Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be609ec8-2ad0-42f7-9159-0a3ece35241f.roa
File: be609ec8-2ad0-42f7-9159-0a3ece35241f.roa (raw, json)
Hash identifier: 9++uORpni4ck+I5IFTF5CIgvgj4zrmh916Y1ZhtESCM=
Subject key identifier: 03:B4:04:7B:06:EE:51:52:C9:ED:74:AF:88:BC:E4:98:27:B6:B3:A6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1A82E06543F9CF2145598CCEB804992CDA4F6C0D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be609ec8-2ad0-42f7-9159-0a3ece35241f.roa
Signing time: Mon 21 Apr 2025 18:40:10 +0000
ROA not before: Mon 21 Apr 2025 18:40:10 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:82:e0:65:43:f9:cf:21:45:59:8c:ce:b8:04:99:2c:da:4f:6c:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 21 18:40:10 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=b6409c6db26d6cad4347746a6e91151b22d5bb12cec542b4c113833c0cbe46f2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:bb:db:1b:dc:c8:3a:83:9a:f6:63:05:75:3c:
aa:7a:cc:ff:58:9f:29:89:a2:8e:47:b3:b4:97:19:
14:98:33:5e:c1:7b:c3:be:ee:ce:fa:b0:3d:6c:60:
c3:dd:74:78:6c:19:02:fd:a0:37:f7:a4:df:8e:d9:
b8:67:eb:11:9b:28:75:f7:28:65:76:23:c7:d2:88:
92:3d:b0:62:f0:2b:0a:c6:5c:83:c1:81:b9:01:bf:
0d:8a:88:69:13:cd:d2:a4:4f:d2:7d:97:1b:c1:49:
f5:fc:46:26:67:6b:1f:a2:8a:6c:69:5d:23:61:f2:
17:74:83:b2:23:40:de:6a:aa:68:a8:c2:11:f8:16:
04:91:03:a7:20:8d:d1:7d:c2:b6:a2:aa:83:c1:16:
f6:ea:58:b6:34:a0:cb:dd:1f:73:5f:96:a9:56:83:
0d:dc:8b:07:6d:72:b3:8c:4b:e5:76:ac:e1:5b:46:
c2:bc:76:4d:01:e9:3f:39:e8:0b:2f:08:c5:b3:35:
4e:d4:27:90:15:81:ee:1b:7b:6d:b7:d8:08:97:ed:
1e:50:4e:71:e3:0f:48:70:cc:05:5d:d3:e2:14:bd:
fe:a0:6c:d7:14:fe:20:83:c3:c9:63:33:8e:4e:60:
c6:62:2e:74:0d:a5:12:36:62:97:60:bc:e4:ac:00:
40:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:B4:04:7B:06:EE:51:52:C9:ED:74:AF:88:BC:E4:98:27:B6:B3:A6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be609ec8-2ad0-42f7-9159-0a3ece35241f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:800::/40
Signature Algorithm: sha256WithRSAEncryption
46:2b:7c:f6:34:bd:66:fe:e8:9c:38:7d:d1:3c:4c:63:df:32:
8c:b2:e7:a8:6a:e6:b8:c5:f6:3a:b5:30:34:82:36:8e:79:6a:
04:da:58:ce:04:df:eb:ad:33:6e:ad:de:ed:02:ae:10:b1:1e:
18:f7:6b:36:7c:f8:6c:bc:a8:02:61:97:66:65:4c:f4:fc:0f:
4c:cb:f4:92:d9:3a:1a:ba:1a:eb:68:93:dd:ff:ad:3e:84:bc:
6d:25:ce:80:dc:62:ec:fe:8b:c9:ea:61:26:a5:e8:3e:96:23:
6c:3c:57:33:49:7c:2b:bf:33:db:47:a4:87:3f:0d:21:62:26:
12:cf:71:57:46:a0:49:92:3b:06:a4:65:a8:04:e0:15:fa:cf:
67:96:7f:82:07:a6:e9:89:34:f2:2c:ff:f3:88:6c:6f:a7:00:
5a:5d:71:87:4d:fc:9f:35:39:76:16:02:e3:70:61:ae:da:de:
e1:1e:6a:f5:7f:3b:b1:51:31:89:b6:04:d6:4d:09:1b:91:e1:
40:1c:71:52:ca:3d:78:f9:a8:46:af:7e:a0:20:37:67:ea:33:
35:5f:52:03:72:c6:4b:ac:2d:3c:37:37:bd:2b:c9:98:be:be:
a0:a3:64:6c:17:ba:2a:8c:3d:45:ac:23:b9:3a:5f:4b:8e:c6:
d7:b5:a0:fa
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGoLgZUP5zyFFWYzOuASZLNpPbA0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjExODQwMTBaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGI2NDA5YzZkYjI2ZDZjYWQ0MzQ3NzQ2YTZlOTExNTFiMjJkNWJiMTJjZWM1
NDJiNGMxMTM4MzNjMGNiZTQ2ZjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMO72xvcyDqDmvZjBXU8qnrM/1ifKYmijkeztJcZFJgzXsF7w77uzvqwPWxg
w910eGwZAv2gN/ek347ZuGfrEZsodfcoZXYjx9KIkj2wYvArCsZcg8GBuQG/DYqI
aRPN0qRP0n2XG8FJ9fxGJmdrH6KKbGldI2HyF3SDsiNA3mqqaKjCEfgWBJEDpyCN
0X3CtqKqg8EW9upYtjSgy90fc1+WqVaDDdyLB21ys4xL5Xas4VtGwrx2TQHpPzno
Cy8IxbM1TtQnkBWB7ht7bbfYCJftHlBOceMPSHDMBV3T4hS9/qBs1xT+IIPDyWMz
jk5gxmIudA2lEjZil2C85KwAQMMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQDtAR7
Bu5RUsntdK+IvOSYJ7azpjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmU2MDllYzgtMmFkMC00MmY3LTkxNTktMGEzZWNlMzUyNDFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FAI
MA0GCSqGSIb3DQEBCwUAA4IBAQBGK3z2NL1m/uicOH3RPExj3zKMsueoaua4xfY6
tTA0gjaOeWoE2ljOBN/rrTNurd7tAq4QsR4Y92s2fPhsvKgCYZdmZUz0/A9My/SS
2ToauhrraJPd/60+hLxtJc6A3GLs/ovJ6mEmpeg+liNsPFczSXwrvzPbR6SHPw0h
YiYSz3FXRqBJkjsGpGWoBOAV+s9nln+CB6bpiTTyLP/ziGxvpwBaXXGHTfyfNTl2
FgLjcGGu2t7hHmr1fzuxUTGJtgTWTQkbkeFAHHFSyj14+ahGr36gIDdn6jM1X1ID
csZLrC08Nze9K8mYvr6go2RsF7oqjD1FrCO5Ol9LjsbXtaD6
-----END CERTIFICATE-----
Generated at Mon May 5 18:42:27 2025 by rpki-client