Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa679cd8-5924-43d7-8928-c65bc2ec3659.roa
File: aa679cd8-5924-43d7-8928-c65bc2ec3659.roa (raw, json)
Hash identifier: 8zseHyodagRu5WgpSEh9OSZdwzy9yBbzRC3NomebYL4=
Subject key identifier: 02:DE:B4:AB:35:46:2C:31:96:D3:B6:66:C9:A2:75:01:DF:D6:C0:82
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4CEFF09DC464454CFCD9C031F7E65DD9F4F9A82D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa679cd8-5924-43d7-8928-c65bc2ec3659.roa
Signing time: Fri 25 Apr 2025 20:01:13 +0000
ROA not before: Fri 25 Apr 2025 20:01:13 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:ef:f0:9d:c4:64:45:4c:fc:d9:c0:31:f7:e6:5d:d9:f4:f9:a8:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:01:13 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=cb359e4ffe9350a23b5cc2311123d81a670336afc495084ff5152a6973007552, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b7:3e:67:04:dc:42:18:6b:58:dc:5f:5b:b7:
b8:eb:b7:82:65:7f:c7:fd:c1:03:3e:ca:3c:f3:63:
8e:d3:80:ca:68:01:ea:8e:c9:9c:44:00:1e:9c:d7:
a9:fc:65:47:74:45:57:88:f6:b7:68:08:d9:f9:e6:
fb:72:eb:38:2f:a1:1e:a3:5e:dd:90:6a:2d:4a:f1:
f1:4d:a3:20:23:32:d8:09:a5:6e:e3:48:b2:60:80:
b1:e9:11:d0:b1:31:6b:d6:be:36:19:9a:24:eb:2b:
a7:6b:76:31:41:c9:12:46:c5:07:f4:09:2a:5b:15:
10:01:70:52:f3:4c:e2:02:21:97:28:64:26:a4:1a:
bd:de:2f:a6:f5:92:c6:a6:4d:2a:c4:e1:e4:c4:2c:
c0:3c:7d:88:a5:c7:ef:08:1a:7c:e1:38:bb:8d:82:
41:a5:e0:e5:77:ab:2a:98:11:29:74:d3:99:d5:86:
30:2a:e4:39:2c:b9:3d:0a:b7:da:5a:b0:71:8b:b2:
74:34:6b:6e:f5:5e:d3:c7:f2:d0:4d:96:24:46:52:
72:6a:d8:6d:1c:84:e9:d5:cc:46:99:29:50:b6:d9:
bb:68:d2:d9:6c:a2:2f:5d:49:d1:99:c1:0c:24:2a:
f3:fd:7b:0c:a1:75:4c:0f:31:6c:39:f2:7f:00:20:
ec:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:DE:B4:AB:35:46:2C:31:96:D3:B6:66:C9:A2:75:01:DF:D6:C0:82
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa679cd8-5924-43d7-8928-c65bc2ec3659.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:c000::/40
Signature Algorithm: sha256WithRSAEncryption
3c:0e:ff:a0:45:ea:9f:49:3f:79:f4:03:9b:e8:03:8c:8f:c1:
7c:54:b4:1f:7b:7d:b5:3c:d5:f3:d6:61:8b:a3:d5:9b:3d:23:
a8:75:14:3c:ba:51:84:80:9c:b3:ff:11:aa:02:da:82:dc:f7:
57:03:a0:2b:85:59:0f:67:ed:bb:33:0f:ee:55:47:84:59:d3:
d8:15:b3:4f:95:49:48:f5:df:bf:c5:3d:7f:8a:4f:2f:45:65:
6a:46:b9:99:ed:d6:93:83:52:22:11:e2:d6:6e:63:6a:ab:2b:
e9:bd:df:79:2f:8b:37:16:d0:3d:7f:e3:b7:4a:fb:d1:5d:c3:
65:38:ba:83:75:86:ad:7e:0a:b9:e0:07:61:e5:57:a2:2d:87:
f8:a9:e2:80:d4:24:78:0f:33:15:8c:03:3c:2d:f9:48:64:3b:
c2:6b:5d:49:df:c1:47:2e:be:cd:85:f7:23:b5:9a:83:c6:f4:
a9:3c:b2:a4:8d:f2:97:bb:66:09:aa:1c:7e:4c:42:56:df:91:
87:86:40:27:c6:cb:b7:c5:7a:74:1c:70:d2:9b:4b:4d:2a:a8:
27:36:59:2e:2d:de:dc:1f:b5:c2:6e:62:20:30:cf:09:38:7d:
10:69:41:39:42:75:2a:d3:26:48:86:97:e9:99:0b:45:90:1a:
06:5a:27:68
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTO/wncRkRUz82cAx9+Zd2fT5qC0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDAxMTNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiMzU5ZTRmZmU5MzUwYTIzYjVjYzIzMTExMjNkODFhNjcwMzM2YWZjNDk1
MDg0ZmY1MTUyYTY5NzMwMDc1NTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALa3PmcE3EIYa1jcX1u3uOu3gmV/x/3BAz7KPPNjjtOAymgB6o7JnEQAHpzX
qfxlR3RFV4j2t2gI2fnm+3LrOC+hHqNe3ZBqLUrx8U2jICMy2AmlbuNIsmCAsekR
0LExa9a+NhmaJOsrp2t2MUHJEkbFB/QJKlsVEAFwUvNM4gIhlyhkJqQavd4vpvWS
xqZNKsTh5MQswDx9iKXH7wgafOE4u42CQaXg5XerKpgRKXTTmdWGMCrkOSy5PQq3
2lqwcYuydDRrbvVe08fy0E2WJEZScmrYbRyE6dXMRpkpULbZu2jS2WyiL11J0ZnB
DCQq8/17DKF1TA8xbDnyfwAg7OECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQC3rSr
NUYsMZbTtmbJonUB39bAgjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWE2NzljZDgtNTkyNC00M2Q3LTg5MjgtYzY1YmMyZWMzNjU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HjA
MA0GCSqGSIb3DQEBCwUAA4IBAQA8Dv+gReqfST959AOb6AOMj8F8VLQfe321PNXz
1mGLo9WbPSOodRQ8ulGEgJyz/xGqAtqC3PdXA6ArhVkPZ+27Mw/uVUeEWdPYFbNP
lUlI9d+/xT1/ik8vRWVqRrmZ7daTg1IiEeLWbmNqqyvpvd95L4s3FtA9f+O3SvvR
XcNlOLqDdYatfgq54Adh5VeiLYf4qeKA1CR4DzMVjAM8LflIZDvCa11J38FHLr7N
hfcjtZqDxvSpPLKkjfKXu2YJqhx+TEJW35GHhkAnxsu3xXp0HHDSm0tNKqgnNlku
Ld7cH7XCbmIgMM8JOH0QaUE5QnUq0yZIhpfpmQtFkBoGWido
-----END CERTIFICATE-----
Generated at Mon May 5 10:34:31 2025 by rpki-client