Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04593af5-4653-4d6a-8bb5-65270db84a4f.roa
File: 04593af5-4653-4d6a-8bb5-65270db84a4f.roa (raw, json)
Hash identifier: J5tjlfa2cswGDe8xteIzRoe2fIF3PLp+Mi9zf1JhkWc=
Subject key identifier: CA:35:D4:CF:87:B5:01:8B:95:13:63:57:9A:A8:23:55:45:A2:B5:A6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 365216198F4879AC8B41130CFA2B1A0133B95931
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04593af5-4653-4d6a-8bb5-65270db84a4f.roa
Signing time: Fri 25 Apr 2025 20:30:14 +0000
ROA not before: Fri 25 Apr 2025 20:30:14 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02d::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:52:16:19:8f:48:79:ac:8b:41:13:0c:fa:2b:1a:01:33:b9:59:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:30:14 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=459557139bbae734dffc14b9d2b365356ed73fcde04f9e81f55830292b69ed89, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:5e:15:77:de:d2:2a:36:1d:a4:83:22:00:65:
13:9c:13:38:14:e1:a4:87:63:8c:c0:09:e2:c7:14:
ba:cd:54:d2:ab:69:30:e4:6a:d9:0a:52:fd:89:c5:
98:b2:a7:e7:fd:72:cf:1e:6d:22:17:2b:e0:86:0e:
0e:32:25:aa:c2:0a:1d:ed:41:76:ea:51:63:05:47:
fa:b3:05:2e:e7:31:1a:10:0b:e8:c4:4d:1a:a7:1a:
28:f2:e5:cd:33:6a:52:be:29:70:0a:a4:5e:1e:00:
40:5f:f6:a4:b2:ab:7c:9f:1f:44:54:92:45:70:64:
b0:e0:0a:77:bb:37:79:93:78:0c:5c:bb:24:fe:04:
af:55:67:fb:fd:50:f8:89:94:1a:31:7b:24:98:3f:
27:81:2b:c0:23:1a:b0:59:c7:b7:8d:07:9d:c9:27:
bb:7c:6a:e6:1e:41:7f:a9:cd:56:b7:43:57:db:e1:
08:8d:4e:bc:71:45:5f:11:29:98:69:71:0b:93:fa:
cc:59:19:80:ca:b0:1d:be:ee:91:3a:4b:a0:08:5a:
11:ce:17:64:92:10:37:3c:21:9e:6c:44:25:dd:0d:
dd:c1:cf:8b:9e:ed:71:fc:d6:a6:e8:9b:48:fb:fb:
45:ee:6b:66:e4:72:07:f9:1b:41:a5:28:d9:79:61:
d1:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:35:D4:CF:87:B5:01:8B:95:13:63:57:9A:A8:23:55:45:A2:B5:A6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04593af5-4653-4d6a-8bb5-65270db84a4f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02d::/36
Signature Algorithm: sha256WithRSAEncryption
1b:6b:25:30:23:4b:96:f8:4a:5e:53:6c:96:72:b0:aa:5f:66:
ea:48:ba:15:99:e6:3e:ac:27:f9:7d:a7:b4:88:85:f1:b2:ed:
c8:10:6d:b4:e7:ae:91:93:52:0d:72:10:cc:50:51:db:2a:31:
1c:e7:c5:75:d2:69:a0:c1:ff:b0:20:20:a5:fa:6b:90:dc:a7:
d3:15:29:05:53:62:de:a7:0b:ba:7f:d6:bc:f9:72:50:b0:f5:
5c:67:87:b1:94:0b:9a:4b:76:e2:ef:9d:3e:4d:dd:86:f4:26:
27:5b:7d:e4:1c:82:17:b2:bf:c7:b0:60:21:10:72:f3:98:ef:
13:f8:6f:2a:f4:fd:5f:e9:bc:71:6d:6f:a5:d7:e3:2e:d9:e8:
49:e4:8c:d4:ce:95:a9:80:ae:df:5c:ec:2e:5b:7d:be:03:38:
ed:85:5d:50:25:f3:df:c0:0a:bb:5c:bb:bf:38:8e:9a:48:66:
02:a0:df:70:4f:23:0e:a0:4a:76:ad:1d:ab:93:fa:86:08:c9:
57:ab:d0:dd:5b:78:88:8d:13:18:70:82:80:25:1d:71:e9:d5:
df:e5:84:19:be:58:28:f7:2c:4e:47:a8:0f:46:8a:91:43:04:
75:dd:6d:f7:a4:92:90:aa:f0:36:18:96:22:9a:58:c0:d7:16:
e7:b4:3e:48
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNlIWGY9IeayLQRMM+isaATO5WTEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDMwMTRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ1OTU1NzEzOWJiYWU3MzRkZmZjMTRiOWQyYjM2NTM1NmVkNzNmY2RlMDRm
OWU4MWY1NTgzMDI5MmI2OWVkODkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMJeFXfe0io2HaSDIgBlE5wTOBThpIdjjMAJ4scUus1U0qtpMORq2QpS/YnF
mLKn5/1yzx5tIhcr4IYODjIlqsIKHe1BdupRYwVH+rMFLucxGhAL6MRNGqcaKPLl
zTNqUr4pcAqkXh4AQF/2pLKrfJ8fRFSSRXBksOAKd7s3eZN4DFy7JP4Er1Vn+/1Q
+ImUGjF7JJg/J4ErwCMasFnHt40Hncknu3xq5h5Bf6nNVrdDV9vhCI1OvHFFXxEp
mGlxC5P6zFkZgMqwHb7ukTpLoAhaEc4XZJIQNzwhnmxEJd0N3cHPi57tcfzWpuib
SPv7Re5rZuRyB/kbQaUo2Xlh0R8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTKNdTP
h7UBi5UTY1eaqCNVRaK1pjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDQ1OTNhZjUtNDY1My00ZDZhLThiYjUtNjUyNzBkYjg0YTRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0C0A
MA0GCSqGSIb3DQEBCwUAA4IBAQAbayUwI0uW+EpeU2yWcrCqX2bqSLoVmeY+rCf5
fae0iIXxsu3IEG20566Rk1INchDMUFHbKjEc58V10mmgwf+wICCl+muQ3KfTFSkF
U2Lepwu6f9a8+XJQsPVcZ4exlAuaS3bi750+Td2G9CYnW33kHIIXsr/HsGAhEHLz
mO8T+G8q9P1f6bxxbW+l1+Mu2ehJ5IzUzpWpgK7fXOwuW32+AzjthV1QJfPfwAq7
XLu/OI6aSGYCoN9wTyMOoEp2rR2rk/qGCMlXq9DdW3iIjRMYcIKAJR1x6dXf5YQZ
vlgo9yxOR6gPRoqRQwR13W33pJKQqvA2GJYimljA1xbntD5I
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:21 2025 by rpki-client