Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e68fbde-eead-4e29-b902-4eed053693ac.roa
File: 0e68fbde-eead-4e29-b902-4eed053693ac.roa (raw, json)
Hash identifier: cv0LNDh+77djAItkF5Wl1jeiKi+f89nAHY5ykQYogMw=
Subject key identifier: 55:27:5F:FD:51:0F:95:52:57:96:44:0E:55:AF:7F:D8:5B:69:AC:3C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 49877697D2BAA227B65865ECA93146C325AA440E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e68fbde-eead-4e29-b902-4eed053693ac.roa
Signing time: Mon 31 Mar 2025 21:20:10 +0000
ROA not before: Mon 31 Mar 2025 21:20:10 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01b::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:87:76:97:d2:ba:a2:27:b6:58:65:ec:a9:31:46:c3:25:aa:44:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 21:20:10 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:1d:1f:84:cc:2c:2e:da:4a:3f:65:cf:0e:fa:
be:7d:e3:2b:48:6d:43:6e:5e:42:39:b8:c6:9a:f3:
67:93:df:01:55:82:31:63:eb:91:4b:2b:7c:14:c2:
39:98:2d:4f:03:0b:cc:bc:ba:a3:31:b8:26:e6:3d:
ca:38:30:fb:c9:02:8f:cc:66:3f:9e:67:c5:02:ae:
cd:6f:85:5a:07:74:80:f3:8d:79:44:a6:68:37:8f:
7d:f3:7b:94:26:d3:1c:58:43:cb:de:a4:3e:a5:88:
ac:fc:73:c2:e9:e6:ff:67:ff:b4:e9:da:8d:2e:10:
d3:da:9d:07:66:22:31:10:f9:0b:04:f6:d7:36:5b:
c7:e7:aa:a4:98:0d:43:61:46:85:05:d3:6d:99:51:
98:b4:36:b2:e7:96:3c:23:c9:43:64:c8:b6:50:53:
7e:b7:32:51:22:5b:ea:3a:9d:da:4b:ce:c6:ad:22:
54:eb:16:6f:3f:99:eb:81:8d:68:79:b4:37:2d:93:
d4:b8:e7:0a:4b:bb:76:c0:33:07:a0:98:30:3b:96:
7d:3a:26:89:f2:75:dc:29:de:6e:25:75:a0:66:76:
9c:b7:8b:a6:0d:f0:45:e6:db:b4:1e:49:ea:02:e4:
04:3c:3f:41:b5:2b:05:6f:9b:75:89:f7:43:fa:7d:
89:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:27:5F:FD:51:0F:95:52:57:96:44:0E:55:AF:7F:D8:5B:69:AC:3C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e68fbde-eead-4e29-b902-4eed053693ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01b::/36
Signature Algorithm: sha256WithRSAEncryption
12:da:27:bf:9c:16:47:22:fb:67:ef:4c:c3:05:b3:b5:a5:d9:
6b:33:fe:30:4a:aa:df:4c:a5:c1:02:0e:fa:04:12:8a:c0:b6:
b5:82:05:f8:c7:f0:63:b4:36:7a:7e:f8:af:d2:e7:f1:3f:fd:
cd:af:a6:7b:c1:b6:8b:52:1d:d3:0e:b9:31:06:a2:b4:62:78:
ef:48:28:8e:89:8a:42:54:e7:1c:be:d9:6e:be:81:82:6d:84:
81:b4:5e:2c:aa:e6:52:3c:95:ff:c6:e2:cd:80:2a:5b:e1:0a:
88:74:5b:67:2d:b6:64:28:8c:8a:3d:56:30:89:d3:a3:5e:5f:
a4:56:c6:ab:bf:82:19:32:8f:a1:71:aa:e5:0c:59:23:e7:53:
15:49:75:da:0c:59:c0:73:22:47:60:ff:d6:7e:56:b1:d6:fa:
54:5d:b1:b5:fd:7e:81:d0:1d:be:da:4d:58:ef:7b:68:e6:d7:
10:d0:fb:13:f6:74:dc:17:54:d2:8d:6d:1a:19:af:7d:b8:92:
ba:83:4d:91:73:4f:66:f3:d9:cd:18:64:59:79:a0:a8:a7:2d:
ea:54:a9:eb:71:a6:4f:db:9a:46:d6:86:d9:2e:d8:09:6b:bb:
6b:17:c2:2b:fe:b1:df:db:6c:05:01:de:3a:ad:b5:4c:ae:91:
2c:25:f5:f3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSYd2l9K6oie2WGXsqTFGwyWqRA4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMTIwMTBaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1MTZmM2Y1YTFlZjJiMzIzYjIyYjg5Mzg4NzBlN2U1OGFmMGY2NDIzM2Rk
M2U0NDQ4ZWUxY2Y3MDFhZTllZjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKQdH4TMLC7aSj9lzw76vn3jK0htQ25eQjm4xprzZ5PfAVWCMWPrkUsrfBTC
OZgtTwMLzLy6ozG4JuY9yjgw+8kCj8xmP55nxQKuzW+FWgd0gPONeUSmaDePffN7
lCbTHFhDy96kPqWIrPxzwunm/2f/tOnajS4Q09qdB2YiMRD5CwT21zZbx+eqpJgN
Q2FGhQXTbZlRmLQ2sueWPCPJQ2TItlBTfrcyUSJb6jqd2kvOxq0iVOsWbz+Z64GN
aHm0Ny2T1LjnCku7dsAzB6CYMDuWfTomifJ13CnebiV1oGZ2nLeLpg3wRebbtB5J
6gLkBDw/QbUrBW+bdYn3Q/p9iYcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRVJ1/9
UQ+VUleWRA5Vr3/YW2msPDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGU2OGZiZGUtZWVhZC00ZTI5LWI5MDItNGVlZDA1MzY5M2FjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BsA
MA0GCSqGSIb3DQEBCwUAA4IBAQAS2ie/nBZHIvtn70zDBbO1pdlrM/4wSqrfTKXB
Ag76BBKKwLa1ggX4x/BjtDZ6fviv0ufxP/3Nr6Z7wbaLUh3TDrkxBqK0YnjvSCiO
iYpCVOccvtluvoGCbYSBtF4squZSPJX/xuLNgCpb4QqIdFtnLbZkKIyKPVYwidOj
Xl+kVsarv4IZMo+hcarlDFkj51MVSXXaDFnAcyJHYP/Wflax1vpUXbG1/X6B0B2+
2k1Y73to5tcQ0PsT9nTcF1TSjW0aGa99uJK6g02Rc09m89nNGGRZeaCopy3qVKnr
caZP25pG1obZLtgJa7trF8Ir/rHf22wFAd46rbVMrpEsJfXz
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:09:19 2025 by rpki-client