Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fad76837-d6e1-4885-9781-3088c0b0c06c.roa
File: fad76837-d6e1-4885-9781-3088c0b0c06c.roa (raw, json)
Hash identifier: r/Vh5M/9ghoouzMFOrMYaz+71/VAWkxMPtUT7PUESmk=
Subject key identifier: 35:34:DB:A0:7A:7D:14:CE:54:50:2B:06:F3:17:CF:53:71:8B:DF:3E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5A872B7A2CE2D553CF48ADC668511B704691E0AB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fad76837-d6e1-4885-9781-3088c0b0c06c.roa
Signing time: Mon 10 Feb 2025 00:00:00 +0000
ROA not before: Mon 10 Feb 2025 00:00:00 +0000
ROA not after: Mon 17 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 05:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:87:2b:7a:2c:e2:d5:53:cf:48:ad:c6:68:51:1b:70:46:91:e0:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 10 00:00:00 2025 GMT
Not After : Mar 17 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:36:e9:0f:f5:7e:e3:5b:8d:ca:06:65:95:88:
4d:0e:50:25:4d:4f:bc:e8:76:13:e8:2b:47:e5:c8:
c6:cd:ae:95:39:0a:0f:2d:47:67:e1:ad:b8:c0:b3:
b2:78:02:c2:7a:7b:bb:2e:fa:08:d1:71:07:6d:66:
db:57:45:00:91:d9:74:0b:20:97:12:8c:a2:37:86:
ec:88:f4:e0:55:86:b0:08:12:e4:ca:0a:41:92:a2:
a3:42:84:3f:e9:36:a6:39:04:82:7d:96:c9:3c:9d:
f0:a9:a2:70:ff:34:89:7b:36:6d:68:22:00:d5:2b:
a3:38:9a:e3:38:38:ca:de:cd:a2:6f:22:9e:8b:a3:
55:5d:96:74:5f:c0:bb:86:f4:96:2b:f2:aa:0a:93:
81:6e:55:2d:fd:1c:f8:03:34:60:06:a3:a3:69:a5:
a9:7b:fc:e5:33:67:21:92:9e:a8:65:b5:d0:aa:68:
64:53:a5:72:ec:28:6b:37:bd:09:04:b2:62:06:64:
94:07:2d:e4:2a:43:b2:0b:06:d6:e6:a6:f3:5a:18:
19:e0:a0:a5:15:dd:79:ca:7e:f1:db:97:24:78:15:
08:93:4d:10:06:8d:a0:d6:ee:b5:ff:98:aa:7d:9c:
8d:96:f8:90:e5:b5:ba:67:b0:6c:e9:95:81:ae:f1:
8d:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:34:DB:A0:7A:7D:14:CE:54:50:2B:06:F3:17:CF:53:71:8B:DF:3E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fad76837-d6e1-4885-9781-3088c0b0c06c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:6000::/40
Signature Algorithm: sha256WithRSAEncryption
52:0e:53:67:1e:ef:ad:81:cd:6b:3b:ff:5b:11:eb:6b:a0:06:
01:73:f9:e3:59:8c:18:b2:6b:96:19:9b:45:ef:43:0f:4d:4d:
30:b2:b1:33:3c:d5:53:8e:2b:c6:8c:18:fe:68:1e:8d:99:7c:
c6:ec:e8:76:52:13:a3:33:96:c3:47:64:ca:c8:e0:02:8e:5d:
0e:de:d2:35:0d:24:56:bc:e0:49:02:a8:10:3e:83:9b:84:05:
cd:f0:e1:6e:34:39:4e:a9:1e:6e:73:81:62:c9:af:2b:02:02:
83:7f:3c:6a:cb:24:64:62:9f:02:52:3d:ca:14:c9:d3:d6:0a:
6e:22:4b:6c:cc:61:6b:72:79:8c:e7:d2:32:5e:e9:5a:14:c7:
35:3f:a2:77:e7:44:52:0c:af:d4:7a:22:bf:93:2e:17:de:95:
1f:fe:f5:e4:43:44:c8:ef:4a:d3:5a:94:b7:08:d5:b5:1e:d4:
65:c8:6b:dd:d5:ee:d9:a2:e1:52:37:29:88:fa:9d:74:4d:a5:
a2:5e:1d:26:e5:3e:c1:52:df:e4:56:c5:2e:ca:e9:fa:24:be:
30:cd:83:56:f1:dc:f0:b1:22:20:a8:cf:73:ff:26:d2:78:33:
29:05:35:8b:50:a3:8b:3a:53:83:5d:d6:10:c2:22:1f:d5:0d:
a5:d4:4e:84
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWocreizi1VPPSK3GaFEbcEaR4KswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAyMTAwMDAwMDBaFw0yNTAzMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ5Yzc2MmU4ZDRjOTI0MGEyNDAxZTkxMWQwODdjOWE2N2JiNGM3ZGEzZGI5
ZWNlMzk1NWJlMmNhOTZkNDcyYjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANM26Q/1fuNbjcoGZZWITQ5QJU1PvOh2E+grR+XIxs2ulTkKDy1HZ+GtuMCz
sngCwnp7uy76CNFxB21m21dFAJHZdAsglxKMojeG7Ij04FWGsAgS5MoKQZKio0KE
P+k2pjkEgn2WyTyd8KmicP80iXs2bWgiANUrozia4zg4yt7Nom8inoujVV2WdF/A
u4b0livyqgqTgW5VLf0c+AM0YAajo2mlqXv85TNnIZKeqGW10KpoZFOlcuwoaze9
CQSyYgZklAct5CpDsgsG1uam81oYGeCgpRXdecp+8duXJHgVCJNNEAaNoNbutf+Y
qn2cjZb4kOW1umewbOmVga7xjXsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ1NNug
en0UzlRQKwbzF89TcYvfPjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmFkNzY4MzctZDZlMS00ODg1LTk3ODEtMzA4OGMwYjBjMDZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dhg
MA0GCSqGSIb3DQEBCwUAA4IBAQBSDlNnHu+tgc1rO/9bEetroAYBc/njWYwYsmuW
GZtF70MPTU0wsrEzPNVTjivGjBj+aB6NmXzG7Oh2UhOjM5bDR2TKyOACjl0O3tI1
DSRWvOBJAqgQPoObhAXN8OFuNDlOqR5uc4Fiya8rAgKDfzxqyyRkYp8CUj3KFMnT
1gpuIktszGFrcnmM59IyXulaFMc1P6J350RSDK/UeiK/ky4X3pUf/vXkQ0TI70rT
WpS3CNW1HtRlyGvd1e7ZouFSNymI+p10TaWiXh0m5T7BUt/kVsUuyun6JL4wzYNW
8dzwsSIgqM9z/ybSeDMpBTWLUKOLOlODXdYQwiIf1Q2l1E6E
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:46:25 2025 by rpki-client