Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97bc1904-a9fd-49fa-9bd7-4b6012393329.roa
File: 97bc1904-a9fd-49fa-9bd7-4b6012393329.roa (raw, json)
Hash identifier: 1wZ9dZIDpV+O1ZAVKQMMvBgntTAMX5vNltj369L0CJ0=
Subject key identifier: 42:60:9E:E3:5A:49:D4:99:6C:0A:64:CC:74:1B:21:53:15:D9:62:1B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4C868451E3BF71F6C43DF40A0C67B171A905E615
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97bc1904-a9fd-49fa-9bd7-4b6012393329.roa
Signing time: Thu 17 Apr 2025 20:37:00 +0000
ROA not before: Thu 17 Apr 2025 20:37:00 +0000
ROA not after: Thu 22 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06e:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:86:84:51:e3:bf:71:f6:c4:3d:f4:0a:0c:67:b1:71:a9:05:e6:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 20:37:00 2025 GMT
Not After : May 22 23:59:59 2025 GMT
Subject: serialNumber=7c940733c1dff215e5f0036cccf24f4dc176aa7f67cfc56bd45af5967b17a60c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:42:2b:cb:86:03:20:0c:f3:25:8b:4f:b9:bc:
79:d6:a9:3b:a9:40:75:6b:d9:83:42:b7:8b:a7:74:
53:1f:fd:18:9e:21:a1:32:f6:b8:7b:2f:3b:de:30:
f5:b6:21:71:3c:f2:22:5e:e6:3f:64:a5:8f:6e:25:
71:7e:3b:a6:48:8d:61:19:96:85:bc:f4:05:71:7b:
73:bd:d2:12:3c:91:60:0b:0e:37:ca:05:62:62:96:
63:1e:fa:64:4f:d4:2a:de:b7:74:fc:a0:02:0e:6e:
8a:6d:a7:18:32:db:69:75:3c:9b:3d:04:23:87:f0:
34:19:89:5f:41:fd:f3:9d:f8:ef:61:c2:1a:58:65:
ca:6f:9d:e5:7b:72:a8:17:0b:6f:2d:23:76:ea:05:
4c:94:20:8d:8d:4a:77:0d:f9:bc:15:dd:13:5f:9a:
1a:59:ba:a4:2b:c8:f9:27:5f:32:45:d9:71:3e:38:
27:a3:d1:09:7a:f6:b3:a6:78:c5:b1:81:ed:65:a5:
4b:d0:b3:b7:58:a9:51:18:51:31:7e:f6:92:4d:64:
91:22:89:34:7e:f0:07:c7:9a:6a:57:da:09:a2:2c:
d4:1c:09:f9:2c:bb:45:69:38:f7:db:66:bb:06:db:
ab:b1:48:ae:da:0e:9f:44:51:a2:11:fa:f2:e1:2c:
70:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:60:9E:E3:5A:49:D4:99:6C:0A:64:CC:74:1B:21:53:15:D9:62:1B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97bc1904-a9fd-49fa-9bd7-4b6012393329.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06e:a000::/40
Signature Algorithm: sha256WithRSAEncryption
2a:76:e0:8d:31:36:ff:ed:b7:5b:65:06:8e:2a:dc:b0:27:18:
90:80:e0:90:13:a5:82:e0:e9:01:e8:ee:43:eb:17:bd:3b:85:
f7:7f:18:40:1f:d2:27:6f:c0:5c:8f:c8:c6:33:63:e4:19:4d:
24:1e:2b:28:7d:7a:1f:37:bd:fe:00:58:96:d0:18:f2:41:ce:
29:4e:ea:0b:71:5e:88:65:fa:98:58:aa:2a:eb:87:1a:a4:c5:
4f:1e:75:64:21:4b:b1:cf:4c:52:4f:f4:87:f3:23:cc:29:a6:
7c:27:3a:4f:ab:df:27:b7:af:79:32:3c:b0:85:4f:97:f3:22:
fb:e0:a3:db:cc:f2:f6:f7:19:da:12:2f:1e:70:f6:b7:e2:9e:
13:52:61:cd:46:c7:0b:e1:94:a8:9f:35:61:59:06:1d:2f:1a:
42:56:18:ee:ea:e4:e4:6c:7f:ae:fc:06:f8:42:43:23:0e:0d:
88:70:1b:d4:f8:33:f7:11:64:20:79:42:18:6b:e1:43:21:47:
53:e4:97:fd:6a:d6:76:d8:29:44:8f:27:23:71:04:5d:38:1c:
fd:2c:9e:0e:f4:23:b7:cb:c6:e9:aa:de:83:e5:be:86:f0:b7:
41:9d:19:18:dd:66:3a:cc:3a:f2:34:3c:01:eb:7e:db:55:51:
9d:72:81:5f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTIaEUeO/cfbEPfQKDGexcakF5hUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTcyMDM3MDBaFw0yNTA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDdjOTQwNzMzYzFkZmYyMTVlNWYwMDM2Y2NjZjI0ZjRkYzE3NmFhN2Y2N2Nm
YzU2YmQ0NWFmNTk2N2IxN2E2MGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALpCK8uGAyAM8yWLT7m8edapO6lAdWvZg0K3i6d0Ux/9GJ4hoTL2uHsvO94w
9bYhcTzyIl7mP2Slj24lcX47pkiNYRmWhbz0BXF7c73SEjyRYAsON8oFYmKWYx76
ZE/UKt63dPygAg5uim2nGDLbaXU8mz0EI4fwNBmJX0H9853472HCGlhlym+d5Xty
qBcLby0jduoFTJQgjY1Kdw35vBXdE1+aGlm6pCvI+SdfMkXZcT44J6PRCXr2s6Z4
xbGB7WWlS9Czt1ipURhRMX72kk1kkSKJNH7wB8eaalfaCaIs1BwJ+Sy7RWk499tm
uwbbq7FIrtoOn0RRohH68uEscBMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRCYJ7j
WknUmWwKZMx0GyFTFdliGzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTdiYzE5MDQtYTlmZC00OWZhLTliZDctNGI2MDEyMzkzMzI5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G6g
MA0GCSqGSIb3DQEBCwUAA4IBAQAqduCNMTb/7bdbZQaOKtywJxiQgOCQE6WC4OkB
6O5D6xe9O4X3fxhAH9Inb8Bcj8jGM2PkGU0kHisofXofN73+AFiW0BjyQc4pTuoL
cV6IZfqYWKoq64capMVPHnVkIUuxz0xST/SH8yPMKaZ8JzpPq98nt695MjywhU+X
8yL74KPbzPL29xnaEi8ecPa34p4TUmHNRscL4ZSonzVhWQYdLxpCVhju6uTkbH+u
/Ab4QkMjDg2IcBvU+DP3EWQgeUIYa+FDIUdT5Jf9atZ22ClEjycjcQRdOBz9LJ4O
9CO3y8bpqt6D5b6G8LdBnRkY3WY6zDryNDwB637bVVGdcoFf
-----END CERTIFICATE-----
Generated at Mon May 5 10:32:54 2025 by rpki-client