Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa
File: 88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa (raw, json)
Hash identifier: Sb/8X1RjfRUKFDg1l2RQ3ZEJe3cM6wxjLXdb3ZGVZUI=
Subject key identifier: 6F:6B:AE:89:1C:20:5B:70:32:96:7D:20:D6:EF:8A:8D:47:3B:F0:55
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 37359B9A47FB50243D6ADB24BFB5723C7EDF2DAE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa
Signing time: Mon 31 Mar 2025 21:10:25 +0000
ROA not before: Mon 31 Mar 2025 21:10:25 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:35:9b:9a:47:fb:50:24:3d:6a:db:24:bf:b5:72:3c:7e:df:2d:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 21:10:25 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:67:69:67:2d:23:48:27:9d:2e:c4:6f:28:b2:
28:09:21:52:6f:b9:53:3a:aa:e7:00:6c:dc:fc:98:
d0:49:4a:1e:6e:2a:34:f4:d7:e4:66:8f:21:5d:cf:
88:5e:e2:77:6e:0d:2e:ab:c8:ef:2a:65:df:5d:3d:
39:2c:0f:7d:ce:52:ad:6c:1f:57:97:bb:58:64:12:
72:60:01:63:f1:e6:0f:01:a5:bb:39:f6:d3:69:17:
b3:d2:f6:8a:4d:31:bf:cb:7c:7a:3f:a8:10:3a:10:
31:10:f5:ee:10:f6:9d:eb:70:b3:70:83:06:ef:64:
ce:dc:44:31:84:99:79:43:90:43:ed:20:d5:14:2a:
ac:71:12:f9:82:b9:f5:ff:5e:51:77:a8:58:53:54:
7f:c0:11:e3:64:bd:ef:84:91:98:28:1b:f8:40:49:
a8:3b:36:0b:fa:a4:17:4b:1f:c5:1a:b9:56:50:7b:
0d:0f:c4:80:2d:c5:9d:bf:c3:02:5a:45:63:a5:b3:
d8:02:f9:5d:f4:e7:ec:4c:da:b9:4a:0c:1b:a9:d3:
34:da:50:91:e6:cc:77:1e:7f:21:65:e0:72:19:cc:
50:c9:e4:40:ec:ec:5f:d6:6d:f1:b4:fe:2c:5d:63:
78:c4:74:68:f1:94:d0:ee:2c:af:17:29:14:0b:43:
90:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:6B:AE:89:1C:20:5B:70:32:96:7D:20:D6:EF:8A:8D:47:3B:F0:55
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012:c00::/38
Signature Algorithm: sha256WithRSAEncryption
95:3b:f1:5f:5d:4a:c1:cf:2a:fb:3f:10:ec:27:8b:14:2a:ce:
5b:77:fd:bb:f7:6c:bd:fd:46:4d:db:08:03:3d:51:84:a5:dc:
b9:5c:ff:15:ca:b7:15:60:e3:6b:eb:12:b4:cb:59:36:d7:86:
e2:65:c1:9b:0d:fa:82:65:ff:16:7b:74:23:55:25:21:1b:5e:
2e:ee:d4:84:64:ac:b5:6d:a9:2c:5e:bd:ef:bd:7a:c0:e9:0c:
0f:f1:ff:f3:43:88:58:50:ed:48:1f:1d:64:d0:62:d7:a9:64:
c9:0e:ff:98:25:50:41:16:f2:82:9a:6f:97:e0:be:76:93:1b:
cd:d1:97:6a:5a:f7:c0:f0:d1:49:a5:82:a6:bd:28:59:90:cc:
ae:51:48:54:e7:fe:9b:47:c1:ea:1e:99:41:a2:c9:5e:24:5f:
0b:ff:a8:78:e0:b2:34:76:6e:ea:a5:92:f8:39:1f:55:f9:e8:
71:43:f7:13:a0:d5:93:63:5e:b8:9e:74:a7:e5:16:7e:c2:12:
93:96:7c:75:94:74:cb:4b:7f:51:7b:5c:0c:b6:c4:bd:9a:18:
69:77:0d:cd:b6:fc:99:36:bd:e7:40:2a:c3:c3:d1:41:12:20:
57:95:e9:35:39:18:c0:dd:63:2b:92:04:4b:04:68:3e:7b:0e:
1d:25:73:df
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNzWbmkf7UCQ9atskv7VyPH7fLa4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMTEwMjVaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGYwZWM0NjRhOGZjMTFhYzBmODE0NGE4NTg1ZmUzZWNjN2RjZjY2NjNmYWYy
YWU1NTU1ZmUwN2VjZjc5ZmRhNmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMJnaWctI0gnnS7EbyiyKAkhUm+5Uzqq5wBs3PyY0ElKHm4qNPTX5GaPIV3P
iF7id24NLqvI7ypl3109OSwPfc5SrWwfV5e7WGQScmABY/HmDwGluzn202kXs9L2
ik0xv8t8ej+oEDoQMRD17hD2netws3CDBu9kztxEMYSZeUOQQ+0g1RQqrHES+YK5
9f9eUXeoWFNUf8AR42S974SRmCgb+EBJqDs2C/qkF0sfxRq5VlB7DQ/EgC3Fnb/D
AlpFY6Wz2AL5XfTn7EzauUoMG6nTNNpQkebMdx5/IWXgchnMUMnkQOzsX9Zt8bT+
LF1jeMR0aPGU0O4srxcpFAtDkCUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRva66J
HCBbcDKWfSDW74qNRzvwVTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODg4MDBmOWYtNDhmZC00NDQyLWE2ZjYtN2E1MDRlMWNiM2IxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BIM
MA0GCSqGSIb3DQEBCwUAA4IBAQCVO/FfXUrBzyr7PxDsJ4sUKs5bd/2792y9/UZN
2wgDPVGEpdy5XP8VyrcVYONr6xK0y1k214biZcGbDfqCZf8We3QjVSUhG14u7tSE
ZKy1baksXr3vvXrA6QwP8f/zQ4hYUO1IHx1k0GLXqWTJDv+YJVBBFvKCmm+X4L52
kxvN0ZdqWvfA8NFJpYKmvShZkMyuUUhU5/6bR8HqHplBosleJF8L/6h44LI0dm7q
pZL4OR9V+ehxQ/cToNWTY164nnSn5RZ+whKTlnx1lHTLS39Re1wMtsS9mhhpdw3N
tvyZNr3nQCrDw9FBEiBXlek1ORjA3WMrkgRLBGg+ew4dJXPf
-----END CERTIFICATE-----
Generated at Tue Apr 8 08:49:03 2025 by rpki-client