Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af44b98c-fcdc-4a0d-b9ac-dbcbc7685c49.roa
File: af44b98c-fcdc-4a0d-b9ac-dbcbc7685c49.roa (raw, json)
Hash identifier: Pl2JKTyYAWB4IYVmPMu83l6buHUWe1+/sxewTCO6gio=
Subject key identifier: 68:AF:A9:9A:6A:BF:F0:9F:79:73:D8:38:AA:A8:20:02:5D:4F:60:1C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 218B06FA5F4DEF476AEBC6C0F4544A290C8305D6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af44b98c-fcdc-4a0d-b9ac-dbcbc7685c49.roa
Signing time: Fri 25 Apr 2025 19:10:02 +0000
ROA not before: Fri 25 Apr 2025 19:10:02 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:c0c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:8b:06:fa:5f:4d:ef:47:6a:eb:c6:c0:f4:54:4a:29:0c:83:05:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:10:02 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=f6dbb295c7c218374d7eef552a9ce22b56437bbb1e314087f04caf87c15ca4af, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:7d:e8:92:1c:e9:3d:3a:1b:89:94:1e:7e:cf:
8b:cb:44:aa:e9:f8:d5:b2:cd:70:5e:7a:ea:44:84:
7c:d8:0b:2f:2b:d3:ec:98:10:9c:8c:20:92:30:e5:
a3:96:f5:30:1d:a7:0f:48:4d:41:ea:ae:c2:f3:9c:
02:84:4a:a8:e1:07:91:10:c1:05:0d:bf:e8:ea:e0:
cc:32:19:68:a9:96:f7:bc:5e:6e:7c:b8:77:a4:4d:
9d:23:0b:f7:ec:95:d6:cc:0a:3a:d1:c6:70:90:2a:
3c:4c:43:cd:74:81:0a:4f:8d:73:5d:c8:e2:48:16:
ce:22:8c:3b:05:6e:7d:8d:5d:6b:33:15:e9:2b:87:
49:0f:ac:4a:bd:5f:d3:ee:3c:13:95:7c:ad:eb:31:
21:92:00:c3:bf:6b:40:10:91:86:96:14:12:ea:3f:
3b:d3:95:6b:a1:44:76:0d:35:15:1c:0b:5d:8a:87:
c8:fc:69:f4:71:74:c1:e3:79:9a:77:b1:41:54:4e:
e1:19:46:e1:c8:e4:c6:a9:75:0f:52:0c:37:c7:fa:
73:1c:24:ca:9a:ba:2d:57:29:c0:ea:ac:25:d1:da:
76:b0:da:b0:e0:32:34:94:87:b3:37:51:fe:c5:55:
f7:c8:35:30:0c:69:a7:95:e5:ce:ee:56:01:d9:99:
d2:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:AF:A9:9A:6A:BF:F0:9F:79:73:D8:38:AA:A8:20:02:5D:4F:60:1C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af44b98c-fcdc-4a0d-b9ac-dbcbc7685c49.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:c0c0::/46
Signature Algorithm: sha256WithRSAEncryption
ad:0a:d2:1a:f8:14:db:bb:66:75:74:99:8f:9a:a2:7f:54:35:
fc:3e:f7:4e:bd:cd:1a:6b:c3:b4:4f:29:a9:f7:a7:48:93:7f:
43:a5:86:7f:86:6a:c8:66:9c:0f:54:93:25:05:f3:e5:5d:2c:
a1:a9:b0:d2:de:4f:0f:3c:0f:dc:b3:76:f9:b5:32:89:23:2d:
07:f3:35:17:e7:85:a6:7c:f0:83:2d:35:1f:73:56:f0:77:da:
72:f4:cd:ec:33:d2:a6:a4:14:7a:90:fa:75:26:ce:ff:a8:ad:
f5:38:e3:d6:d6:02:5f:3d:10:31:2d:b6:b2:10:c3:b4:90:de:
67:54:c9:62:cb:4b:91:a9:60:00:e7:49:0d:11:c7:af:3a:5a:
51:82:27:be:13:75:d7:dd:85:4e:40:ed:a3:3c:6d:7e:77:e7:
fb:ff:6a:43:80:09:56:f0:27:1d:84:0d:c3:6a:0d:b1:86:b0:
c8:45:28:a6:30:48:c5:92:a6:2d:1e:36:b0:ee:64:3d:b1:54:
55:13:cb:d6:17:03:21:d5:ce:99:17:ce:57:5d:e3:7a:8c:e1:
c3:74:7d:40:d5:79:0c:c8:da:2f:82:eb:2f:7e:5c:5c:fa:64:
c7:2c:ac:36:01:a8:7e:02:9f:ee:fc:27:0c:73:3c:bf:d3:a2:
ef:5c:a1:3a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIYsG+l9N70dq68bA9FRKKQyDBdYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTEwMDJaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGY2ZGJiMjk1YzdjMjE4Mzc0ZDdlZWY1NTJhOWNlMjJiNTY0MzdiYmIxZTMx
NDA4N2YwNGNhZjg3YzE1Y2E0YWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJd96JIc6T06G4mUHn7Pi8tEqun41bLNcF566kSEfNgLLyvT7JgQnIwgkjDl
o5b1MB2nD0hNQequwvOcAoRKqOEHkRDBBQ2/6OrgzDIZaKmW97xebny4d6RNnSML
9+yV1swKOtHGcJAqPExDzXSBCk+Nc13I4kgWziKMOwVufY1dazMV6SuHSQ+sSr1f
0+48E5V8resxIZIAw79rQBCRhpYUEuo/O9OVa6FEdg01FRwLXYqHyPxp9HF0weN5
mnexQVRO4RlG4cjkxql1D1IMN8f6cxwkypq6LVcpwOqsJdHadrDasOAyNJSHszdR
/sVV98g1MAxpp5Xlzu5WAdmZ0g8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRor6ma
ar/wn3lz2DiqqCACXU9gHDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWY0NGI5OGMtZmNkYy00YTBkLWI5YWMtZGJjYmM3Njg1YzQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DXA
wDANBgkqhkiG9w0BAQsFAAOCAQEArQrSGvgU27tmdXSZj5qif1Q1/D73Tr3NGmvD
tE8pqfenSJN/Q6WGf4ZqyGacD1STJQXz5V0soamw0t5PDzwP3LN2+bUyiSMtB/M1
F+eFpnzwgy01H3NW8HfacvTN7DPSpqQUepD6dSbO/6it9Tjj1tYCXz0QMS22shDD
tJDeZ1TJYstLkalgAOdJDRHHrzpaUYInvhN1192FTkDtozxtfnfn+/9qQ4AJVvAn
HYQNw2oNsYawyEUopjBIxZKmLR42sO5kPbFUVRPL1hcDIdXOmRfOV13jeozhw3R9
QNV5DMjaL4LrL35cXPpkxyysNgGofgKf7vwnDHM8v9Oi71yhOg==
-----END CERTIFICATE-----
Generated at Tue May 6 13:40:34 2025 by rpki-client