Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9753974-947c-42c4-885b-aa94c43c56a0.roa
File: f9753974-947c-42c4-885b-aa94c43c56a0.roa (raw, json)
Hash identifier: Eb0OIy5pkKljAE/i/nJQCNWc7yRIQz9R/ecEPwScshc=
Subject key identifier: 10:EE:BC:48:5B:7D:51:7D:E9:1C:82:DB:04:C9:76:7B:6F:A2:FA:2E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0AA1A7A14E2E680978593692EB2184C9E112CD10
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9753974-947c-42c4-885b-aa94c43c56a0.roa
Signing time: Fri 25 Apr 2025 18:11:04 +0000
ROA not before: Fri 25 Apr 2025 18:11:04 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:a1:a7:a1:4e:2e:68:09:78:59:36:92:eb:21:84:c9:e1:12:cd:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:11:04 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=556ef204e3036126f735a9025581a0a791251ee66ddd7b964bbd5b6909e29b57, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:de:12:07:a5:02:17:f2:f2:cd:5d:1c:be:9c:
68:dc:19:81:51:80:9b:8f:a3:e0:68:fa:d7:f6:71:
36:71:bb:2f:b1:25:72:a8:8e:d6:42:c4:97:93:99:
19:99:00:df:53:a0:38:e6:f2:62:9b:7b:3b:2a:14:
51:7d:54:c2:d8:45:e6:07:68:cf:a0:4e:6b:34:f6:
01:8e:14:57:01:22:0c:22:2b:1b:8b:68:8e:05:b4:
6e:53:54:c1:6e:13:60:3a:4f:d3:c8:56:41:3b:f0:
97:a9:2e:16:19:50:ed:8b:68:e8:86:c6:c6:63:ce:
5b:9f:ce:66:16:b4:1f:9a:f5:73:7b:b3:ba:1e:a4:
cf:59:35:35:35:bf:fa:74:c0:95:e9:43:c1:b1:6b:
65:a6:e8:87:80:0b:8d:6e:fb:5b:a4:56:36:2e:f2:
a9:fb:66:e3:c9:00:e7:88:a1:72:37:02:3a:49:54:
e4:a3:8b:71:ca:03:fe:8d:7a:99:24:05:62:f5:9f:
4e:8c:45:be:ee:fe:ac:59:12:3a:77:16:b9:25:c5:
d0:e1:9f:21:c5:e6:a3:7d:47:c0:9d:93:f1:ef:d8:
3e:49:9c:ef:46:2e:c5:03:36:5a:94:93:68:34:32:
00:e5:fd:a7:19:3d:de:a9:56:81:74:e8:9f:ab:67:
40:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:EE:BC:48:5B:7D:51:7D:E9:1C:82:DB:04:C9:76:7B:6F:A2:FA:2E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9753974-947c-42c4-885b-aa94c43c56a0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a0c0::/48
Signature Algorithm: sha256WithRSAEncryption
54:32:57:d1:a3:5d:5d:f0:ee:a9:65:47:57:d7:ab:a8:43:1d:
48:d3:c3:84:a6:73:60:fb:f5:36:03:1f:be:8a:04:53:7a:c0:
fd:56:a7:bb:5d:54:d7:25:6b:3c:91:0e:ab:47:d7:9f:2e:00:
e2:80:11:0f:d4:14:38:e7:44:68:7a:8f:4a:22:bd:de:71:e2:
7e:40:6e:c9:66:e4:6e:33:8d:cb:4a:6d:00:7c:31:6e:dd:76:
99:91:c5:e3:f9:51:05:51:00:b9:07:2d:80:31:09:22:9d:ad:
38:32:42:59:7d:ea:09:d5:be:6b:9e:e1:6e:15:76:02:3a:47:
1c:5f:00:69:2e:99:68:db:e3:20:c5:61:7e:a2:4b:b9:df:36:
b8:9d:54:8a:84:07:0a:46:e2:77:15:03:cb:6e:21:2b:a9:b8:
18:ae:10:36:50:bc:16:66:b8:1f:fb:70:b2:a8:8c:a8:76:30:
fb:6e:5e:8d:10:04:fb:ba:26:30:eb:0e:af:b9:d0:db:b0:05:
bc:1c:89:79:cb:d2:9d:00:ae:6a:85:e5:58:d1:23:8d:c8:36:
90:b1:41:5e:71:ee:4d:c1:df:49:58:87:d8:a5:82:7a:52:23:
95:61:ff:39:17:31:83:38:1a:80:d6:8e:0b:48:82:ae:ea:c2:
a4:cf:b8:a5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUCqGnoU4uaAl4WTaS6yGEyeESzRAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODExMDRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDU1NmVmMjA0ZTMwMzYxMjZmNzM1YTkwMjU1ODFhMGE3OTEyNTFlZTY2ZGRk
N2I5NjRiYmQ1YjY5MDllMjliNTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALXeEgelAhfy8s1dHL6caNwZgVGAm4+j4Gj61/ZxNnG7L7ElcqiO1kLEl5OZ
GZkA31OgOObyYpt7OyoUUX1UwthF5gdoz6BOazT2AY4UVwEiDCIrG4tojgW0blNU
wW4TYDpP08hWQTvwl6kuFhlQ7Yto6IbGxmPOW5/OZha0H5r1c3uzuh6kz1k1NTW/
+nTAlelDwbFrZaboh4ALjW77W6RWNi7yqftm48kA54ihcjcCOklU5KOLccoD/o16
mSQFYvWfToxFvu7+rFkSOncWuSXF0OGfIcXmo31HwJ2T8e/YPkmc70YuxQM2WpST
aDQyAOX9pxk93qlWgXTon6tnQOkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQQ7rxI
W31RfekcgtsEyXZ7b6L6LjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Zjk3NTM5NzQtOTQ3Yy00MmM0LTg4NWItYWE5NGM0M2M1NmEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+g
wDANBgkqhkiG9w0BAQsFAAOCAQEAVDJX0aNdXfDuqWVHV9erqEMdSNPDhKZzYPv1
NgMfvooEU3rA/Vanu11U1yVrPJEOq0fXny4A4oARD9QUOOdEaHqPSiK93nHifkBu
yWbkbjONy0ptAHwxbt12mZHF4/lRBVEAuQctgDEJIp2tODJCWX3qCdW+a57hbhV2
AjpHHF8AaS6ZaNvjIMVhfqJLud82uJ1UioQHCkbidxUDy24hK6m4GK4QNlC8Fma4
H/twsqiMqHYw+25ejRAE+7omMOsOr7nQ27AFvByJecvSnQCuaoXlWNEjjcg2kLFB
XnHuTcHfSViH2KWCelIjlWH/ORcxgzgagNaOC0iCrurCpM+4pQ==
-----END CERTIFICATE-----
Generated at Tue May 6 04:06:46 2025 by rpki-client