Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9b24ad1-069b-4916-9d33-31ad6937fb2f.roa
File: e9b24ad1-069b-4916-9d33-31ad6937fb2f.roa (raw, json)
Hash identifier: j6WafzuR8z4PMhIITqor1ywRJfTWNi7jgG2VEiFttQg=
Subject key identifier: 6F:D2:4A:33:47:5B:EC:AE:C9:B2:F7:AE:89:32:57:A0:D1:E8:A5:B5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 683DAFC0F3B2DB8BDAFD22A2FA20F37E96BE5F97
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9b24ad1-069b-4916-9d33-31ad6937fb2f.roa
Signing time: Fri 21 Mar 2025 15:00:05 +0000
ROA not before: Fri 21 Mar 2025 15:00:05 +0000
ROA not after: Fri 25 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:6000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:3d:af:c0:f3:b2:db:8b:da:fd:22:a2:fa:20:f3:7e:96:be:5f:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 21 15:00:05 2025 GMT
Not After : Apr 25 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:02:04:c4:41:1e:11:c4:42:21:a1:cb:f1:00:
e8:00:07:13:70:f1:35:54:c6:a4:ca:f9:a4:83:e9:
71:0d:bf:97:da:df:c1:b2:c8:59:b8:eb:81:35:22:
05:9b:1f:b4:48:67:f7:8c:fb:7c:8b:a2:fd:0f:fa:
ae:7c:b0:88:a1:a4:59:c8:5c:de:58:6a:71:32:c4:
8f:fa:23:25:a5:01:5b:80:34:a2:89:fb:68:b1:40:
cb:92:1b:4a:3c:49:a6:5f:0e:fd:8b:d7:b7:b5:7c:
b1:1d:07:fb:9c:64:b3:47:e3:9d:b7:68:d8:94:9b:
c2:7b:b2:a1:cb:ab:0c:04:b8:8a:4e:c8:02:e1:83:
7b:36:a1:72:aa:46:4f:96:4a:d9:eb:5b:73:9f:2c:
c4:67:8d:66:5e:15:fa:b6:16:c7:3b:e2:e2:05:b0:
b9:d0:5d:d9:f6:d4:8f:50:a9:c6:5d:7e:ca:ed:71:
b8:c1:ed:16:f3:1b:f8:64:24:7a:ab:52:2d:b5:42:
db:ad:c2:fc:3e:0f:fc:69:85:cd:11:8e:e7:d8:dd:
28:36:09:e4:de:18:72:6a:af:2c:01:ee:5a:1b:85:
54:c1:4e:83:cb:08:1f:cf:10:19:03:b5:47:c8:d3:
de:40:1b:96:8a:18:a1:e5:c7:aa:68:b0:56:17:e2:
49:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:D2:4A:33:47:5B:EC:AE:C9:B2:F7:AE:89:32:57:A0:D1:E8:A5:B5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9b24ad1-069b-4916-9d33-31ad6937fb2f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:6000::/48
Signature Algorithm: sha256WithRSAEncryption
94:79:34:e1:d0:e8:e3:16:f3:06:b9:97:05:71:b0:86:92:cc:
02:70:35:35:05:fc:f7:0d:16:fe:e1:12:7b:65:2c:c8:02:7c:
09:70:c3:f8:65:99:37:3a:3a:ee:6c:3b:cf:4c:be:ee:d9:09:
cf:6e:a7:5b:7b:b1:f1:6f:57:40:c5:1d:10:92:59:b3:ce:86:
3b:fb:6c:3e:31:8a:46:89:47:9f:1b:46:6a:32:d7:03:ab:05:
08:0f:8b:f8:1d:d5:ff:77:67:25:e5:d5:2a:85:e5:fe:77:b9:
81:51:68:d4:54:d4:87:a8:56:16:f4:3f:0a:db:aa:69:d3:7d:
7c:75:3f:8c:d4:f1:82:29:3c:9c:8d:fd:9d:86:21:34:36:c8:
cd:42:0c:4d:11:d6:4f:72:37:c3:bc:47:27:ce:8e:c6:39:7b:
84:99:76:31:21:e1:83:fa:0e:1c:ef:26:7c:36:f9:39:98:c9:
87:dd:04:df:ca:83:7a:e5:16:fe:67:a0:34:07:e0:0b:a2:bc:
26:36:e6:81:c9:72:1e:3e:9f:61:b4:d8:66:e1:4a:3c:09:07:
72:3d:d9:ff:e9:35:6d:8d:6a:dc:7b:68:b0:e2:cb:5d:ed:23:
b9:20:af:7d:f6:b7:ce:95:07:30:3b:7e:6a:4f:92:54:4c:72:
0d:ca:34:91
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUaD2vwPOy24va/SKi+iDzfpa+X5cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMjExNTAwMDVaFw0yNTA0MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0ZTM5OWQ0YzY4MDg5ZjViOWNlYTJlN2UyNDU1OTQ2NTQ1ZTBjZGZjNGYw
ZjM3ZGVhNmZiMGMzN2Q3MDM5NTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKUCBMRBHhHEQiGhy/EA6AAHE3DxNVTGpMr5pIPpcQ2/l9rfwbLIWbjrgTUi
BZsftEhn94z7fIui/Q/6rnywiKGkWchc3lhqcTLEj/ojJaUBW4A0oon7aLFAy5Ib
SjxJpl8O/YvXt7V8sR0H+5xks0fjnbdo2JSbwnuyocurDAS4ik7IAuGDezahcqpG
T5ZK2etbc58sxGeNZl4V+rYWxzvi4gWwudBd2fbUj1Cpxl1+yu1xuMHtFvMb+GQk
eqtSLbVC263C/D4P/GmFzRGO59jdKDYJ5N4YcmqvLAHuWhuFVMFOg8sIH88QGQO1
R8jT3kAblooYoeXHqmiwVhfiSeMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRv0koz
R1vsrsmy966JMleg0eiltTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTliMjRhZDEtMDY5Yi00OTE2LTlkMzMtMzFhZDY5MzdmYjJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HZg
ADANBgkqhkiG9w0BAQsFAAOCAQEAlHk04dDo4xbzBrmXBXGwhpLMAnA1NQX89w0W
/uESe2UsyAJ8CXDD+GWZNzo67mw7z0y+7tkJz26nW3ux8W9XQMUdEJJZs86GO/ts
PjGKRolHnxtGajLXA6sFCA+L+B3V/3dnJeXVKoXl/ne5gVFo1FTUh6hWFvQ/Ctuq
adN9fHU/jNTxgik8nI39nYYhNDbIzUIMTRHWT3I3w7xHJ86Oxjl7hJl2MSHhg/oO
HO8mfDb5OZjJh90E38qDeuUW/megNAfgC6K8JjbmgclyHj6fYbTYZuFKPAkHcj3Z
/+k1bY1q3HtosOLLXe0juSCvffa3zpUHMDt+ak+SVExyDco0kQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:06 2025 by rpki-client