Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/045c4172-cf2a-4f25-96f1-25c2fd9edd2c.roa
File: 045c4172-cf2a-4f25-96f1-25c2fd9edd2c.roa (raw, json)
Hash identifier: 7O62UF9cTVzZJ7E4oLmVXozaZLxB5r3YEYOOaJKSxSo=
Subject key identifier: 4D:85:AA:AE:A4:5A:88:9D:78:41:3A:05:AD:5C:BE:EB:A1:8A:17:FB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E5138BC4370610B5A457F14A740723EEC4249FB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/045c4172-cf2a-4f25-96f1-25c2fd9edd2c.roa
Signing time: Fri 25 Apr 2025 18:30:10 +0000
ROA not before: Fri 25 Apr 2025 18:30:10 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:51:38:bc:43:70:61:0b:5a:45:7f:14:a7:40:72:3e:ec:42:49:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:30:10 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=cc74907bb0aa4aeb4b7ae1ac8f6ba8ef49013da94ade4a17c9fb35f7f8b59de9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:00:98:20:dc:6d:d2:c6:3e:67:c3:e9:d7:6c:
77:fa:ab:ef:f6:da:b4:b0:c5:f4:23:56:9c:6d:76:
23:96:f2:a4:03:18:bc:bf:80:98:d6:55:b0:a2:d5:
7f:ed:1c:4c:18:82:f2:54:26:ff:c2:0d:55:f0:46:
c0:0c:e3:0a:55:ab:01:ab:e1:c2:d0:d6:52:76:db:
72:fa:0e:d5:1f:fb:fa:c6:fd:28:f3:71:80:fc:63:
2c:7d:fc:8c:52:63:6c:11:d6:f5:bc:3e:44:a5:b4:
77:8a:0a:d3:0b:64:74:6a:64:e5:97:94:a1:30:54:
6b:28:6a:86:f7:95:25:5b:ef:55:1c:39:45:dd:92:
1a:9f:ac:c3:46:a3:bf:31:18:ed:33:9c:2a:2d:25:
20:7b:b7:e5:d8:82:6c:00:c9:ec:f3:12:22:fb:9e:
3c:c4:46:1e:b2:03:11:ba:63:50:57:9a:3a:1f:ae:
c6:68:f0:dc:3b:b6:99:5c:9c:1d:f6:91:1a:95:4e:
c0:2d:14:87:41:f5:82:34:db:b6:93:a0:62:0a:8b:
92:b6:23:3f:6b:fe:a0:f1:ba:27:14:a0:9f:dd:5c:
cf:98:b7:1b:9f:7e:9f:91:4b:52:a0:43:cd:ab:ee:
3e:39:2e:8d:ee:14:60:9b:2d:1e:e1:43:a4:35:3a:
76:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:85:AA:AE:A4:5A:88:9D:78:41:3A:05:AD:5C:BE:EB:A1:8A:17:FB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/045c4172-cf2a-4f25-96f1-25c2fd9edd2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
11:de:ab:51:28:a7:ae:74:b6:8e:14:ca:4c:0b:87:e8:01:bc:
23:cf:99:2a:d4:c7:ed:45:fe:74:39:60:a1:94:cd:2e:f5:f2:
2f:09:7f:37:df:58:e1:24:54:18:80:df:90:5e:15:f9:fe:e3:
63:ee:52:44:d1:98:a8:f4:94:58:3e:88:af:cc:d9:59:84:e7:
47:be:bf:d0:ea:ec:ae:83:e0:3e:7a:f1:12:88:7a:d6:e1:1a:
80:95:80:1b:53:b5:7b:65:0e:fa:b0:29:cd:57:de:9d:9f:16:
88:aa:a9:97:5a:4d:b0:f1:05:6b:d3:3a:67:a0:bc:96:c3:9f:
1a:16:fb:f3:49:5d:b8:ac:87:02:7d:97:9a:ca:07:86:d2:c5:
de:5a:af:8f:82:ae:5a:84:35:d4:b7:90:ed:c7:d6:85:f9:cb:
c9:50:7f:fc:7e:65:5e:39:d6:ef:8e:a8:72:8d:5f:49:47:68:
1d:bc:8f:91:1d:43:b7:9c:17:9f:5d:f1:d0:fd:4b:19:35:1a:
2c:98:47:f9:c3:e4:f0:52:b3:7e:1c:4f:c8:97:44:6d:82:0d:
95:eb:f8:1d:1e:47:23:99:68:c9:9c:e4:f9:cd:61:e4:c4:04:
45:c4:01:f3:52:62:b3:69:8e:03:2f:32:71:b6:a9:7f:81:19:
99:01:d4:7c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUflE4vENwYQtaRX8Up0ByPuxCSfswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODMwMTBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGNjNzQ5MDdiYjBhYTRhZWI0YjdhZTFhYzhmNmJhOGVmNDkwMTNkYTk0YWRl
NGExN2M5ZmIzNWY3ZjhiNTlkZTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANIAmCDcbdLGPmfD6ddsd/qr7/batLDF9CNWnG12I5bypAMYvL+AmNZVsKLV
f+0cTBiC8lQm/8INVfBGwAzjClWrAavhwtDWUnbbcvoO1R/7+sb9KPNxgPxjLH38
jFJjbBHW9bw+RKW0d4oK0wtkdGpk5ZeUoTBUayhqhveVJVvvVRw5Rd2SGp+sw0aj
vzEY7TOcKi0lIHu35diCbADJ7PMSIvuePMRGHrIDEbpjUFeaOh+uxmjw3Du2mVyc
HfaRGpVOwC0Uh0H1gjTbtpOgYgqLkrYjP2v+oPG6JxSgn91cz5i3G59+n5FLUqBD
zavuPjkuje4UYJstHuFDpDU6dtUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRNhaqu
pFqInXhBOgWtXL7roYoX+zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDQ1YzQxNzItY2YyYS00ZjI1LTk2ZjEtMjVjMmZkOWVkZDJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HTg
wDANBgkqhkiG9w0BAQsFAAOCAQEAEd6rUSinrnS2jhTKTAuH6AG8I8+ZKtTH7UX+
dDlgoZTNLvXyLwl/N99Y4SRUGIDfkF4V+f7jY+5SRNGYqPSUWD6Ir8zZWYTnR76/
0OrsroPgPnrxEoh61uEagJWAG1O1e2UO+rApzVfenZ8WiKqpl1pNsPEFa9M6Z6C8
lsOfGhb780lduKyHAn2XmsoHhtLF3lqvj4KuWoQ11LeQ7cfWhfnLyVB//H5lXjnW
746oco1fSUdoHbyPkR1Dt5wXn13x0P1LGTUaLJhH+cPk8FKzfhxPyJdEbYINlev4
HR5HI5loyZzk+c1h5MQERcQB81Jis2mOAy8ycbapf4EZmQHUfA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:07 2025 by rpki-client