Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d232961-eb43-42b7-908c-1226b1f4eeac.roa
File: 1d232961-eb43-42b7-908c-1226b1f4eeac.roa (raw, json)
Hash identifier: GF3Z5vPTkKuUl99FgVpYCuKW+ct2yEyppC5upXgLeyc=
Subject key identifier: 49:7F:25:08:04:E6:15:7B:E0:97:18:16:6A:EE:1C:CE:04:97:4A:82
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3666928CB0B7D615EBA5FFDF75A84705B1AEA588
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d232961-eb43-42b7-908c-1226b1f4eeac.roa
Signing time: Mon 31 Mar 2025 20:31:38 +0000
ROA not before: Mon 31 Mar 2025 20:31:38 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:66:92:8c:b0:b7:d6:15:eb:a5:ff:df:75:a8:47:05:b1:ae:a5:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 20:31:38 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:2f:08:5f:7c:ff:1e:15:fa:49:ab:e4:ad:a3:
e9:3a:c0:31:17:42:b8:8b:dd:bf:ed:97:8f:14:ed:
bd:5c:79:08:61:2a:0a:1e:46:45:9e:09:16:07:b5:
d5:0e:ce:a4:f1:72:7c:2f:16:56:97:b0:1b:59:ae:
4f:75:b0:f7:05:06:ad:62:14:3a:ca:fa:f0:38:fc:
1a:86:c8:35:e9:26:e8:67:89:e4:f8:7e:06:ba:12:
64:7e:70:25:68:92:d7:6f:17:b6:b3:f9:09:65:d3:
0f:3d:b1:f9:45:dc:5c:d0:bf:05:0c:5a:36:2a:e6:
d9:e3:a8:d4:95:c7:9d:fd:fa:f2:75:ff:a2:87:4c:
4c:db:f8:10:d7:e4:f5:10:01:a3:03:df:ef:9a:41:
30:f9:06:19:1f:48:2f:8c:3c:bd:45:3a:04:38:a9:
a8:0e:09:51:fc:82:46:0f:85:3f:36:3b:9a:70:f3:
0a:0c:16:90:6a:33:b3:f8:56:8f:c2:ae:81:93:d4:
75:ff:b0:69:7f:e1:28:d9:1c:8b:ac:32:bd:c3:3c:
de:c5:65:bd:54:11:98:55:f6:ed:c6:32:2e:e2:02:
22:51:30:4d:21:ad:18:b2:f6:0f:56:bf:2e:7e:b7:
4b:48:a2:da:f9:be:c5:d6:cb:42:51:b9:86:4a:5d:
72:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:7F:25:08:04:E6:15:7B:E0:97:18:16:6A:EE:1C:CE:04:97:4A:82
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d232961-eb43-42b7-908c-1226b1f4eeac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077::/32
Signature Algorithm: sha256WithRSAEncryption
b1:60:22:5b:81:2a:4f:f2:35:dd:41:35:53:7e:c4:bf:30:a4:
7d:e7:b2:96:b1:54:06:9a:7f:82:6b:57:56:c1:fd:a1:a2:68:
28:de:85:f3:97:08:ee:2b:97:07:d1:d5:92:8f:e6:a4:a5:95:
dc:9a:86:fb:0c:8f:1f:0a:81:9b:a2:21:2d:2a:ad:29:8f:af:
d5:50:b8:ed:1c:df:8e:63:7d:92:de:1d:17:a4:e4:5d:6d:6e:
b3:ee:ba:19:48:31:98:86:51:05:a8:42:d5:b7:a9:b3:d3:b0:
fc:83:79:96:cc:af:ac:bb:d3:5d:db:da:7b:89:ea:cc:87:1f:
f6:e5:36:e0:a3:99:15:6b:e7:f4:05:e6:f2:20:ad:7c:b5:d5:
da:79:1f:cc:d7:5d:78:b2:bd:98:1a:fc:1d:f8:b5:89:ad:37:
9c:07:93:9f:96:1d:ed:cc:90:34:cf:bb:95:53:e7:b9:fe:5b:
7e:3d:52:4b:15:0c:74:a4:86:c4:1a:aa:b4:89:41:58:99:65:
8d:4c:74:98:27:eb:0c:b0:d4:8f:fd:ce:0f:2c:52:1e:d6:4b:
ef:2f:cb:88:26:13:e8:cf:ee:4a:bb:7f:aa:a1:d7:0d:47:9a:
c9:dd:82:04:ee:38:42:f2:07:5c:e9:32:b7:38:7a:64:c1:02:
7e:2c:1d:50
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUNmaSjLC31hXrpf/fdahHBbGupYgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMDMxMzhaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGU0MDkxM2U0ODE5NTQ0OTZkMWQ1ZDAyZmE4YmNmYmU0Zjc4NWJkYjQ3YTEx
YzhhMjQ5OTgyMmVhYzViZDA2MjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALovCF98/x4V+kmr5K2j6TrAMRdCuIvdv+2XjxTtvVx5CGEqCh5GRZ4JFge1
1Q7OpPFyfC8WVpewG1muT3Ww9wUGrWIUOsr68Dj8GobINekm6GeJ5Ph+BroSZH5w
JWiS128XtrP5CWXTDz2x+UXcXNC/BQxaNirm2eOo1JXHnf368nX/oodMTNv4ENfk
9RABowPf75pBMPkGGR9IL4w8vUU6BDipqA4JUfyCRg+FPzY7mnDzCgwWkGozs/hW
j8KugZPUdf+waX/hKNkci6wyvcM83sVlvVQRmFX27cYyLuICIlEwTSGtGLL2D1a/
Ln63S0ii2vm+xdbLQlG5hkpdcnECAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRJfyUI
BOYVe+CXGBZq7hzOBJdKgjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWQyMzI5NjEtZWI0My00MmI3LTkwOGMtMTIyNmIxZjRlZWFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Hcw
DQYJKoZIhvcNAQELBQADggEBALFgIluBKk/yNd1BNVN+xL8wpH3nspaxVAaaf4Jr
V1bB/aGiaCjehfOXCO4rlwfR1ZKP5qSlldyahvsMjx8KgZuiIS0qrSmPr9VQuO0c
345jfZLeHRek5F1tbrPuuhlIMZiGUQWoQtW3qbPTsPyDeZbMr6y7013b2nuJ6syH
H/blNuCjmRVr5/QF5vIgrXy11dp5H8zXXXiyvZga/B34tYmtN5wHk5+WHe3MkDTP
u5VT57n+W349UksVDHSkhsQaqrSJQViZZY1MdJgn6wyw1I/9zg8sUh7WS+8vy4gm
E+jP7kq7f6qh1w1HmsndggTuOELyB1zpMrc4emTBAn4sHVA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:23 2025 by rpki-client