Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da8369e9-0146-44b6-865e-0064a4d1ed72.roa
File: da8369e9-0146-44b6-865e-0064a4d1ed72.roa (raw, json)
Hash identifier: ChC42exTbbHxKImsL94MX0eL9gCTGhyHGr2IwOQNHlg=
Subject key identifier: 77:22:69:7C:FE:61:15:12:40:40:25:6E:F8:A8:37:23:3B:1F:B3:FD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1CA6FDDBBDC14ED80906DDA1204673181407DFB7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da8369e9-0146-44b6-865e-0064a4d1ed72.roa
Signing time: Fri 25 Apr 2025 18:51:15 +0000
ROA not before: Fri 25 Apr 2025 18:51:15 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:a6:fd:db:bd:c1:4e:d8:09:06:dd:a1:20:46:73:18:14:07:df:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:51:15 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=3f3d6aeca19789005326e7d26df9bb56bc29c784f74f0b62d68f41dbd78baa56, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f1:81:c2:49:a5:00:e8:75:ff:39:b5:81:8e:
ba:6f:e5:fa:cd:a3:fb:00:20:56:e9:69:b4:98:04:
5f:43:54:c0:5a:ba:f5:1b:97:32:3b:b5:62:52:87:
57:48:50:a8:fb:61:7a:34:49:91:ef:17:7e:18:13:
a1:4d:e1:ab:21:9f:84:1c:13:ab:bb:f4:ee:be:66:
e5:84:3a:22:a1:03:83:8b:ff:67:51:43:78:64:6f:
05:fe:4a:ce:31:91:4b:93:10:2e:5f:7e:bc:18:3f:
3e:31:27:5f:55:f9:10:f0:e4:cf:a0:9c:00:4b:20:
37:79:ed:b4:fc:01:8b:da:43:33:43:37:33:8d:a5:
50:10:78:e0:38:4a:e0:b2:99:cd:7f:1a:ea:61:27:
73:fe:29:02:88:e3:aa:68:3e:96:16:3e:e4:22:f8:
fc:dc:33:6d:43:4c:3f:ff:64:1c:fb:b5:56:05:cb:
47:92:42:8d:f2:90:a7:10:0b:59:bf:4c:a5:90:f6:
70:a3:0e:48:9c:79:2d:af:8b:af:f6:6d:91:ea:a1:
12:ac:77:f8:48:f9:81:9f:81:28:86:db:a1:29:94:
54:4e:9d:38:c7:8f:c9:fa:8a:b0:f3:80:5c:36:b5:
16:58:79:95:97:13:b8:3a:13:b5:be:c7:3e:e2:8d:
60:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:22:69:7C:FE:61:15:12:40:40:25:6E:F8:A8:37:23:3B:1F:B3:FD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da8369e9-0146-44b6-865e-0064a4d1ed72.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:6000::/40
Signature Algorithm: sha256WithRSAEncryption
c9:e0:af:2b:78:db:21:cd:00:c1:b0:57:be:31:b2:8b:f1:57:
19:21:4b:4e:bd:fe:74:0d:6c:e5:09:d0:bc:e0:fa:71:fa:95:
c4:51:d3:28:96:eb:07:fd:3a:36:60:ed:72:b5:91:c8:11:24:
1f:8c:ec:7f:d9:6f:00:7d:56:f5:05:a1:01:7b:93:1c:aa:21:
79:f2:28:db:99:0d:ba:69:c4:19:4c:87:a2:7c:02:1a:04:fd:
8b:60:9d:02:91:2f:35:dd:b4:11:b4:88:ec:82:e5:54:90:37:
d6:15:ad:a3:93:c0:63:f6:24:08:e7:97:d9:33:bd:bc:65:1a:
27:b2:b2:4b:24:b4:31:f3:78:80:99:9d:5a:20:75:16:be:08:
dd:7c:ed:2e:0d:bf:00:eb:7b:21:9b:80:8e:eb:c8:ca:2b:08:
ac:5c:b6:58:c2:0e:12:12:b5:f4:61:a4:06:06:55:6d:bf:cc:
24:2c:ac:8c:48:11:3e:b8:88:95:ae:1c:01:df:46:c0:2d:88:
69:c5:65:09:f7:73:c2:62:ad:4f:7c:8a:b6:1b:7c:4c:c1:36:
f6:94:09:d9:4d:22:a2:d3:89:8f:da:91:d5:bb:05:37:63:76:
59:43:2c:94:25:6b:48:f1:6e:b2:c4:e0:6d:fb:7c:f8:b0:35:
f6:1f:34:00
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHKb9273BTtgJBt2hIEZzGBQH37cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODUxMTVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmM2Q2YWVjYTE5Nzg5MDA1MzI2ZTdkMjZkZjliYjU2YmMyOWM3ODRmNzRm
MGI2MmQ2OGY0MWRiZDc4YmFhNTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3xgcJJpQDodf85tYGOum/l+s2j+wAgVulptJgEX0NUwFq69RuXMju1YlKH
V0hQqPthejRJke8XfhgToU3hqyGfhBwTq7v07r5m5YQ6IqEDg4v/Z1FDeGRvBf5K
zjGRS5MQLl9+vBg/PjEnX1X5EPDkz6CcAEsgN3nttPwBi9pDM0M3M42lUBB44DhK
4LKZzX8a6mEnc/4pAojjqmg+lhY+5CL4/NwzbUNMP/9kHPu1VgXLR5JCjfKQpxAL
Wb9MpZD2cKMOSJx5La+Lr/ZtkeqhEqx3+Ej5gZ+BKIbboSmUVE6dOMePyfqKsPOA
XDa1Flh5lZcTuDoTtb7HPuKNYFUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR3Iml8
/mEVEkBAJW74qDcjOx+z/TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGE4MzY5ZTktMDE0Ni00NGI2LTg2NWUtMDA2NGE0ZDFlZDcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DFg
MA0GCSqGSIb3DQEBCwUAA4IBAQDJ4K8reNshzQDBsFe+MbKL8VcZIUtOvf50DWzl
CdC84Ppx+pXEUdMolusH/To2YO1ytZHIESQfjOx/2W8AfVb1BaEBe5McqiF58ijb
mQ26acQZTIeifAIaBP2LYJ0CkS813bQRtIjsguVUkDfWFa2jk8Bj9iQI55fZM728
ZRonsrJLJLQx83iAmZ1aIHUWvgjdfO0uDb8A63shm4CO68jKKwisXLZYwg4SErX0
YaQGBlVtv8wkLKyMSBE+uIiVrhwB30bALYhpxWUJ93PCYq1PfIq2G3xMwTb2lAnZ
TSKi04mP2pHVuwU3Y3ZZQyyUJWtI8W6yxOBt+3z4sDX2HzQA
-----END CERTIFICATE-----
Generated at Mon May 5 05:54:22 2025 by rpki-client