Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b28278f-4fad-45f4-a194-c2e785f1c443.roa
File: 0b28278f-4fad-45f4-a194-c2e785f1c443.roa (raw, json)
Hash identifier: 7/V4RCxidCeyS42vJvEBzqLgpkwSorAlrMtQVA9kAaE=
Subject key identifier: 4C:B5:EB:94:CA:DC:35:37:A1:1C:9F:91:C6:AA:F6:58:E5:BC:C9:65
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 01904A1325167D396C1681C3E98BD5C614DE78DA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b28278f-4fad-45f4-a194-c2e785f1c443.roa
Signing time: Fri 25 Apr 2025 20:10:44 +0000
ROA not before: Fri 25 Apr 2025 20:10:44 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d019:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4a:13:25:16:7d:39:6c:16:81:c3:e9:8b:d5:c6:14:de:78:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:10:44 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=e00aae9217a4495eb78e8cf52b35d05bafb2027938d37eae007ac11a471afc1c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:7a:6f:85:6a:89:9b:d7:fd:92:81:d5:49:f2:
87:29:6b:68:58:28:dd:31:00:21:5c:da:72:cf:ff:
69:de:a8:89:31:fb:2c:7a:28:f3:13:65:01:13:2a:
ff:b0:88:37:79:bd:22:64:fd:16:10:aa:7e:6e:d3:
64:26:15:af:f9:e7:ed:4e:30:3b:4a:cc:52:2a:8b:
62:64:f7:4d:3f:b6:03:a8:5b:4e:6d:dd:45:7b:18:
76:43:01:7f:b3:7d:56:7f:3a:36:04:44:95:b2:95:
30:61:e5:3f:ec:08:0d:62:8f:38:db:c1:2e:9d:55:
f2:48:1a:74:e3:b6:68:3b:92:95:0e:4a:23:c0:c4:
a5:04:14:4a:be:6e:a7:57:cc:38:fe:73:2b:b5:f9:
99:4e:d1:f8:c0:bf:08:f9:77:97:9f:d9:8d:b2:6c:
61:9d:f7:08:2f:20:1f:13:f4:b5:cb:49:6b:46:f4:
7e:b2:7c:73:d9:1f:93:cc:f5:4b:12:5c:bb:9b:22:
35:b9:17:f7:a4:37:c0:60:f9:de:07:df:59:53:e4:
f1:d6:e0:dc:64:da:4b:b4:1f:71:42:07:ba:1c:dd:
8e:02:97:47:1f:fd:8c:a2:cd:ea:4b:37:9f:7e:69:
51:b6:06:d4:18:62:ad:a6:be:ac:30:26:e6:e5:ee:
40:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:B5:EB:94:CA:DC:35:37:A1:1C:9F:91:C6:AA:F6:58:E5:BC:C9:65
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b28278f-4fad-45f4-a194-c2e785f1c443.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d019:800::/38
Signature Algorithm: sha256WithRSAEncryption
40:2a:f2:e6:1b:40:6c:29:f5:6c:52:60:6a:53:d4:9c:16:bf:
d9:df:f2:eb:18:95:34:93:df:ff:68:57:1e:15:ac:88:be:df:
b6:06:c1:58:fc:46:34:aa:d1:53:4f:2a:82:76:f4:0f:e0:39:
9e:cf:be:a4:c6:c7:6b:04:24:50:63:31:bc:ec:c4:90:d3:e5:
43:74:a8:76:73:6d:b9:41:0c:0e:c6:98:a4:2d:f5:8d:d2:9d:
a6:cc:13:89:7a:e7:13:7b:76:e0:82:29:44:75:2c:ab:74:ab:
ba:74:f3:54:2c:cf:f7:ac:a2:37:07:94:53:38:58:70:9c:8c:
77:8d:4b:e4:67:41:38:07:b5:8a:05:e0:87:1a:a5:9c:67:78:
56:05:64:82:75:9c:fe:64:b5:54:67:a3:a9:f1:28:a4:17:0b:
50:84:be:7b:ad:b0:53:a0:de:c1:b2:91:c0:d5:10:42:d0:b6:
65:c6:11:de:f3:68:fc:ff:03:1a:d9:64:e1:08:5f:46:5c:8e:
cb:de:03:92:54:04:d5:6a:ab:c7:e3:e7:84:cf:e6:63:c1:68:
1c:36:3d:e7:bc:42:98:f6:2b:7d:f6:33:b9:dd:16:5a:ad:84:
b4:fb:6f:6a:61:f7:0a:52:fb:f3:ba:74:67:09:a9:b4:a9:67:
1d:80:3f:07
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAZBKEyUWfTlsFoHD6YvVxhTeeNowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDEwNDRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGUwMGFhZTkyMTdhNDQ5NWViNzhlOGNmNTJiMzVkMDViYWZiMjAyNzkzOGQz
N2VhZTAwN2FjMTFhNDcxYWZjMWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANh6b4VqiZvX/ZKB1UnyhylraFgo3TEAIVzacs//ad6oiTH7LHoo8xNlARMq
/7CIN3m9ImT9FhCqfm7TZCYVr/nn7U4wO0rMUiqLYmT3TT+2A6hbTm3dRXsYdkMB
f7N9Vn86NgRElbKVMGHlP+wIDWKPONvBLp1V8kgadOO2aDuSlQ5KI8DEpQQUSr5u
p1fMOP5zK7X5mU7R+MC/CPl3l5/ZjbJsYZ33CC8gHxP0tctJa0b0frJ8c9kfk8z1
SxJcu5siNbkX96Q3wGD53gffWVPk8dbg3GTaS7QfcUIHuhzdjgKXRx/9jKLN6ks3
n35pUbYG1Bhiraa+rDAm5uXuQKECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRMteuU
ytw1N6Ecn5HGqvZY5bzJZTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGIyODI3OGYtNGZhZC00NWY0LWExOTQtYzJlNzg1ZjFjNDQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BkI
MA0GCSqGSIb3DQEBCwUAA4IBAQBAKvLmG0BsKfVsUmBqU9ScFr/Z3/LrGJU0k9//
aFceFayIvt+2BsFY/EY0qtFTTyqCdvQP4Dmez76kxsdrBCRQYzG87MSQ0+VDdKh2
c225QQwOxpikLfWN0p2mzBOJeucTe3bggilEdSyrdKu6dPNULM/3rKI3B5RTOFhw
nIx3jUvkZ0E4B7WKBeCHGqWcZ3hWBWSCdZz+ZLVUZ6Op8SikFwtQhL57rbBToN7B
spHA1RBC0LZlxhHe82j8/wMa2WThCF9GXI7L3gOSVATVaqvH4+eEz+ZjwWgcNj3n
vEKY9it99jO53RZarYS0+29qYfcKUvvzunRnCam0qWcdgD8H
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:20 2025 by rpki-client