Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f0b87948-0066-431b-b731-8030cc7f4eef.roa
File: f0b87948-0066-431b-b731-8030cc7f4eef.roa (raw, json)
Hash identifier: /MDArAbSL3L2xXWCy88mD2pgXXJKmcBN2OFdB1CeXOM=
Subject key identifier: 11:9C:93:DE:C2:7A:32:2B:6B:86:A5:72:17:1B:A1:F4:EA:FD:A1:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 643658B3852B447460FFAF92735C7C575B247AD5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f0b87948-0066-431b-b731-8030cc7f4eef.roa
Signing time: Fri 25 Apr 2025 19:21:04 +0000
ROA not before: Fri 25 Apr 2025 19:21:04 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:36:58:b3:85:2b:44:74:60:ff:af:92:73:5c:7c:57:5b:24:7a:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:21:04 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=379b7b23133cb3ada4e4b4d2737e31b0f072ed5c201fd17ea0fe7812470847c7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:2b:f6:b0:6c:7f:88:68:f4:4b:09:c0:20:66:
e1:b4:a2:80:df:92:ac:f2:87:09:24:a6:9b:b7:9c:
d3:f6:e5:af:69:b9:31:49:f9:f1:46:de:70:22:c9:
22:55:c7:13:40:8a:60:0f:c6:79:e8:29:26:7a:c9:
83:b6:b8:81:ef:37:1e:9b:33:d3:68:af:35:eb:11:
24:88:eb:66:18:fa:ab:29:6f:78:ba:b7:e8:ce:14:
ef:77:32:62:a5:71:79:d1:fb:a8:90:45:f4:b9:ed:
f7:98:3f:a3:64:dd:bb:6c:ee:a2:7c:0d:ce:29:4d:
41:f7:26:ac:d7:49:42:b2:f0:7a:cd:6b:f8:45:83:
7b:7e:71:65:05:68:ab:a4:56:db:eb:06:d8:d1:ec:
1d:d0:c3:f3:83:10:58:ac:54:5a:d7:8d:8b:da:8e:
67:ee:8c:bd:1f:f8:ca:5c:41:1a:5b:cf:d7:7d:90:
80:77:82:91:39:f8:7a:25:22:cd:14:e8:64:e5:34:
e2:0d:3c:80:d3:03:4d:82:90:9c:af:fa:a9:0d:b0:
2a:2c:e1:0f:23:7c:fd:ed:ab:83:c8:de:25:27:be:
4f:ea:2f:fd:35:7e:e7:20:d1:7e:9e:9f:86:77:c0:
97:8f:74:b7:43:4d:8d:cd:80:c5:40:4b:54:d0:dc:
28:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:9C:93:DE:C2:7A:32:2B:6B:86:A5:72:17:1B:A1:F4:EA:FD:A1:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f0b87948-0066-431b-b731-8030cc7f4eef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:9000::/40
Signature Algorithm: sha256WithRSAEncryption
ad:f6:77:43:cf:1c:7f:66:5a:d5:06:25:6f:03:93:6a:5f:53:
3c:58:92:38:7f:b5:0a:e9:84:d5:dd:65:d8:ee:40:3f:f5:19:
77:2f:21:d7:2b:85:02:64:b9:d9:3c:40:c3:75:14:26:17:38:
eb:52:2c:2a:17:51:1f:d7:a2:77:c2:15:eb:6c:fc:c3:b0:75:
da:81:f8:77:fa:c7:89:7f:c8:79:d2:c6:33:a8:93:06:d5:6b:
2b:24:ae:2f:74:88:f5:e4:57:c6:07:cd:99:ea:0c:a0:50:9a:
f2:07:4b:4d:f9:2e:e7:70:89:e7:33:2b:7a:a3:2a:19:de:2b:
b2:ba:ac:7a:50:66:83:d8:e4:d3:01:7a:51:09:39:a5:32:31:
24:1b:b8:84:6a:6d:b2:de:b2:bb:ce:f7:ee:b8:45:50:fc:97:
08:ae:ba:d5:fd:b4:ba:fa:2d:20:46:b8:2f:8d:0e:8a:e4:35:
a1:e7:fc:cc:8d:7f:5c:60:ba:b5:15:59:3c:c0:8e:e3:e3:55:
be:f9:4e:08:bf:98:95:bc:09:75:b8:17:a8:fe:4e:da:28:64:
e9:37:79:a1:bf:d5:fd:27:8b:e3:c5:50:d9:6e:d1:4e:04:ad:
20:a7:e0:9e:e1:78:d6:0e:11:17:40:23:21:53:55:18:b3:e2:
05:10:ed:38
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZDZYs4UrRHRg/6+Sc1x8V1sketUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTIxMDRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDM3OWI3YjIzMTMzY2IzYWRhNGU0YjRkMjczN2UzMWIwZjA3MmVkNWMyMDFm
ZDE3ZWEwZmU3ODEyNDcwODQ3YzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKUr9rBsf4ho9EsJwCBm4bSigN+SrPKHCSSmm7ec0/blr2m5MUn58UbecCLJ
IlXHE0CKYA/GeegpJnrJg7a4ge83Hpsz02ivNesRJIjrZhj6qylveLq36M4U73cy
YqVxedH7qJBF9Lnt95g/o2Tdu2zuonwNzilNQfcmrNdJQrLwes1r+EWDe35xZQVo
q6RW2+sG2NHsHdDD84MQWKxUWteNi9qOZ+6MvR/4ylxBGlvP132QgHeCkTn4eiUi
zRToZOU04g08gNMDTYKQnK/6qQ2wKizhDyN8/e2rg8jeJSe+T+ov/TV+5yDRfp6f
hnfAl490t0NNjc2AxUBLVNDcKEMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQRnJPe
wnoyK2uGpXIXG6H06v2haTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjBiODc5NDgtMDA2Ni00MzFiLWI3MzEtODAzMGNjN2Y0ZWVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HeQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCt9ndDzxx/ZlrVBiVvA5NqX1M8WJI4f7UK6YTV
3WXY7kA/9Rl3LyHXK4UCZLnZPEDDdRQmFzjrUiwqF1Ef16J3whXrbPzDsHXagfh3
+seJf8h50sYzqJMG1WsrJK4vdIj15FfGB82Z6gygUJryB0tN+S7ncInnMyt6oyoZ
3iuyuqx6UGaD2OTTAXpRCTmlMjEkG7iEam2y3rK7zvfuuEVQ/JcIrrrV/bS6+i0g
RrgvjQ6K5DWh5/zMjX9cYLq1FVk8wI7j41W++U4Iv5iVvAl1uBeo/k7aKGTpN3mh
v9X9J4vjxVDZbtFOBK0gp+Ce4XjWDhEXQCMhU1UYs+IFEO04
-----END CERTIFICATE-----
Generated at Tue May 6 11:26:10 2025 by rpki-client