Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9cc30d00-3b04-4784-bb45-a31801f1706c.roa
File: 9cc30d00-3b04-4784-bb45-a31801f1706c.roa (raw, json)
Hash identifier: 6HoL1OVNi9Xk0h9ITDRNBdSt0j+amfpKI3lc68qDqp4=
Subject key identifier: FA:0A:84:5A:74:DF:9E:73:31:BC:30:6F:FE:94:83:7C:3F:AA:8D:3D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 592D0DD6B1A73806568226D960984FB7F0EA0A74
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9cc30d00-3b04-4784-bb45-a31801f1706c.roa
Signing time: Thu 17 Apr 2025 20:37:01 +0000
ROA not before: Thu 17 Apr 2025 20:37:01 +0000
ROA not after: Thu 22 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06e:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:2d:0d:d6:b1:a7:38:06:56:82:26:d9:60:98:4f:b7:f0:ea:0a:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 20:37:01 2025 GMT
Not After : May 22 23:59:59 2025 GMT
Subject: serialNumber=48518f9d12ffc665d2ea3900cff031057ef1b62ec8b121f7dfc6a8d2208fe981, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:44:84:e2:ca:91:50:b9:92:6d:9c:01:0a:1f:
87:cc:1b:aa:64:19:9c:ee:77:2b:10:e4:dc:55:47:
50:bc:b8:b5:76:ae:a5:64:57:6a:5a:8a:89:6f:a8:
1c:71:f4:00:3f:8e:03:a7:a2:ff:61:e6:a6:c9:bc:
ce:3f:9c:22:1e:0d:96:6d:13:1b:2e:70:31:e8:26:
95:bb:49:6e:cd:68:4e:14:24:44:d8:9c:b6:d5:92:
59:f8:9e:c5:c3:e7:18:5d:23:eb:4a:54:4c:61:2d:
57:68:4e:0f:3a:fe:b4:57:6e:71:0f:eb:b2:c8:58:
ee:f8:4b:cb:c7:96:58:ed:04:49:98:e7:9b:af:d2:
96:50:b8:70:6c:55:f4:b4:ef:28:17:cd:21:64:72:
4c:7e:70:9f:1c:61:7a:fd:5d:5a:62:7f:6b:6a:7e:
27:bc:22:3a:14:d6:2a:c1:10:ff:00:a0:8e:55:14:
03:89:c2:60:74:1d:f1:07:c6:46:f8:00:8b:43:03:
59:13:8d:5e:e6:18:a0:45:c5:ba:06:fd:b7:97:f8:
e4:dd:3a:58:46:6d:a1:e5:a9:0b:52:7d:e5:c4:2e:
b2:11:7f:62:d6:54:f2:e3:74:74:2b:50:90:1c:f4:
da:6e:1b:3c:1a:3c:ef:4f:23:51:90:9b:76:b6:62:
3d:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:0A:84:5A:74:DF:9E:73:31:BC:30:6F:FE:94:83:7C:3F:AA:8D:3D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9cc30d00-3b04-4784-bb45-a31801f1706c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06e:c000::/40
Signature Algorithm: sha256WithRSAEncryption
89:f1:03:25:74:7f:db:16:39:97:73:58:38:23:a4:b7:59:5b:
62:d7:d8:29:40:ec:55:c0:39:22:60:11:21:05:43:87:cb:90:
7e:2e:83:ba:91:de:4a:c5:aa:bb:ac:86:21:63:74:79:ae:99:
6d:e2:1e:d0:d0:03:5e:05:3c:84:09:09:15:35:27:7b:f9:d1:
88:39:43:c3:fc:86:e7:21:30:1e:4d:16:39:53:94:63:10:77:
68:42:dc:09:04:cb:1d:88:4a:13:84:90:99:47:a2:9e:84:47:
48:54:08:06:25:d9:c8:c0:48:77:6b:9e:95:ea:1b:20:de:77:
ae:da:ca:a3:33:e8:7a:a8:3b:b1:7e:9a:72:80:53:3b:9a:4e:
f9:2c:b2:95:50:a5:30:a3:36:2d:0b:46:69:d8:82:6d:52:e5:
f8:d7:ba:3e:d1:17:91:b5:9b:96:22:26:4c:2d:4a:2b:98:7a:
ce:05:92:ea:3d:1c:44:60:00:61:9a:e5:a2:89:fe:b3:bc:80:
5f:50:e9:11:63:ac:70:0e:5a:7c:c4:57:e0:3e:c3:9e:14:b8:
59:e3:8f:64:e3:f4:70:d1:6d:9f:ca:a4:66:d3:62:d3:5f:b5:
0e:67:fb:de:7e:55:d4:c6:74:cc:32:14:54:ae:0f:c8:6d:0a:
cc:87:e5:f0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWS0N1rGnOAZWgibZYJhPt/DqCnQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTcyMDM3MDFaFw0yNTA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ4NTE4ZjlkMTJmZmM2NjVkMmVhMzkwMGNmZjAzMTA1N2VmMWI2MmVjOGIx
MjFmN2RmYzZhOGQyMjA4ZmU5ODExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlEhOLKkVC5km2cAQofh8wbqmQZnO53KxDk3FVHULy4tXaupWRXalqKiW+o
HHH0AD+OA6ei/2Hmpsm8zj+cIh4Nlm0TGy5wMegmlbtJbs1oThQkRNicttWSWfie
xcPnGF0j60pUTGEtV2hODzr+tFducQ/rsshY7vhLy8eWWO0ESZjnm6/SllC4cGxV
9LTvKBfNIWRyTH5wnxxhev1dWmJ/a2p+J7wiOhTWKsEQ/wCgjlUUA4nCYHQd8QfG
RvgAi0MDWRONXuYYoEXFugb9t5f45N06WEZtoeWpC1J95cQushF/YtZU8uN0dCtQ
kBz02m4bPBo8708jUZCbdrZiPYMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT6CoRa
dN+eczG8MG/+lIN8P6qNPTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWNjMzBkMDAtM2IwNC00Nzg0LWJiNDUtYTMxODAxZjE3MDZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G7A
MA0GCSqGSIb3DQEBCwUAA4IBAQCJ8QMldH/bFjmXc1g4I6S3WVti19gpQOxVwDki
YBEhBUOHy5B+LoO6kd5Kxaq7rIYhY3R5rplt4h7Q0ANeBTyECQkVNSd7+dGIOUPD
/IbnITAeTRY5U5RjEHdoQtwJBMsdiEoThJCZR6KehEdIVAgGJdnIwEh3a56V6hsg
3neu2sqjM+h6qDuxfppygFM7mk75LLKVUKUwozYtC0Zp2IJtUuX417o+0ReRtZuW
IiZMLUormHrOBZLqPRxEYABhmuWiif6zvIBfUOkRY6xwDlp8xFfgPsOeFLhZ449k
4/Rw0W2fyqRm02LTX7UOZ/veflXUxnTMMhRUrg/IbQrMh+Xw
-----END CERTIFICATE-----
Generated at Mon May 5 18:42:03 2025 by rpki-client