Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d030354-5f4d-47d4-9f96-310c9a509d02.roa
File: 9d030354-5f4d-47d4-9f96-310c9a509d02.roa (raw, json)
Hash identifier: imWFt1Y6C7xbrkQTeudoTL5D5HJc2Bs0PLyCtmYytDU=
Subject key identifier: 1C:B0:11:86:FF:14:33:DF:0D:A7:AE:A3:CA:B3:90:F8:21:D8:D7:30
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6BB058736706DF693B7350534CDC5F130D12F05D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d030354-5f4d-47d4-9f96-310c9a509d02.roa
Signing time: Mon 21 Apr 2025 18:40:39 +0000
ROA not before: Mon 21 Apr 2025 18:40:39 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:b0:58:73:67:06:df:69:3b:73:50:53:4c:dc:5f:13:0d:12:f0:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 21 18:40:39 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=31e7f6fe1d225a671e0c64f4dff86b0a45efd99264f6f8c0316cc10aa25b3b6f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ba:30:b6:bf:19:5f:61:16:a1:a1:47:e2:48:
2d:3e:a6:63:28:c4:6a:ed:66:15:05:f5:e8:ae:d2:
0a:95:b9:f8:9d:d0:aa:78:37:16:f5:9f:53:c5:d8:
6c:4c:01:f5:76:69:f8:d1:ac:67:c1:7b:4b:00:8b:
3e:da:86:4e:9f:b0:23:31:13:df:6a:c7:9d:46:fa:
2e:5e:50:69:ad:be:36:0e:7f:93:de:41:29:1f:61:
d6:96:12:b7:3a:b2:7f:3f:e1:4a:ce:42:71:7f:7a:
e7:9b:81:19:1f:ca:a5:c4:6b:b5:f9:fa:a0:a3:61:
f6:90:98:da:84:4b:ec:65:f9:33:9e:99:93:65:a7:
e6:89:ac:4a:cb:5d:2c:d7:07:38:9e:df:29:5a:be:
14:a3:f8:eb:d1:16:2e:5a:b1:a0:7f:6c:5d:f4:42:
2c:74:64:61:8d:86:6b:7a:c5:b6:c2:79:cb:06:f6:
93:e1:20:fd:f4:c9:e6:07:7f:d1:41:0a:78:8f:ae:
9f:71:17:27:1b:44:42:d2:1b:1e:8c:da:b7:44:85:
74:33:0d:bd:da:09:88:e4:73:0b:07:1e:25:a3:98:
95:5c:29:e3:f5:93:ac:cb:3e:ab:d9:1a:08:02:8e:
33:96:76:ca:9c:0c:29:4b:fc:f7:31:2c:58:03:ad:
d8:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:B0:11:86:FF:14:33:DF:0D:A7:AE:A3:CA:B3:90:F8:21:D8:D7:30
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d030354-5f4d-47d4-9f96-310c9a509d02.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:800::/40
Signature Algorithm: sha256WithRSAEncryption
9b:ef:00:77:04:40:de:31:24:86:2b:6f:38:32:35:ef:15:ce:
9d:bb:80:1e:cd:ba:84:46:a4:72:0e:9e:af:2d:00:8f:8c:a4:
50:3c:d5:45:c5:b2:f9:82:4d:63:de:d2:05:f6:94:b2:23:06:
c0:1c:81:54:ba:96:e0:b9:8b:98:dc:37:28:f7:65:5e:19:96:
c2:ef:1e:67:8a:80:a4:2a:61:fa:42:8e:03:7c:08:67:06:20:
6e:84:f0:26:3e:bf:e8:3e:8f:e8:df:b3:32:e2:f2:d8:48:78:
15:2a:f6:49:0a:a2:67:e7:2a:ff:51:40:a0:42:85:f3:20:76:
61:93:09:71:85:3f:d6:7b:af:c6:4f:42:85:df:52:94:eb:07:
03:ab:80:4f:70:54:5a:83:c2:f6:41:82:e4:2c:02:af:3a:7f:
1a:90:02:f8:2f:99:3f:06:4d:01:c1:98:34:2c:8a:d5:86:39:
01:ac:83:f0:a3:a4:42:59:e6:6c:d0:ee:5d:2d:b8:15:be:45:
4d:b6:c6:af:38:81:d7:0b:8b:21:45:8f:9c:04:e5:be:1c:db:
9d:78:4f:b4:01:e1:bf:19:9e:fb:c9:4f:c9:82:62:a8:c5:9e:
4d:49:88:d1:c2:d6:27:20:26:6d:d0:d8:e4:b2:f2:38:48:35:
e0:66:53:db
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUa7BYc2cG32k7c1BTTNxfEw0S8F0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjExODQwMzlaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxZTdmNmZlMWQyMjVhNjcxZTBjNjRmNGRmZjg2YjBhNDVlZmQ5OTI2NGY2
ZjhjMDMxNmNjMTBhYTI1YjNiNmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJC6MLa/GV9hFqGhR+JILT6mYyjEau1mFQX16K7SCpW5+J3Qqng3FvWfU8XY
bEwB9XZp+NGsZ8F7SwCLPtqGTp+wIzET32rHnUb6Ll5Qaa2+Ng5/k95BKR9h1pYS
tzqyfz/hSs5CcX9655uBGR/KpcRrtfn6oKNh9pCY2oRL7GX5M56Zk2Wn5omsSstd
LNcHOJ7fKVq+FKP469EWLlqxoH9sXfRCLHRkYY2Ga3rFtsJ5ywb2k+Eg/fTJ5gd/
0UEKeI+un3EXJxtEQtIbHozat0SFdDMNvdoJiORzCwceJaOYlVwp4/WTrMs+q9ka
CAKOM5Z2ypwMKUv89zEsWAOt2GMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQcsBGG
/xQz3w2nrqPKs5D4IdjXMDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWQwMzAzNTQtNWY0ZC00N2Q0LTlmOTYtMzEwYzlhNTA5ZDAyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0AAI
MA0GCSqGSIb3DQEBCwUAA4IBAQCb7wB3BEDeMSSGK284MjXvFc6du4AezbqERqRy
Dp6vLQCPjKRQPNVFxbL5gk1j3tIF9pSyIwbAHIFUupbguYuY3Dco92VeGZbC7x5n
ioCkKmH6Qo4DfAhnBiBuhPAmPr/oPo/o37My4vLYSHgVKvZJCqJn5yr/UUCgQoXz
IHZhkwlxhT/We6/GT0KF31KU6wcDq4BPcFRag8L2QYLkLAKvOn8akAL4L5k/Bk0B
wZg0LIrVhjkBrIPwo6RCWeZs0O5dLbgVvkVNtsavOIHXC4shRY+cBOW+HNudeE+0
AeG/GZ77yU/JgmKoxZ5NSYjRwtYnICZt0NjksvI4SDXgZlPb
-----END CERTIFICATE-----
Generated at Mon May 5 10:50:35 2025 by rpki-client