552FFF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94b73df2-00f3-4adc-a2a1-c8b41e531cf2.roa
Signing time: Fri 25 Apr 2025 19:20:50 +0000
ROA not before: Fri 25 Apr 2025 19:20:50 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:a080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:c5:7f:f4:b4:eb:02:88:b3:6a:80:63:03:01:f3:22:d2:55:2f:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:20:50 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=f284675d679e1a282523fa17599955b4dbed74c2ffee392da978f82fcb11839c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:cd:ed:69:01:24:48:3f:38:36:12:41:dc:dc:
ed:7f:e0:88:49:82:3b:c2:d7:4c:55:47:17:06:50:
a0:9d:b2:60:c1:b3:8b:aa:a8:84:2a:c3:05:fc:c9:
dc:50:a9:b2:9d:30:80:aa:66:6b:d9:35:99:a4:ad:
b7:45:8b:1b:9a:90:a4:38:6a:ab:4f:59:ef:29:46:
c6:0c:54:f4:40:36:f3:5d:29:f7:31:71:76:08:04:
68:07:5b:6e:89:36:88:14:e6:d9:45:6d:f6:46:a8:
90:09:c3:6f:3c:c2:d3:8b:36:c3:b2:64:dd:07:99:
54:79:7f:9c:bc:d0:09:a5:a3:3f:8a:58:35:66:cf:
94:9d:0d:85:56:e4:94:fb:01:ad:8a:ac:5f:78:08:
14:bc:d8:3c:c7:ce:b4:9e:db:ee:d3:9f:e2:6f:88:
05:16:10:c1:93:d3:6f:5d:2b:85:e4:98:0f:70:93:
d3:0e:2e:d8:1b:ed:a5:91:79:4b:cd:6c:78:f0:95:
19:7b:a1:98:cf:3c:30:da:16:bc:82:d2:21:4d:76:
79:ac:9e:fa:e6:25:d7:9b:33:60:ef:2c:04:a0:00:
96:18:06:8a:28:bb:6f:df:e5:f7:48:9f:9a:08:f9:
50:95:6f:41:a0:5f:87:84:89:71:c0:71:d9:89:8e:
d8:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:CC:0D:7C:47:92:17:23:CD:2A:24:F1:EB:3A:91:53:BB:46:09:01
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94b73df2-00f3-4adc-a2a1-c8b41e531cf2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:a080::/46
Signature Algorithm: sha256WithRSAEncryption
ab:84:54:71:d6:7c:f1:c7:f6:f8:3c:ed:6a:e5:06:97:05:6c:
ac:e0:d4:98:1d:6d:b1:e0:b1:ce:0a:7b:05:78:52:03:10:1a:
3a:8c:a7:62:1f:8f:b7:d3:24:7c:8b:6b:b4:57:29:51:ff:01:
6d:79:c9:82:90:20:d8:2c:e4:b2:3e:6f:fc:4e:5a:e9:c5:ee:
ae:64:ed:2f:33:99:01:8e:5f:3e:4c:f4:cb:77:f3:4c:bf:1a:
3e:71:5d:91:9c:8a:54:1c:13:3b:54:ec:cd:dd:98:50:58:49:
9c:41:69:d1:10:41:05:22:a6:f8:14:de:4c:e1:5c:74:88:9e:
37:dd:b4:4c:b0:f0:08:ee:17:91:3f:7c:5d:59:00:7b:20:db:
62:61:c3:b1:8d:35:84:0a:f5:5a:7d:99:22:9b:80:b0:74:ee:
e4:86:b5:c1:56:83:86:f0:90:81:2e:f7:6d:95:68:70:9f:01:
d6:8b:00:a9:6d:d3:42:23:fc:23:48:b9:87:a7:47:f5:df:d4:
aa:8f:c6:83:9b:e0:60:14:ab:dc:ec:48:e8:df:eb:98:2c:1e:
0f:40:9d:3e:6a:ac:13:a3:75:97:35:3a:96:53:89:37:58:40:
fe:84:88:fd:6f:e4:4a:1f:29:a2:f7:78:b6:ac:e6:01:20:3c:
15:60:59:22
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUaMV/9LTrAoizaoBjAwHzItJVL/8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTIwNTBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyODQ2NzVkNjc5ZTFhMjgyNTIzZmExNzU5OTk1NWI0ZGJlZDc0YzJmZmVl
MzkyZGE5NzhmODJmY2IxMTgzOWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANbN7WkBJEg/ODYSQdzc7X/giEmCO8LXTFVHFwZQoJ2yYMGzi6qohCrDBfzJ
3FCpsp0wgKpma9k1maStt0WLG5qQpDhqq09Z7ylGxgxU9EA2810p9zFxdggEaAdb
bok2iBTm2UVt9kaokAnDbzzC04s2w7Jk3QeZVHl/nLzQCaWjP4pYNWbPlJ0NhVbk
lPsBrYqsX3gIFLzYPMfOtJ7b7tOf4m+IBRYQwZPTb10rheSYD3CT0w4u2BvtpZF5
S81sePCVGXuhmM88MNoWvILSIU12eaye+uYl15szYO8sBKAAlhgGiii7b9/l90if
mgj5UJVvQaBfh4SJccBx2YmO2EUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT9zA18
R5IXI80qJPHrOpFTu0YJATAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTRiNzNkZjItMDBmMy00YWRjLWEyYTEtYzhiNDFlNTMxY2YyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DWg
gDANBgkqhkiG9w0BAQsFAAOCAQEAq4RUcdZ88cf2+DztauUGlwVsrODUmB1tseCx
zgp7BXhSAxAaOoynYh+Pt9MkfItrtFcpUf8BbXnJgpAg2Czksj5v/E5a6cXurmTt
LzOZAY5fPkz0y3fzTL8aPnFdkZyKVBwTO1Tszd2YUFhJnEFp0RBBBSKm+BTeTOFc
dIieN920TLDwCO4XkT98XVkAeyDbYmHDsY01hAr1Wn2ZIpuAsHTu5Ia1wVaDhvCQ
gS73bZVocJ8B1osAqW3TQiP8I0i5h6dH9d/Uqo/Gg5vgYBSr3OxI6N/rmCweD0Cd
PmqsE6N1lzU6llOJN1hA/oSI/W/kSh8povd4tqzmASA8FWBZIg==
-----END CERTIFICATE-----
Generated at Tue May 6 13:40:22 2025 by rpki-client