Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ec34216-a73a-4f02-b92a-08993431272e.roa
File: 6ec34216-a73a-4f02-b92a-08993431272e.roa (raw, json)
Hash identifier: WyyFMWVnn3vk9jW2HyuQ/N3vA4BVYpvVnPyB4xaFx+g=
Subject key identifier: 4C:4A:CA:69:62:1A:2A:4B:6A:AE:89:8D:31:6F:56:60:83:E0:FB:79
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 71F213ACAD96C0A6CB0386C5B4346C235C6EB850
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ec34216-a73a-4f02-b92a-08993431272e.roa
Signing time: Mon 31 Mar 2025 20:20:54 +0000
ROA not before: Mon 31 Mar 2025 20:20:54 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:e080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:f2:13:ac:ad:96:c0:a6:cb:03:86:c5:b4:34:6c:23:5c:6e:b8:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 20:20:54 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:87:07:f3:4a:63:29:9e:6d:f1:f6:d2:e2:c9:
1a:a9:85:d9:17:76:93:c3:7a:83:c4:e2:75:3c:7a:
0c:52:e6:2b:83:9a:0a:0a:4b:92:d6:ac:44:a1:9f:
7b:d8:8a:c7:1d:77:28:96:b6:5d:97:c4:a9:75:13:
83:56:83:8c:78:a3:d7:d5:1e:38:e2:5a:c1:8b:17:
19:93:2b:b9:34:3e:95:8e:84:5d:85:f8:df:5e:a5:
a3:83:9a:3b:ca:2f:23:29:14:ab:cc:93:ac:5b:97:
1a:27:1c:91:5f:e3:bd:49:84:72:cf:c8:7b:2b:f3:
49:25:f1:38:e4:3c:4c:d4:cf:fb:df:b4:57:94:9e:
68:31:ec:bd:a6:2a:4f:51:ab:1a:94:87:22:96:e0:
5a:ab:57:33:b9:4a:43:15:c7:49:dd:b5:d6:08:54:
54:9e:cd:f3:66:ef:3f:68:cd:2b:c3:d5:b0:14:3f:
19:5e:1e:a6:11:d0:cf:68:3d:82:82:40:a3:33:92:
d4:77:88:5b:42:16:1d:b1:d6:12:1b:62:42:a0:2d:
0d:8a:9c:74:07:ce:9d:2c:3f:4c:10:7f:f8:a7:5d:
f7:3d:04:8d:c5:49:67:c1:39:1b:b9:10:3a:eb:e7:
3d:b2:eb:e7:b2:4d:90:28:52:7c:31:95:6b:1d:de:
56:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:4A:CA:69:62:1A:2A:4B:6A:AE:89:8D:31:6F:56:60:83:E0:FB:79
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ec34216-a73a-4f02-b92a-08993431272e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:e080::/46
Signature Algorithm: sha256WithRSAEncryption
01:f3:7d:d3:11:07:a8:2f:f0:94:15:b7:ac:95:84:cb:48:98:
ea:86:d7:91:04:5a:7f:c5:0b:c9:4c:f7:b6:e7:b1:df:23:6d:
d3:43:04:56:fe:41:50:05:1f:10:73:c6:23:46:7a:70:ae:5c:
3b:09:a3:03:2b:92:c4:df:78:ea:98:56:80:d5:1b:68:61:c2:
36:68:59:21:c5:28:a7:91:9a:ab:11:ae:86:b1:87:21:bb:02:
ab:2e:40:96:af:49:de:33:7d:26:42:a8:f5:ef:60:16:a9:49:
e3:9d:47:b6:ea:ad:1a:fd:b5:cd:b8:1e:a8:c5:fe:03:2a:39:
c3:28:fb:9a:20:0f:87:a4:29:f4:32:bd:da:8f:7c:db:2e:cc:
36:c4:fa:90:3c:39:b8:fc:1e:3c:4b:4d:35:1c:3d:32:0c:da:
f7:3e:b3:6f:61:e6:5a:80:bb:12:9a:c8:51:31:3f:66:e2:e7:
77:9a:f1:5f:92:02:a7:09:22:5e:33:e4:4b:7a:ad:45:a1:7d:
5a:64:de:08:7b:cd:32:9a:8c:50:8e:1d:07:d7:e2:48:83:fd:
01:c3:52:f2:8c:a2:11:1e:2a:a3:4e:0b:0c:38:bb:a1:0a:f4:
02:26:f8:7f:56:29:a1:b5:99:9b:c1:43:3a:e2:ea:ce:e8:db:
fc:cc:8d:74
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcfITrK2WwKbLA4bFtDRsI1xuuFAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMDIwNTRaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiNmY5ZjkwZDBlNGVlMTRiNzkxNzFlYzdhYmViMjM0MzY5MzBmMmYzZmZm
NjZiMzJlZGVhNjA4MDIxZGEwMTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6HB/NKYymebfH20uLJGqmF2Rd2k8N6g8TidTx6DFLmK4OaCgpLktasRKGf
e9iKxx13KJa2XZfEqXUTg1aDjHij19UeOOJawYsXGZMruTQ+lY6EXYX4316lo4Oa
O8ovIykUq8yTrFuXGicckV/jvUmEcs/IeyvzSSXxOOQ8TNTP+9+0V5SeaDHsvaYq
T1GrGpSHIpbgWqtXM7lKQxXHSd211ghUVJ7N82bvP2jNK8PVsBQ/GV4ephHQz2g9
goJAozOS1HeIW0IWHbHWEhtiQqAtDYqcdAfOnSw/TBB/+Kdd9z0EjcVJZ8E5G7kQ
OuvnPbLr57JNkChSfDGVax3eVlUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRMSspp
YhoqS2quiY0xb1Zgg+D7eTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmVjMzQyMTYtYTczYS00ZjAyLWI5MmEtMDg5OTM0MzEyNzJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hvg
gDANBgkqhkiG9w0BAQsFAAOCAQEAAfN90xEHqC/wlBW3rJWEy0iY6obXkQRaf8UL
yUz3tuex3yNt00MEVv5BUAUfEHPGI0Z6cK5cOwmjAyuSxN946phWgNUbaGHCNmhZ
IcUop5GaqxGuhrGHIbsCqy5Alq9J3jN9JkKo9e9gFqlJ451HtuqtGv21zbgeqMX+
Ayo5wyj7miAPh6Qp9DK92o982y7MNsT6kDw5uPwePEtNNRw9Mgza9z6zb2HmWoC7
EprIUTE/ZuLnd5rxX5ICpwkiXjPkS3qtRaF9WmTeCHvNMpqMUI4dB9fiSIP9AcNS
8oyiER4qo04LDDi7oQr0Aib4f1YpobWZm8FDOuLqzujb/MyNdA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:11 2025 by rpki-client