Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf78b714-ce6c-4a9d-a72e-d30a3470f002.roa
File: cf78b714-ce6c-4a9d-a72e-d30a3470f002.roa (raw, json)
Hash identifier: 0tfy6mx1Cw8kBwx2oFWDPFMJUa/+shAm+WsrMu4GA9U=
Subject key identifier: 8B:B7:97:41:EC:A4:5E:92:A9:E1:B9:AB:E5:09:35:F5:93:F9:C0:C9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 428DADBE681C66C4DFB8FEE88A44237F5413D224
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf78b714-ce6c-4a9d-a72e-d30a3470f002.roa
Signing time: Fri 18 Apr 2025 18:30:17 +0000
ROA not before: Fri 18 Apr 2025 18:30:17 +0000
ROA not after: Fri 23 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:5000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:8d:ad:be:68:1c:66:c4:df:b8:fe:e8:8a:44:23:7f:54:13:d2:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 18 18:30:17 2025 GMT
Not After : May 23 23:59:59 2025 GMT
Subject: serialNumber=8c1aa4026d9f26c4e79bfb302d4dcd920c45b4770910027d6a5e8f70b14f2806, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:6b:54:34:3f:ec:53:93:96:04:4a:3a:22:d0:
01:6b:68:9c:23:4f:24:f6:36:69:28:58:83:f2:d6:
38:c8:f0:89:df:51:52:14:a6:41:9a:49:73:a0:29:
2d:bc:0f:14:ca:bf:f3:e8:cf:21:ce:a1:78:38:02:
01:df:79:c2:92:2f:84:8b:7d:b1:a2:c6:e3:d2:56:
8b:98:fc:a4:42:06:09:b4:29:ef:8d:29:7c:af:ae:
f1:b2:4d:fc:61:89:dc:38:44:d7:ea:a1:a3:52:3f:
dc:8f:26:44:ca:11:a8:84:b3:50:57:36:ad:60:e9:
68:f2:5a:8b:02:54:33:06:80:66:f7:2c:08:ee:7b:
98:76:bf:cb:30:be:f4:e8:9e:15:69:24:73:bc:6f:
4d:84:47:43:0b:d4:c9:fb:69:a1:7c:3a:f3:69:a5:
bf:99:d5:b1:dc:fe:b3:dd:d0:84:08:58:e6:f7:e1:
7b:b9:05:33:e9:9b:10:bc:f1:2c:3e:15:73:5c:fe:
02:75:47:80:f2:d1:65:f4:14:c5:f9:ee:ef:d4:5c:
28:bc:4e:ee:f3:a3:8c:a1:38:d5:eb:b6:da:4e:73:
cb:8e:4b:4a:ec:d8:bc:3e:d3:13:23:76:7b:a1:23:
8e:fe:65:5b:f6:84:2e:17:09:43:d4:5e:bf:77:e6:
91:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:B7:97:41:EC:A4:5E:92:A9:E1:B9:AB:E5:09:35:F5:93:F9:C0:C9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf78b714-ce6c-4a9d-a72e-d30a3470f002.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:5000::/48
Signature Algorithm: sha256WithRSAEncryption
af:b0:69:dc:ec:66:5f:a4:e7:46:f5:11:a4:08:13:02:c0:30:
da:07:e9:53:a2:e6:3b:dd:5c:70:84:b6:60:c8:52:02:e7:55:
49:4e:43:51:3b:65:28:0c:1b:6e:a3:7a:77:21:48:a3:9d:28:
8f:ae:5c:a8:70:be:6c:17:6c:a3:b5:66:28:08:cc:ba:f1:52:
42:99:5b:10:20:be:b3:6b:03:39:e9:6c:bb:a5:0a:dd:20:ff:
08:09:48:1f:77:b3:0c:98:80:0d:45:9e:16:df:7a:56:be:ec:
93:5d:71:9b:89:40:20:be:a4:b0:41:ef:61:24:ef:e0:de:8c:
d1:31:86:18:d2:b2:15:e4:b6:9f:e0:3b:73:2a:48:c1:37:dc:
51:2e:0d:ed:f6:80:8e:31:b0:e6:ce:4d:45:3e:a5:21:11:04:
01:45:81:42:8b:fe:1c:35:5b:e1:c4:92:c0:ca:63:7a:3a:c3:
74:02:4e:ec:47:d4:72:14:ae:34:e0:99:c0:44:6d:c3:c0:e5:
f1:f7:d6:7c:79:a6:52:be:98:c6:1c:67:33:57:08:29:c7:e9:
6f:ce:95:47:58:c4:a3:4c:50:80:53:0f:e2:15:8e:5e:6a:52:
c8:f7:be:45:34:e7:21:ca:f9:d4:9c:1b:c1:b8:9f:03:38:d1:
31:88:d1:ac
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQo2tvmgcZsTfuP7oikQjf1QT0iQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTgxODMwMTdaFw0yNTA1MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDhjMWFhNDAyNmQ5ZjI2YzRlNzliZmIzMDJkNGRjZDkyMGM0NWI0NzcwOTEw
MDI3ZDZhNWU4ZjcwYjE0ZjI4MDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMxrVDQ/7FOTlgRKOiLQAWtonCNPJPY2aShYg/LWOMjwid9RUhSmQZpJc6Ap
LbwPFMq/8+jPIc6heDgCAd95wpIvhIt9saLG49JWi5j8pEIGCbQp740pfK+u8bJN
/GGJ3DhE1+qho1I/3I8mRMoRqISzUFc2rWDpaPJaiwJUMwaAZvcsCO57mHa/yzC+
9OieFWkkc7xvTYRHQwvUyftpoXw682mlv5nVsdz+s93QhAhY5vfhe7kFM+mbELzx
LD4Vc1z+AnVHgPLRZfQUxfnu79RcKLxO7vOjjKE41eu22k5zy45LSuzYvD7TEyN2
e6Ejjv5lW/aELhcJQ9Rev3fmkcsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSLt5dB
7KRekqnhuavlCTX1k/nAyTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2Y3OGI3MTQtY2U2Yy00YTlkLWE3MmUtZDMwYTM0NzBmMDAyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HZQ
ADANBgkqhkiG9w0BAQsFAAOCAQEAr7Bp3OxmX6TnRvURpAgTAsAw2gfpU6LmO91c
cIS2YMhSAudVSU5DUTtlKAwbbqN6dyFIo50oj65cqHC+bBdso7VmKAjMuvFSQplb
ECC+s2sDOelsu6UK3SD/CAlIH3ezDJiADUWeFt96Vr7sk11xm4lAIL6ksEHvYSTv
4N6M0TGGGNKyFeS2n+A7cypIwTfcUS4N7faAjjGw5s5NRT6lIREEAUWBQov+HDVb
4cSSwMpjejrDdAJO7EfUchSuNOCZwERtw8Dl8ffWfHmmUr6YxhxnM1cIKcfpb86V
R1jEo0xQgFMP4hWOXmpSyPe+RTTnIcr51JwbwbifAzjRMYjRrA==
-----END CERTIFICATE-----
Generated at Wed May 7 12:10:49 2025 by rpki-client