Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/96632b04-b91d-4e29-8e82-14fddf17bed9.roa
File: 96632b04-b91d-4e29-8e82-14fddf17bed9.roa (raw, json)
Hash identifier: vOs08ESAu9VRvGfTNB3luzrL4oYKZvW2HHu5eWTIwVs=
Subject key identifier: 57:9A:F3:81:1A:5E:1A:C2:C2:9A:12:00:2E:F8:A5:46:EC:30:71:17
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 18FAC0F826BB337F2FABAFEF6FA171A8AB832FAA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/96632b04-b91d-4e29-8e82-14fddf17bed9.roa
Signing time: Fri 25 Apr 2025 19:01:24 +0000
ROA not before: Fri 25 Apr 2025 19:01:24 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8060::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:fa:c0:f8:26:bb:33:7f:2f:ab:af:ef:6f:a1:71:a8:ab:83:2f:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:01:24 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=8821fb46ffa3772305d21fe98961744819cc2cdacb36632ad90f9167e5dbdd49, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:b9:30:7c:4f:62:d0:4a:95:5f:c3:27:fd:ac:
fe:11:6b:89:3c:41:6a:68:8e:a5:46:b0:a8:83:b2:
5a:b5:ff:53:8e:80:23:b5:c7:6c:78:51:a3:b9:71:
43:7a:c5:4b:7b:ac:ba:95:87:60:30:90:b5:11:a3:
0d:04:bd:c7:f7:16:b5:fc:58:b0:33:5f:7c:8d:8f:
3c:5b:bc:11:89:6f:a5:40:7d:38:c3:95:c0:10:de:
23:20:74:da:ef:68:fb:82:68:60:db:67:4f:28:6e:
a8:d8:5a:59:fd:4a:d5:db:4e:f2:8b:8e:8b:4e:cf:
fb:bb:2c:45:dc:65:ad:67:f1:ed:93:be:50:99:82:
63:4f:35:fc:5d:7f:71:b1:d5:87:b8:13:f7:92:9d:
e1:dc:b4:4e:dd:ad:01:56:f8:f6:66:9b:0f:2e:85:
31:08:29:07:46:c3:73:f6:ef:2a:5a:9a:07:ce:83:
88:01:17:e2:ce:50:30:9b:bf:c4:b0:89:3d:b2:ec:
bd:b4:4e:30:16:76:06:61:79:74:a1:53:54:32:9b:
14:1c:fb:a5:60:43:4e:32:6e:8a:5c:ce:15:62:0d:
7f:ab:7e:36:26:8b:ba:b6:1f:62:91:9d:4d:70:d8:
50:f2:32:87:f4:cf:ce:98:24:25:d2:fc:cd:af:cb:
47:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:9A:F3:81:1A:5E:1A:C2:C2:9A:12:00:2E:F8:A5:46:EC:30:71:17
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/96632b04-b91d-4e29-8e82-14fddf17bed9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8060::/48
Signature Algorithm: sha256WithRSAEncryption
60:ac:f9:28:45:25:6a:5f:27:1e:1f:77:20:61:bf:5c:45:cb:
ab:ee:5e:ae:94:bf:95:9f:22:34:bf:c8:b8:1b:14:aa:9c:9b:
f0:7e:12:82:fd:09:1c:0e:c1:9c:8b:86:d5:cb:4f:2f:29:71:
34:8b:ac:dc:75:0b:42:cf:72:8e:e1:55:9e:7a:5b:49:8d:57:
8c:ed:76:a2:0f:44:83:34:76:b7:4e:9e:03:cf:a1:c5:e6:27:
80:48:43:17:7e:1f:0f:f1:9a:2e:78:31:50:34:58:e7:80:75:
30:f4:6b:86:2b:f2:90:ca:95:8b:27:09:f7:2b:17:d5:cc:65:
96:57:f6:63:70:46:f8:f3:f5:77:3a:0c:2e:08:71:f6:29:6b:
2c:f6:93:9b:a1:65:90:a1:18:44:e8:56:1d:99:1f:ca:27:1a:
43:48:06:18:b6:c1:e5:5e:3d:6e:c3:72:67:f0:5a:b5:63:ce:
53:c2:f4:b4:45:8f:3a:ec:2c:02:db:04:0e:26:71:b1:28:86:
3e:35:0d:8a:42:49:4b:c6:21:bb:a4:d8:ac:6b:cd:c7:1b:33:
88:a3:90:89:f8:a0:f3:f7:2e:3a:c5:11:02:5b:f9:fc:e6:6a:
dc:44:fe:23:7d:a4:9f:84:f5:9f:9d:8e:70:5e:e4:70:1d:65:
32:e3:79:73
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGPrA+Ca7M38vq6/vb6FxqKuDL6owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTAxMjRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4MjFmYjQ2ZmZhMzc3MjMwNWQyMWZlOTg5NjE3NDQ4MTljYzJjZGFjYjM2
NjMyYWQ5MGY5MTY3ZTVkYmRkNDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPO5MHxPYtBKlV/DJ/2s/hFriTxBamiOpUawqIOyWrX/U46AI7XHbHhRo7lx
Q3rFS3usupWHYDCQtRGjDQS9x/cWtfxYsDNffI2PPFu8EYlvpUB9OMOVwBDeIyB0
2u9o+4JoYNtnTyhuqNhaWf1K1dtO8ouOi07P+7ssRdxlrWfx7ZO+UJmCY081/F1/
cbHVh7gT95Kd4dy0Tt2tAVb49mabDy6FMQgpB0bDc/bvKlqaB86DiAEX4s5QMJu/
xLCJPbLsvbROMBZ2BmF5dKFTVDKbFBz7pWBDTjJuilzOFWINf6t+NiaLurYfYpGd
TXDYUPIyh/TPzpgkJdL8za/LRxcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRXmvOB
Gl4awsKaEgAu+KVG7DBxFzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTY2MzJiMDQtYjkxZC00ZTI5LThlODItMTRmZGRmMTdiZWQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
YDANBgkqhkiG9w0BAQsFAAOCAQEAYKz5KEUlal8nHh93IGG/XEXLq+5erpS/lZ8i
NL/IuBsUqpyb8H4Sgv0JHA7BnIuG1ctPLylxNIus3HULQs9yjuFVnnpbSY1XjO12
og9EgzR2t06eA8+hxeYngEhDF34fD/GaLngxUDRY54B1MPRrhivykMqViycJ9ysX
1cxlllf2Y3BG+PP1dzoMLghx9ilrLPaTm6FlkKEYROhWHZkfyicaQ0gGGLbB5V49
bsNyZ/BatWPOU8L0tEWPOuwsAtsEDiZxsSiGPjUNikJJS8Yhu6TYrGvNxxsziKOQ
ifig8/cuOsURAlv5/OZq3ET+I32kn4T1n52OcF7kcB1lMuN5cw==
-----END CERTIFICATE-----
Generated at Mon May 5 10:34:06 2025 by rpki-client