Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec4786d-f73f-4e64-99a3-0377bdf5c566.roa
File: fec4786d-f73f-4e64-99a3-0377bdf5c566.roa (raw, json)
Hash identifier: dnWyKqx3L09mObLAxdv18uMPkpumkShLmd7aehkbShE=
Subject key identifier: 35:A9:62:0F:62:B1:2E:9F:9B:AB:10:DB:06:D7:B6:04:7C:DB:C0:5B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2640B1F34D07E7FCBDB5A46A8349951198F93CBC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec4786d-f73f-4e64-99a3-0377bdf5c566.roa
Signing time: Fri 25 Apr 2025 20:20:22 +0000
ROA not before: Fri 25 Apr 2025 20:20:22 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02e::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:40:b1:f3:4d:07:e7:fc:bd:b5:a4:6a:83:49:95:11:98:f9:3c:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:20:22 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=b64711e6a8bef01ca8143cd758f78bc0cc23babe040b50243981fb0a16d118a7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c2:14:1c:b8:df:5d:fa:c8:22:1b:71:6a:ed:
7d:e0:f3:2d:40:7b:de:d9:a6:d6:2c:b3:48:b9:1c:
9f:c0:24:51:a9:b7:03:b4:06:19:85:c3:79:7f:1c:
ac:bd:f9:d0:85:1d:a8:3d:7c:f1:c6:2c:46:f5:20:
73:a4:7f:24:19:a9:fd:ca:d4:ba:ac:0e:e9:a2:41:
f8:01:8a:1d:b1:f2:03:f5:31:6b:a9:11:dc:9f:6e:
b7:57:96:4d:82:95:dc:38:b5:7f:d4:a3:a5:4e:e8:
f9:e3:87:15:7e:f0:b1:a5:1a:1f:b9:9b:8d:37:77:
1a:5e:a4:03:f1:1b:ff:ce:45:68:b3:0f:ae:33:25:
f5:b9:a0:c7:25:49:6b:01:6a:48:8e:76:e9:65:c1:
4b:ee:2a:68:49:7b:85:f0:0b:aa:ce:ab:04:94:6e:
c0:bf:a2:34:c5:90:3b:4b:1f:27:33:79:4f:87:c1:
88:38:46:a3:9b:61:9a:44:78:49:92:47:b6:12:49:
34:74:cb:8f:66:0e:f5:b0:19:38:01:21:f0:a5:86:
47:6d:e7:93:55:63:ec:02:21:74:75:78:b6:14:33:
3c:95:d5:0d:47:c4:a5:88:b5:e3:87:78:c8:f7:2c:
16:d7:be:4e:65:d7:9d:33:aa:47:61:03:af:4f:e2:
41:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:A9:62:0F:62:B1:2E:9F:9B:AB:10:DB:06:D7:B6:04:7C:DB:C0:5B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec4786d-f73f-4e64-99a3-0377bdf5c566.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02e::/36
Signature Algorithm: sha256WithRSAEncryption
0b:68:05:24:f6:77:9b:12:8e:c1:f0:bd:ab:83:8a:86:07:df:
d0:1e:76:82:25:55:cc:98:c1:22:60:e2:07:a7:63:c2:d5:5c:
3e:5a:8e:0d:f0:ef:46:bd:58:33:2d:9e:34:65:cd:20:fa:03:
43:7d:3f:92:53:06:d8:8d:a0:14:2c:96:15:60:b9:3f:42:af:
db:34:10:2e:87:e6:0d:9d:a9:f6:a7:16:57:0a:73:2a:c8:69:
20:a4:cb:fa:c1:bd:95:09:31:80:03:dc:1b:ed:f8:8e:bc:b3:
db:46:3c:59:88:ba:e2:8c:7f:4b:c9:12:e9:f6:bd:3a:4f:b2:
96:4a:53:63:03:c5:8d:74:62:35:a7:71:4c:e3:43:8e:12:27:
8c:3e:6c:0f:06:37:6d:73:b6:18:ed:aa:4f:a6:e9:ef:c1:9f:
e6:b6:d9:6c:c2:34:b8:48:c5:13:65:8a:29:72:4c:c7:20:0b:
7e:6b:d7:22:4b:51:ec:8c:2e:64:29:53:93:56:b9:30:5c:01:
c4:2f:87:ce:a9:03:21:65:0d:2c:86:cf:5e:07:75:56:3c:03:
a8:b5:3e:96:14:ca:b2:e1:b9:bb:70:13:f9:63:2c:06:e3:89:
57:2c:b0:c0:04:4f:b8:5e:65:4b:66:e9:41:40:66:93:24:8c:
ef:80:bb:16
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJkCx800H5/y9taRqg0mVEZj5PLwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDIwMjJaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGI2NDcxMWU2YThiZWYwMWNhODE0M2NkNzU4Zjc4YmMwY2MyM2JhYmUwNDBi
NTAyNDM5ODFmYjBhMTZkMTE4YTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALDCFBy43136yCIbcWrtfeDzLUB73tmm1iyzSLkcn8AkUam3A7QGGYXDeX8c
rL350IUdqD188cYsRvUgc6R/JBmp/crUuqwO6aJB+AGKHbHyA/Uxa6kR3J9ut1eW
TYKV3Di1f9SjpU7o+eOHFX7wsaUaH7mbjTd3Gl6kA/Eb/85FaLMPrjMl9bmgxyVJ
awFqSI526WXBS+4qaEl7hfALqs6rBJRuwL+iNMWQO0sfJzN5T4fBiDhGo5thmkR4
SZJHthJJNHTLj2YO9bAZOAEh8KWGR23nk1Vj7AIhdHV4thQzPJXVDUfEpYi144d4
yPcsFte+TmXXnTOqR2EDr0/iQacCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ1qWIP
YrEun5urENsG17YEfNvAWzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmVjNDc4NmQtZjczZi00ZTY0LTk5YTMtMDM3N2JkZjVjNTY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0C4A
MA0GCSqGSIb3DQEBCwUAA4IBAQALaAUk9nebEo7B8L2rg4qGB9/QHnaCJVXMmMEi
YOIHp2PC1Vw+Wo4N8O9GvVgzLZ40Zc0g+gNDfT+SUwbYjaAULJYVYLk/Qq/bNBAu
h+YNnan2pxZXCnMqyGkgpMv6wb2VCTGAA9wb7fiOvLPbRjxZiLrijH9LyRLp9r06
T7KWSlNjA8WNdGI1p3FM40OOEieMPmwPBjdtc7YY7apPpunvwZ/mttlswjS4SMUT
ZYopckzHIAt+a9ciS1HsjC5kKVOTVrkwXAHEL4fOqQMhZQ0shs9eB3VWPAOotT6W
FMqy4bm7cBP5YywG44lXLLDABE+4XmVLZulBQGaTJIzvgLsW
-----END CERTIFICATE-----
Generated at Wed May 7 12:10:43 2025 by rpki-client