Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3515426-a058-439f-a8fc-e68eaafc8806.roa
File: b3515426-a058-439f-a8fc-e68eaafc8806.roa (raw, json)
Hash identifier: Q31ARQezKRFcPDKvvdZc8uJ8QptXqcE4GDy7jtotJkY=
Subject key identifier: F8:68:73:D9:D2:86:16:C0:D3:C8:5E:C6:45:1C:9F:F8:10:8D:21:E5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6B0876EC9C8EDB511E13FD9A39077EA0F56A5CB9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3515426-a058-439f-a8fc-e68eaafc8806.roa
Signing time: Mon 28 Apr 2025 15:40:07 +0000
ROA not before: Mon 28 Apr 2025 15:40:07 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:08:76:ec:9c:8e:db:51:1e:13:fd:9a:39:07:7e:a0:f5:6a:5c:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 28 15:40:07 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=661f3b7e2cf5bed0a1149670b5e57aef2ddac79084b7650f2ba2e2e9851d503b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c2:8f:ec:10:04:d5:b9:96:b2:17:da:1a:cb:
25:2c:3d:56:70:61:a9:6d:34:07:5b:b5:0c:f3:6a:
f2:55:fb:fc:0d:f8:9a:ef:55:d6:11:cc:09:22:81:
93:8b:4f:d4:cd:64:94:52:ed:75:43:49:57:23:19:
29:89:5a:74:49:7c:dd:f5:fd:5e:18:a8:ef:f3:98:
54:1b:a1:8d:e9:25:c5:26:73:74:4a:e7:d1:c5:78:
3c:05:b3:52:8e:c5:8f:36:d7:e5:55:24:74:72:49:
65:df:6a:78:d7:ce:3f:44:b8:61:44:43:c0:ae:de:
ad:fb:71:e6:26:0c:8f:b5:a6:05:6f:52:2f:d1:4c:
50:0b:fa:5a:e8:61:18:2c:07:a4:eb:26:5f:ba:57:
35:e7:fe:6c:67:4d:71:92:fc:db:94:81:cc:b4:00:
d2:c6:06:ab:3f:c8:75:a3:0b:72:8c:ea:fb:97:11:
27:7c:27:58:56:f4:fc:41:b3:bb:56:f4:3c:ec:f1:
c9:bc:28:1c:9f:60:30:6b:4a:85:53:15:a5:00:32:
9c:f2:83:6d:c4:31:37:b4:74:e6:4b:69:8a:9f:09:
b0:07:18:bf:f1:8b:aa:55:29:38:09:9a:7c:33:25:
b9:ac:e5:a7:f4:d4:fa:e3:42:80:83:db:ad:b1:16:
9f:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:68:73:D9:D2:86:16:C0:D3:C8:5E:C6:45:1C:9F:F8:10:8D:21:E5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3515426-a058-439f-a8fc-e68eaafc8806.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:8000::/40
Signature Algorithm: sha256WithRSAEncryption
aa:60:36:b5:fc:7f:c8:56:8e:a9:39:4a:47:33:0d:22:04:4f:
26:c5:f3:30:05:ae:48:4b:18:fa:c4:49:d5:60:23:df:37:1a:
7c:87:d5:f5:a6:98:47:20:d1:5e:f0:97:05:14:69:34:0b:fc:
39:de:73:7c:88:b3:b1:81:45:3c:e4:00:32:ca:ed:43:f0:16:
d8:56:04:44:f3:d3:d1:c0:ce:54:1e:dd:f8:8c:1b:22:d6:40:
06:15:85:99:f4:63:1c:3f:e5:c8:3f:4d:a1:10:94:f3:59:bf:
d9:05:3e:38:78:6f:c8:4c:94:85:be:fe:64:b7:84:cf:b7:6e:
68:62:e4:8e:e0:a5:33:0d:bc:38:22:51:61:c8:2e:af:56:3b:
38:67:44:1e:9d:09:16:e6:3c:f7:4c:99:3f:3a:9b:a6:87:a5:
50:cb:d3:2a:a7:c3:e2:78:e1:37:14:05:bf:e2:bf:ec:9d:e7:
3c:11:23:ca:aa:79:54:4e:a9:17:84:d0:41:0d:0e:35:87:de:
f1:76:eb:ff:e3:73:e8:a0:1c:bc:a3:56:7d:ff:e9:b9:f8:2c:
2e:ad:15:d2:27:0f:a2:89:7a:33:d3:aa:f3:d3:b7:5f:f2:bd:
fe:21:7c:80:ed:47:d4:41:59:73:6e:fb:9f:12:de:fa:c1:e6:
d8:d4:ef:57
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUawh27JyO21EeE/2aOQd+oPVqXLkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjgxNTQwMDdaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDY2MWYzYjdlMmNmNWJlZDBhMTE0OTY3MGI1ZTU3YWVmMmRkYWM3OTA4NGI3
NjUwZjJiYTJlMmU5ODUxZDUwM2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALzCj+wQBNW5lrIX2hrLJSw9VnBhqW00B1u1DPNq8lX7/A34mu9V1hHMCSKB
k4tP1M1klFLtdUNJVyMZKYladEl83fX9Xhio7/OYVBuhjeklxSZzdErn0cV4PAWz
Uo7FjzbX5VUkdHJJZd9qeNfOP0S4YURDwK7erftx5iYMj7WmBW9SL9FMUAv6Wuhh
GCwHpOsmX7pXNef+bGdNcZL825SBzLQA0sYGqz/IdaMLcozq+5cRJ3wnWFb0/EGz
u1b0POzxybwoHJ9gMGtKhVMVpQAynPKDbcQxN7R05ktpip8JsAcYv/GLqlUpOAma
fDMluazlp/TU+uNCgIPbrbEWn7MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT4aHPZ
0oYWwNPIXsZFHJ/4EI0h5TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjM1MTU0MjYtYTA1OC00MzlmLWE4ZmMtZTY4ZWFhZmM4ODA2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+A
MA0GCSqGSIb3DQEBCwUAA4IBAQCqYDa1/H/IVo6pOUpHMw0iBE8mxfMwBa5ISxj6
xEnVYCPfNxp8h9X1pphHINFe8JcFFGk0C/w53nN8iLOxgUU85AAyyu1D8BbYVgRE
89PRwM5UHt34jBsi1kAGFYWZ9GMcP+XIP02hEJTzWb/ZBT44eG/ITJSFvv5kt4TP
t25oYuSO4KUzDbw4IlFhyC6vVjs4Z0QenQkW5jz3TJk/Opumh6VQy9Mqp8PieOE3
FAW/4r/snec8ESPKqnlUTqkXhNBBDQ41h97xduv/43PooBy8o1Z9/+m5+CwurRXS
Jw+iiXoz06rz07df8r3+IXyA7UfUQVlzbvufEt76webY1O9X
-----END CERTIFICATE-----
Generated at Tue May 6 13:40:30 2025 by rpki-client