Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa20760-fb28-4393-bec8-9ffb467f03e4.roa
File: 4aa20760-fb28-4393-bec8-9ffb467f03e4.roa (raw, json)
Hash identifier: 7MgqaHxZJvia+JVhheIk/ZRPQk81GTXtSyofKG78jPY=
Subject key identifier: D9:3E:51:98:25:AE:45:B8:2D:EA:3B:CC:26:61:21:57:07:77:20:18
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 65F43C08B1C51A6A2C16E74D9C0D5D7A7D443C14
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa20760-fb28-4393-bec8-9ffb467f03e4.roa
Signing time: Mon 31 Mar 2025 20:41:13 +0000
ROA not before: Mon 31 Mar 2025 20:41:13 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 21:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:f4:3c:08:b1:c5:1a:6a:2c:16:e7:4d:9c:0d:5d:7a:7d:44:3c:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 20:41:13 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=5453f7149ed8e479ab1b37702730c8bd30f4426dfc7bd031292f046505c05365, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b2:f2:c0:4f:31:82:c0:7d:28:6a:1c:48:5d:
d8:df:f0:fa:18:a6:c9:77:7a:ca:a9:e8:07:d0:e2:
25:d8:f7:2a:c5:aa:91:9e:99:05:f1:05:ad:85:7d:
77:79:c3:be:dc:03:23:72:a0:4a:e3:eb:04:27:cd:
5e:46:38:3a:96:13:72:07:3a:6d:3f:5a:39:72:52:
b8:d9:48:44:8e:9a:cb:0c:f7:36:6e:2c:a4:33:7c:
04:00:1e:4f:bd:60:80:9b:c3:ad:6d:1a:b1:62:9e:
89:1f:71:80:26:27:d5:15:58:ae:ba:70:29:86:85:
f4:bc:04:20:14:e7:9a:0c:b5:85:dd:a9:fd:18:d2:
0e:19:6a:e4:ce:c5:37:97:3e:6b:38:07:27:1c:60:
e7:2b:7e:85:65:5c:9c:04:f8:af:ac:8c:44:e7:12:
1d:e4:2e:a0:63:89:ae:2b:b3:05:74:bc:2b:fd:cf:
70:da:d5:4d:05:8e:2d:d2:78:8e:90:80:72:62:ea:
e4:b2:0b:c9:7e:76:79:34:b3:91:84:32:6a:12:8d:
f0:73:58:b5:cb:78:30:3d:48:0f:93:0a:10:09:7e:
3e:fb:01:af:08:ec:d3:aa:e4:54:51:b2:4e:c7:05:
2c:38:78:92:8f:f0:98:1e:0b:7e:d3:a2:ce:ab:83:
7a:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:3E:51:98:25:AE:45:B8:2D:EA:3B:CC:26:61:21:57:07:77:20:18
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa20760-fb28-4393-bec8-9ffb467f03e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:6000::/40
Signature Algorithm: sha256WithRSAEncryption
b6:9e:3d:10:4c:e4:fb:ab:21:ff:3b:e8:0b:71:61:f7:63:84:
2b:b7:55:4d:ae:d2:58:91:13:31:e3:30:74:a7:92:f3:17:9c:
e3:0d:ca:97:ee:e9:e8:bb:ef:7b:d9:dc:39:3a:c0:19:b2:e8:
d8:4d:d3:c2:70:ee:8f:19:e0:40:01:9f:75:ce:c8:c1:6a:41:
de:2c:68:2a:a0:c4:1a:fe:50:6a:d6:da:62:24:53:e3:fe:f6:
e4:2f:de:0c:ae:11:ec:5e:de:d3:7c:2c:b1:1e:17:c5:99:62:
59:93:63:da:af:9a:8f:1d:a6:a9:11:32:22:7a:38:e6:bd:d9:
20:b3:e1:2a:b7:66:01:41:52:5a:25:e9:07:6a:ac:47:60:d4:
66:7a:dd:0d:ee:77:67:8b:01:1d:05:2f:8f:df:88:b7:ba:ca:
e4:8e:08:57:ee:91:59:1f:8f:81:21:3e:0b:25:6f:21:0c:f9:
87:12:4f:58:e8:cb:a1:6f:e7:c6:4d:d9:e4:9b:e1:81:fb:7c:
d7:0d:a0:2c:08:ba:eb:fe:be:5f:45:17:93:06:37:ae:35:de:
84:54:ed:6b:6d:af:1f:71:c2:8a:b7:25:e4:ac:41:ee:90:32:
2d:0d:08:e3:32:eb:e8:c1:3a:4b:e6:c2:19:c8:19:f3:ea:c8:
76:23:a7:30
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZfQ8CLHFGmosFudNnA1den1EPBQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMDQxMTNaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0NTNmNzE0OWVkOGU0NzlhYjFiMzc3MDI3MzBjOGJkMzBmNDQyNmRmYzdi
ZDAzMTI5MmYwNDY1MDVjMDUzNjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKSy8sBPMYLAfShqHEhd2N/w+himyXd6yqnoB9DiJdj3KsWqkZ6ZBfEFrYV9
d3nDvtwDI3KgSuPrBCfNXkY4OpYTcgc6bT9aOXJSuNlIRI6aywz3Nm4spDN8BAAe
T71ggJvDrW0asWKeiR9xgCYn1RVYrrpwKYaF9LwEIBTnmgy1hd2p/RjSDhlq5M7F
N5c+azgHJxxg5yt+hWVcnAT4r6yMROcSHeQuoGOJriuzBXS8K/3PcNrVTQWOLdJ4
jpCAcmLq5LILyX52eTSzkYQyahKN8HNYtct4MD1ID5MKEAl+PvsBrwjs06rkVFGy
TscFLDh4ko/wmB4LftOizquDehUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTZPlGY
Ja5FuC3qO8wmYSFXB3cgGDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFhMjA3NjAtZmIyOC00MzkzLWJlYzgtOWZmYjQ2N2YwM2U0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hpg
MA0GCSqGSIb3DQEBCwUAA4IBAQC2nj0QTOT7qyH/O+gLcWH3Y4Qrt1VNrtJYkRMx
4zB0p5LzF5zjDcqX7unou+972dw5OsAZsujYTdPCcO6PGeBAAZ91zsjBakHeLGgq
oMQa/lBq1tpiJFPj/vbkL94MrhHsXt7TfCyxHhfFmWJZk2Par5qPHaapETIiejjm
vdkgs+Eqt2YBQVJaJekHaqxHYNRmet0N7ndniwEdBS+P34i3usrkjghX7pFZH4+B
IT4LJW8hDPmHEk9Y6Muhb+fGTdnkm+GB+3zXDaAsCLrr/r5fRReTBjeuNd6EVO1r
ba8fccKKtyXkrEHukDItDQjjMuvowTpL5sIZyBnz6sh2I6cw
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:10:54 2025 by rpki-client