Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4acf4ba-05c5-4e0a-9dfd-70cf32218bb4.roa
File: c4acf4ba-05c5-4e0a-9dfd-70cf32218bb4.roa (raw, json)
Hash identifier: 5hgxOX5cNlEAqIhE52a08hPTm5zX3xDkOdZV0hi6NZE=
Subject key identifier: 3A:6E:15:D3:D5:5E:8B:98:16:DA:E6:AB:24:E7:6C:92:65:40:3D:9E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7B7378DF1EBB522D18F526ADE6063A2D584FFB57
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4acf4ba-05c5-4e0a-9dfd-70cf32218bb4.roa
Signing time: Fri 25 Apr 2025 18:30:19 +0000
ROA not before: Fri 25 Apr 2025 18:30:19 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:40e0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 18:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:73:78:df:1e:bb:52:2d:18:f5:26:ad:e6:06:3a:2d:58:4f:fb:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:30:19 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=e26dc905e5937de6277854399ad48fb2822e45d6b737df2d2e69364744108e25, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:13:7f:40:66:95:ea:7b:7f:3d:59:fe:b1:ed:
64:0a:d1:79:4f:b2:b3:e9:9c:89:f9:f0:e1:be:51:
21:7f:66:ef:4e:e3:44:5d:2b:cf:5d:e5:cb:cd:da:
4f:21:c6:38:f6:de:80:ec:f7:3e:aa:15:cd:81:ce:
cf:f9:e1:ee:4a:af:78:b0:dd:20:ae:2b:4e:f5:35:
9e:8c:a4:25:f5:de:08:72:15:84:dc:3f:54:a8:e3:
7c:bc:c0:e8:b4:2e:7d:9f:43:22:14:c9:4d:72:87:
99:05:36:5c:0a:5f:ea:f8:9b:81:f8:62:d2:cd:f2:
f6:35:e3:e8:f4:64:23:9d:5d:57:a3:f2:43:e6:c2:
84:0f:56:e8:fe:a8:d3:14:e2:04:f5:09:7a:68:46:
33:75:a9:1d:81:b3:a7:e4:2c:20:9b:57:36:63:f2:
82:63:9f:1f:ca:7f:e1:a0:dc:64:c2:dc:c0:de:c4:
c0:52:80:ca:87:0e:1d:17:e6:93:81:b0:30:a4:52:
a4:c3:0c:82:c0:0d:cd:59:92:61:aa:72:e0:ad:28:
49:d1:8f:3f:e4:ea:28:20:b3:5a:d1:3b:c4:82:9e:
bb:28:f1:25:f1:cf:0c:26:25:d8:c0:0b:b6:88:bb:
c5:34:b6:8f:1c:e2:81:8a:93:9b:da:cc:a0:66:5c:
5d:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:6E:15:D3:D5:5E:8B:98:16:DA:E6:AB:24:E7:6C:92:65:40:3D:9E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4acf4ba-05c5-4e0a-9dfd-70cf32218bb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:40e0::/48
Signature Algorithm: sha256WithRSAEncryption
c7:e8:6a:2f:99:d8:97:a8:61:0b:9e:58:a4:ab:bf:ec:05:1e:
d1:6d:7c:74:d8:d1:a3:e4:75:9c:d7:54:1f:4a:10:53:8a:7f:
61:a8:dc:ab:a8:33:02:d2:c4:36:ff:45:0f:1c:aa:a6:b1:ea:
06:fb:e2:e0:5a:7d:8d:67:ff:68:b3:ad:05:c0:95:01:d1:57:
6b:8d:ef:1a:07:f0:65:71:9c:e7:77:b6:0e:4f:e1:2a:21:f1:
b6:f3:d8:f0:90:bc:bd:0b:6e:54:e7:21:73:74:3f:c0:38:41:
e0:51:57:d7:dc:97:9f:91:04:31:b0:f5:b5:76:0a:60:bc:60:
6b:2a:d1:81:80:08:66:67:05:f9:62:22:e3:e8:38:5e:3a:25:
d9:2e:3f:92:18:54:47:09:6b:f9:aa:a5:7b:5f:dc:79:f5:ce:
19:13:68:79:ca:42:a6:ce:65:38:48:3e:91:c0:b5:8d:47:68:
1d:8d:66:18:30:24:8d:85:a9:13:27:96:ad:7a:cc:a4:af:82:
c6:40:2c:02:18:c4:db:26:c4:a9:bb:6c:2d:9a:bb:8c:56:4f:
32:5d:b0:3f:a1:fe:c6:98:29:0c:ba:97:a0:9f:b2:d5:a4:10:
4b:10:ce:e7:44:b2:3b:b4:77:d2:67:5c:21:06:5a:ec:6e:37:
fc:af:72:c7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUe3N43x67Ui0Y9Sat5gY6LVhP+1cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODMwMTlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyNmRjOTA1ZTU5MzdkZTYyNzc4NTQzOTlhZDQ4ZmIyODIyZTQ1ZDZiNzM3
ZGYyZDJlNjkzNjQ3NDQxMDhlMjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMITf0Bmlep7fz1Z/rHtZArReU+ys+mcifnw4b5RIX9m707jRF0rz13ly83a
TyHGOPbegOz3PqoVzYHOz/nh7kqveLDdIK4rTvU1noykJfXeCHIVhNw/VKjjfLzA
6LQufZ9DIhTJTXKHmQU2XApf6vibgfhi0s3y9jXj6PRkI51dV6PyQ+bChA9W6P6o
0xTiBPUJemhGM3WpHYGzp+QsIJtXNmPygmOfH8p/4aDcZMLcwN7EwFKAyocOHRfm
k4GwMKRSpMMMgsANzVmSYapy4K0oSdGPP+TqKCCzWtE7xIKeuyjxJfHPDCYl2MAL
toi7xTS2jxzigYqTm9rMoGZcXfECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ6bhXT
1V6LmBba5qsk52ySZUA9njAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzRhY2Y0YmEtMDVjNS00ZTBhLTlkZmQtNzBjZjMyMjE4YmI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
4DANBgkqhkiG9w0BAQsFAAOCAQEAx+hqL5nYl6hhC55YpKu/7AUe0W18dNjRo+R1
nNdUH0oQU4p/Yajcq6gzAtLENv9FDxyqprHqBvvi4Fp9jWf/aLOtBcCVAdFXa43v
GgfwZXGc53e2Dk/hKiHxtvPY8JC8vQtuVOchc3Q/wDhB4FFX19yXn5EEMbD1tXYK
YLxgayrRgYAIZmcF+WIi4+g4Xjol2S4/khhURwlr+aqle1/cefXOGRNoecpCps5l
OEg+kcC1jUdoHY1mGDAkjYWpEyeWrXrMpK+CxkAsAhjE2ybEqbtsLZq7jFZPMl2w
P6H+xpgpDLqXoJ+y1aQQSxDO50SyO7R30mdcIQZa7G43/K9yxw==
-----END CERTIFICATE-----
Generated at Mon May 5 23:29:34 2025 by rpki-client