Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01edd097-8881-46b9-b8a4-4897174f4b86.roa
File: 01edd097-8881-46b9-b8a4-4897174f4b86.roa (raw, json)
Hash identifier: YSXhMNE2cYvIYW7IK6X4FznaiwZapFXeD/rUINMl60c=
Subject key identifier: 8A:32:9D:F4:37:9E:26:E2:39:C3:B4:B6:02:DA:1D:AF:C7:2C:54:57
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3C1754C8CC404E74B77D504E283CD2ED11338C02
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01edd097-8881-46b9-b8a4-4897174f4b86.roa
Signing time: Tue 01 Apr 2025 15:01:25 +0000
ROA not before: Tue 01 Apr 2025 15:01:25 +0000
ROA not after: Tue 06 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:17:54:c8:cc:40:4e:74:b7:7d:50:4e:28:3c:d2:ed:11:33:8c:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 1 15:01:25 2025 GMT
Not After : May 6 23:59:59 2025 GMT
Subject: serialNumber=f12cfd54917a82d6860a4be4cbc9a4d0b2719f3a3ec1f678a89d69d403e573db, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:48:00:05:8b:77:97:80:a7:56:8a:12:64:29:
53:2e:ab:5f:9b:f8:34:92:67:65:54:84:f1:8b:dd:
bf:02:16:23:0b:32:5d:20:57:44:b0:a0:0f:63:37:
86:13:3c:2b:da:76:a8:0c:0b:9d:95:f0:50:cc:8a:
d0:2a:99:2f:6f:6c:73:73:35:6c:6a:16:9d:d3:63:
29:cc:ec:8a:da:e3:f2:2e:4b:be:b5:e3:7b:e5:a6:
23:b2:df:df:f2:81:94:ae:91:cd:ac:23:cd:92:fc:
61:ec:88:ad:d5:3b:9c:d8:30:ee:7a:79:53:03:36:
92:61:7a:82:bc:d8:de:b5:73:37:3e:48:ee:18:ee:
b2:2b:c6:e5:da:e4:ac:de:2d:04:0c:37:9c:91:8f:
b8:38:d6:11:6e:28:90:6a:84:6a:d0:81:5b:3f:e4:
cd:ec:a9:dc:0f:3f:3a:f1:fb:d7:28:13:34:84:7c:
8b:8c:b0:a5:dd:f2:91:34:1c:9f:73:88:f7:b2:3e:
d8:67:91:f4:a7:32:66:17:06:d9:ed:c9:4b:d7:94:
bf:ec:08:37:fa:e8:5a:9d:78:9d:51:85:a1:1a:d6:
95:a3:70:6c:e9:f0:98:1f:2d:a0:b7:3d:d5:c6:8e:
b1:48:7c:a8:ef:e9:02:80:24:5f:19:8c:70:d4:6b:
ad:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:32:9D:F4:37:9E:26:E2:39:C3:B4:B6:02:DA:1D:AF:C7:2C:54:57
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01edd097-8881-46b9-b8a4-4897174f4b86.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:c000::/40
Signature Algorithm: sha256WithRSAEncryption
9d:ee:db:34:d3:fc:c3:84:d3:cb:91:e7:7b:2e:42:fd:38:d9:
f3:65:59:9b:13:18:97:c6:96:8e:37:15:78:6c:05:42:a5:fd:
8c:9d:59:be:40:e6:99:45:53:6c:d5:6a:da:44:f3:d4:01:4a:
b3:5b:37:3a:a7:31:a1:a9:b4:65:f1:3b:29:57:b9:d1:6e:ef:
dc:43:12:dc:4a:73:6c:2c:fc:c4:af:2c:b4:d6:a3:95:62:21:
8c:d9:cc:0f:3c:8a:09:f1:0e:d3:2d:c8:b3:eb:a0:34:b4:05:
0e:35:d9:66:ba:ac:84:af:26:c6:c2:cd:56:2a:8e:6a:fb:9e:
da:6f:1b:34:d1:84:78:e4:5d:98:28:32:b4:57:37:b5:37:89:
56:9f:ea:d4:60:ee:68:45:b5:5f:8a:e0:32:fc:62:c9:bf:b1:
de:5d:3a:1d:0b:83:cf:ef:bb:cc:e3:e1:a2:f2:26:56:95:6c:
8e:09:45:9f:9d:f4:01:cf:8b:3e:f5:0f:a1:20:6b:6c:97:ce:
27:64:e5:1e:28:21:df:fa:ff:c8:10:30:93:77:12:bb:cf:7d:
89:78:12:ea:cd:a1:09:33:39:7a:7b:be:cb:d3:6d:33:19:35:
f5:ed:9e:5d:5a:7a:48:5c:1d:3e:a7:71:96:29:b6:98:b1:88:
38:52:30:7b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPBdUyMxATnS3fVBOKDzS7REzjAIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MDExNTAxMjVaFw0yNTA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxMmNmZDU0OTE3YTgyZDY4NjBhNGJlNGNiYzlhNGQwYjI3MTlmM2EzZWMx
ZjY3OGE4OWQ2OWQ0MDNlNTczZGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOVIAAWLd5eAp1aKEmQpUy6rX5v4NJJnZVSE8YvdvwIWIwsyXSBXRLCgD2M3
hhM8K9p2qAwLnZXwUMyK0CqZL29sc3M1bGoWndNjKczsitrj8i5LvrXje+WmI7Lf
3/KBlK6RzawjzZL8YeyIrdU7nNgw7np5UwM2kmF6grzY3rVzNz5I7hjusivG5drk
rN4tBAw3nJGPuDjWEW4okGqEatCBWz/kzeyp3A8/OvH71ygTNIR8i4ywpd3ykTQc
n3OI97I+2GeR9KcyZhcG2e3JS9eUv+wIN/roWp14nVGFoRrWlaNwbOnwmB8toLc9
1caOsUh8qO/pAoAkXxmMcNRrrS8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSKMp30
N54m4jnDtLYC2h2vxyxUVzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDFlZGQwOTctODg4MS00NmI5LWI4YTQtNDg5NzE3NGY0Yjg2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FnA
MA0GCSqGSIb3DQEBCwUAA4IBAQCd7ts00/zDhNPLked7LkL9ONnzZVmbExiXxpaO
NxV4bAVCpf2MnVm+QOaZRVNs1WraRPPUAUqzWzc6pzGhqbRl8TspV7nRbu/cQxLc
SnNsLPzEryy01qOVYiGM2cwPPIoJ8Q7TLciz66A0tAUONdlmuqyErybGws1WKo5q
+57abxs00YR45F2YKDK0Vze1N4lWn+rUYO5oRbVfiuAy/GLJv7HeXTodC4PP77vM
4+Gi8iZWlWyOCUWfnfQBz4s+9Q+hIGtsl84nZOUeKCHf+v/IEDCTdxK7z32JeBLq
zaEJMzl6e77L020zGTX17Z5dWnpIXB0+p3GWKbaYsYg4UjB7
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:07 2025 by rpki-client