Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a0196e5-a789-4daf-912c-37aa6951f379.roa
File: 9a0196e5-a789-4daf-912c-37aa6951f379.roa (raw, json)
Hash identifier: ohqXz3s2FWf2rprpr8g6MWMkWcFQNoos8LrA95iCYto=
Subject key identifier: 8F:D2:0C:57:85:28:F2:6E:F8:0D:DA:EF:53:AF:2D:19:AF:00:66:45
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6796714EF7D6A66F3EA5E6790F8898BF50FF7442
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a0196e5-a789-4daf-912c-37aa6951f379.roa
Signing time: Tue 15 Apr 2025 15:10:00 +0000
ROA not before: Tue 15 Apr 2025 15:10:00 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:96:71:4e:f7:d6:a6:6f:3e:a5:e6:79:0f:88:98:bf:50:ff:74:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:10:00 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=84903e93b21bae70ed19b0e9cdadda6c975a54e7f5fad503b94ac8b41460b2be, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:5f:29:74:23:d0:ac:33:44:3e:94:b3:ea:d9:
d1:55:2f:c2:a1:89:21:16:3e:7a:0e:fc:80:f3:4e:
61:fa:45:fd:0e:43:dd:2c:8a:ec:17:8b:ac:94:e4:
b9:af:74:b1:a1:e5:32:87:6b:22:ca:e4:4f:18:10:
29:1b:3c:3d:57:6e:99:16:8a:d4:c0:0b:b9:78:23:
c5:89:13:07:22:74:76:3f:e0:1e:ef:6c:62:04:cd:
fd:cd:4b:5d:06:ef:0b:98:0f:cb:e3:49:38:86:60:
b4:88:00:e8:32:6a:8d:b3:9d:bf:9f:b1:82:34:0e:
54:40:99:4e:a3:3c:56:89:1c:17:08:b6:56:4b:40:
d0:c5:01:56:bd:4c:6e:01:f0:a2:0c:e5:cc:f5:c3:
36:55:49:f2:2e:15:b1:1a:97:52:89:2e:bb:ae:60:
87:ab:70:16:0c:cd:8e:dc:32:70:d3:7e:cd:5a:64:
d2:f7:6d:28:0e:9f:b5:80:00:6b:ce:da:73:f9:4b:
0b:da:25:c8:d9:af:74:7f:b3:8a:4b:7a:4b:d5:69:
23:ac:57:82:32:41:37:74:09:7f:53:15:98:18:bf:
2a:7b:7b:3d:d1:e2:6a:2e:ee:ac:7e:9c:3b:85:ec:
98:66:26:ab:a3:e0:5b:35:b7:84:2d:1f:76:c0:6e:
e8:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:D2:0C:57:85:28:F2:6E:F8:0D:DA:EF:53:AF:2D:19:AF:00:66:45
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a0196e5-a789-4daf-912c-37aa6951f379.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:a000::/40
Signature Algorithm: sha256WithRSAEncryption
63:80:5c:75:8b:b6:06:a7:c8:27:f3:77:9b:fd:a7:20:f9:3e:
2f:c7:82:85:99:0e:76:a6:9a:87:e8:31:10:e4:32:75:d8:04:
d9:9d:0b:71:82:d8:ee:ae:bc:bd:3f:b7:99:ca:ad:20:e3:24:
33:fd:0b:54:27:2c:f4:7e:6a:11:4b:49:25:7b:ec:6f:ee:52:
af:1d:ff:70:3c:69:14:cb:d3:be:4e:93:2e:15:28:18:a9:ee:
3f:81:cb:17:43:dc:7b:c1:11:2e:28:7f:2a:9b:24:9a:2a:f3:
50:5f:d7:b8:b6:de:bd:1a:50:cc:82:60:49:22:85:5c:76:5a:
93:32:9f:f2:3d:9f:8b:13:67:dc:c4:c2:bc:4f:80:5a:e8:86:
07:1c:4d:ee:07:2a:64:4c:1d:14:2b:f2:c0:e6:e6:bc:c9:81:
48:5e:3e:7d:a6:3a:f7:91:3f:20:28:42:b0:d1:d7:d4:cc:80:
99:0c:ee:19:67:38:e8:48:bd:d0:ef:1e:d5:80:48:ae:1e:52:
59:4b:47:b7:c5:56:c7:a7:97:6f:06:ee:2f:5d:de:88:7f:d8:
e3:f9:0f:a7:a4:e5:a2:25:1a:9e:c5:ef:3c:2a:22:e9:a5:bf:
7f:5f:ec:e5:1c:81:bc:5f:b4:5e:09:9b:63:db:1e:ed:17:06:
3e:1d:e7:d4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZ5ZxTvfWpm8+peZ5D4iYv1D/dEIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTEwMDBaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDg0OTAzZTkzYjIxYmFlNzBlZDE5YjBlOWNkYWRkYTZjOTc1YTU0ZTdmNWZh
ZDUwM2I5NGFjOGI0MTQ2MGIyYmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAINfKXQj0KwzRD6Us+rZ0VUvwqGJIRY+eg78gPNOYfpF/Q5D3SyK7BeLrJTk
ua90saHlModrIsrkTxgQKRs8PVdumRaK1MALuXgjxYkTByJ0dj/gHu9sYgTN/c1L
XQbvC5gPy+NJOIZgtIgA6DJqjbOdv5+xgjQOVECZTqM8VokcFwi2VktA0MUBVr1M
bgHwogzlzPXDNlVJ8i4VsRqXUokuu65gh6twFgzNjtwycNN+zVpk0vdtKA6ftYAA
a87ac/lLC9olyNmvdH+zikt6S9VpI6xXgjJBN3QJf1MVmBi/Knt7PdHiai7urH6c
O4XsmGYmq6PgWzW3hC0fdsBu6L8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSP0gxX
hSjybvgN2u9Try0ZrwBmRTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWEwMTk2ZTUtYTc4OS00ZGFmLTkxMmMtMzdhYTY5NTFmMzc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCg
MA0GCSqGSIb3DQEBCwUAA4IBAQBjgFx1i7YGp8gn83eb/acg+T4vx4KFmQ52ppqH
6DEQ5DJ12ATZnQtxgtjurry9P7eZyq0g4yQz/QtUJyz0fmoRS0kle+xv7lKvHf9w
PGkUy9O+TpMuFSgYqe4/gcsXQ9x7wREuKH8qmySaKvNQX9e4tt69GlDMgmBJIoVc
dlqTMp/yPZ+LE2fcxMK8T4Ba6IYHHE3uBypkTB0UK/LA5ua8yYFIXj59pjr3kT8g
KEKw0dfUzICZDO4ZZzjoSL3Q7x7VgEiuHlJZS0e3xVbHp5dvBu4vXd6If9jj+Q+n
pOWiJRqexe88KiLppb9/X+zlHIG8X7ReCZtj2x7tFwY+HefU
-----END CERTIFICATE-----
Generated at Mon May 5 08:20:39 2025 by rpki-client