Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fad76837-d6e1-4885-9781-3088c0b0c06c.roa
File: fad76837-d6e1-4885-9781-3088c0b0c06c.roa (raw, json)
Hash identifier: fM+Zj7Sndlz89B5cbrCR2IKL9cfx+6b7VO5kkX0nA9E=
Subject key identifier: C3:C2:47:DE:9A:0B:9A:9C:A4:C5:CD:AF:BE:BF:DE:EB:8B:15:1F:8B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69F7FAADFF1C031F678F0354EE89294A4FE68BB4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fad76837-d6e1-4885-9781-3088c0b0c06c.roa
Signing time: Tue 01 Apr 2025 15:01:20 +0000
ROA not before: Tue 01 Apr 2025 15:01:20 +0000
ROA not after: Tue 06 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 21:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:f7:fa:ad:ff:1c:03:1f:67:8f:03:54:ee:89:29:4a:4f:e6:8b:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 1 15:01:20 2025 GMT
Not After : May 6 23:59:59 2025 GMT
Subject: serialNumber=a7eced4b4889f2e667048d324af12a53a211c90f29968c13f4d20d1ba5906673, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:91:4f:47:28:08:b1:80:35:91:f2:f1:1e:b4:
d2:e7:20:f6:0f:dd:9f:36:3b:ab:57:f5:f3:5f:96:
7c:66:c0:7a:02:31:fc:df:1e:dc:68:36:ba:71:24:
ef:75:e0:97:e7:1b:e3:44:7d:f5:a7:30:27:07:f9:
8f:9e:d5:95:ab:0e:cf:e6:17:c1:71:bf:59:09:7c:
37:43:48:26:c0:49:a2:ff:2c:be:c3:f5:d9:91:44:
26:f5:bc:9b:6b:d2:e5:75:1d:19:3f:f4:04:11:c6:
4c:35:48:34:f8:03:d1:43:58:10:7e:37:8b:e7:5a:
81:bf:ea:9d:ac:e8:e3:c3:cb:39:9e:c2:a7:54:05:
76:64:0b:2b:f9:ba:75:f1:40:c5:96:63:c0:e1:ee:
9a:95:45:7d:a8:6f:19:19:0c:40:1d:e4:fd:f7:3e:
8b:c2:a3:b3:0a:06:88:95:0c:ef:25:5f:be:d0:50:
76:44:b0:fa:e8:aa:97:3e:ee:53:ef:48:94:6a:07:
ac:0a:b4:29:1a:96:23:7b:d9:e3:24:77:bb:27:e2:
f2:11:cf:38:1b:e3:74:c5:9a:0b:b2:d1:dc:f0:81:
34:e9:7b:b0:c7:eb:57:c0:c0:7c:5d:bc:1b:77:80:
3e:82:f2:bf:e6:85:0e:d9:7f:aa:19:d6:76:a9:0a:
b9:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:C2:47:DE:9A:0B:9A:9C:A4:C5:CD:AF:BE:BF:DE:EB:8B:15:1F:8B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fad76837-d6e1-4885-9781-3088c0b0c06c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:6000::/40
Signature Algorithm: sha256WithRSAEncryption
35:bd:16:5e:c0:80:74:45:5e:74:67:26:b9:61:89:47:de:b9:
40:a4:d6:f0:89:e9:31:08:1f:6d:b9:e5:f2:43:f3:1f:14:ee:
c4:95:02:14:5f:e5:90:a3:e9:f6:e2:d2:0f:5a:07:22:da:68:
8f:3c:1c:8f:4d:12:4b:e9:11:9f:92:e2:63:c7:e6:49:5e:94:
6b:e9:11:29:53:fb:d0:cc:ee:75:1c:16:1f:92:73:31:9c:58:
2c:9f:00:e3:90:61:3a:0f:c6:b1:1f:aa:dd:82:7e:04:b0:28:
ae:90:4e:1b:02:fa:ce:57:c6:bf:e6:c2:5c:07:cb:17:02:6f:
d5:ed:e2:2f:84:a7:97:d4:0c:40:84:aa:9b:eb:78:4c:b1:a5:
4d:bd:04:b3:ec:e3:f7:5f:cf:21:77:e6:6a:66:5e:87:04:0e:
d8:73:6c:66:ed:c9:60:ff:fb:6a:16:04:da:3d:0b:5e:67:6c:
e0:ce:2d:d1:88:3c:e5:76:0d:6e:e7:6e:62:ad:a5:8e:90:20:
61:70:f6:fd:89:b6:c9:52:7e:8f:76:e3:48:54:8e:2e:56:f5:
f2:47:d5:a3:5a:6b:c7:32:e5:a7:76:56:d3:59:6a:54:a1:59:
96:c4:2e:5b:e5:4f:c1:b0:22:e1:77:86:88:89:50:d7:8f:70:
fa:18:e2:11
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaff6rf8cAx9njwNU7okpSk/mi7QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MDExNTAxMjBaFw0yNTA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGE3ZWNlZDRiNDg4OWYyZTY2NzA0OGQzMjRhZjEyYTUzYTIxMWM5MGYyOTk2
OGMxM2Y0ZDIwZDFiYTU5MDY2NzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOyRT0coCLGANZHy8R600ucg9g/dnzY7q1f181+WfGbAegIx/N8e3Gg2unEk
73Xgl+cb40R99acwJwf5j57VlasOz+YXwXG/WQl8N0NIJsBJov8svsP12ZFEJvW8
m2vS5XUdGT/0BBHGTDVINPgD0UNYEH43i+dagb/qnazo48PLOZ7Cp1QFdmQLK/m6
dfFAxZZjwOHumpVFfahvGRkMQB3k/fc+i8KjswoGiJUM7yVfvtBQdkSw+uiqlz7u
U+9IlGoHrAq0KRqWI3vZ4yR3uyfi8hHPOBvjdMWaC7LR3PCBNOl7sMfrV8DAfF28
G3eAPoLyv+aFDtl/qhnWdqkKuXMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTDwkfe
mguanKTFza++v97rixUfizAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmFkNzY4MzctZDZlMS00ODg1LTk3ODEtMzA4OGMwYjBjMDZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dhg
MA0GCSqGSIb3DQEBCwUAA4IBAQA1vRZewIB0RV50Zya5YYlH3rlApNbwiekxCB9t
ueXyQ/MfFO7ElQIUX+WQo+n24tIPWgci2miPPByPTRJL6RGfkuJjx+ZJXpRr6REp
U/vQzO51HBYfknMxnFgsnwDjkGE6D8axH6rdgn4EsCiukE4bAvrOV8a/5sJcB8sX
Am/V7eIvhKeX1AxAhKqb63hMsaVNvQSz7OP3X88hd+ZqZl6HBA7Yc2xm7clg//tq
FgTaPQteZ2zgzi3RiDzldg1u525iraWOkCBhcPb9ibbJUn6PduNIVI4uVvXyR9Wj
WmvHMuWndlbTWWpUoVmWxC5b5U/BsCLhd4aIiVDXj3D6GOIR
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:07:23 2025 by rpki-client