Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b50b516-b90a-4f69-ace2-8e904f240f1d.roa
File: 0b50b516-b90a-4f69-ace2-8e904f240f1d.roa (raw, json)
Hash identifier: d0j6rsza2wvJyy+W6EUpSv/SVOGY9Tdwtu+ddwFgfPw=
Subject key identifier: 4C:83:87:CE:61:37:38:65:C2:B7:BA:0A:7F:EB:85:FE:84:FD:8D:0E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4DB60757828721B6EDD9CEABB90E797656F2706E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b50b516-b90a-4f69-ace2-8e904f240f1d.roa
Signing time: Fri 25 Apr 2025 20:11:09 +0000
ROA not before: Fri 25 Apr 2025 20:11:09 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01a:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:b6:07:57:82:87:21:b6:ed:d9:ce:ab:b9:0e:79:76:56:f2:70:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:11:09 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=c5778500f6170cccb73a2683dc22f3c5d9b2c3a0fe383c916ec7aca5aa574899, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:3f:1c:9b:5c:f4:f0:46:44:98:b7:ec:fc:03:
89:17:4f:41:a0:9a:18:60:2d:18:da:94:3e:ba:93:
48:c6:1e:ce:c2:f5:56:35:2f:20:d9:8b:e6:3c:6d:
21:ad:1e:c2:c9:63:e5:67:b8:06:e8:1b:5c:3f:dd:
e9:3d:a8:88:c9:62:00:7c:6c:29:92:2a:a8:42:53:
79:d1:43:aa:80:b3:da:7d:f3:24:79:52:68:82:4e:
8d:bb:c5:0f:1f:f9:2d:82:ca:be:ff:b6:a5:80:1e:
c7:d2:ac:d1:60:9e:83:66:f7:e2:ba:79:fa:2c:da:
c5:69:ba:24:1b:ce:ec:fd:1b:1c:6e:88:a0:9d:37:
c2:25:55:1a:3c:47:75:42:f0:f3:66:a6:1f:da:ac:
3d:18:d0:1d:1a:d3:f2:04:49:f4:95:40:56:19:bc:
bb:be:8b:97:9d:85:54:4e:37:02:8f:8d:e0:50:35:
bf:03:c1:51:57:90:e0:5c:74:ec:4b:e0:dc:c6:9f:
fa:78:0e:9a:a1:cd:3a:04:43:e4:ee:1d:8e:eb:3b:
99:12:14:cc:17:60:3c:80:bd:fa:1a:42:36:7d:80:
56:a3:68:17:ba:df:3f:8d:0c:fa:5f:2e:af:94:b5:
bd:31:46:5b:ae:8f:24:af:24:b6:4d:09:07:42:3c:
bc:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:83:87:CE:61:37:38:65:C2:B7:BA:0A:7F:EB:85:FE:84:FD:8D:0E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b50b516-b90a-4f69-ace2-8e904f240f1d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01a:c00::/38
Signature Algorithm: sha256WithRSAEncryption
0e:3e:2c:04:68:69:54:fb:a5:4c:4e:4c:41:10:f0:03:fc:dd:
93:4e:ed:4d:da:53:43:6e:53:87:0f:26:fe:6e:4c:95:3c:a5:
a5:1c:53:27:67:80:8a:db:da:e8:8d:b0:dc:bf:3d:4e:77:ff:
63:33:2b:ca:d1:93:c2:f0:6d:ae:e4:36:01:47:5f:49:0a:0c:
51:a0:48:4b:3c:23:bf:55:27:98:35:cb:b3:1c:8c:f5:1e:d8:
d2:94:13:26:1a:2b:9f:d7:de:88:09:3a:43:c5:79:cd:82:04:
e0:b6:82:74:b5:ee:87:06:61:67:26:af:cd:88:af:85:db:d9:
b2:2b:22:e9:73:86:9b:5b:ca:24:41:eb:a9:a1:3e:cc:c1:ba:
47:d7:c5:0c:1e:12:f1:c2:18:7f:7b:40:17:c0:d2:b8:47:d7:
fb:f2:f0:74:3a:d7:88:1a:3f:aa:3e:a8:c3:20:86:10:b1:a4:
15:ad:2d:14:5c:44:df:69:32:d8:d7:ae:14:e7:58:8c:ba:9d:
d4:9d:0c:8e:a1:2a:07:a6:21:e6:18:7f:64:a1:86:56:e2:f7:
c3:29:be:37:fd:53:ee:6e:d3:07:5d:78:71:3d:1f:af:6a:32:
3a:39:f2:1f:bb:74:51:4a:42:2b:a3:31:27:79:1d:45:99:ce:
21:ff:26:ba
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTbYHV4KHIbbt2c6ruQ55dlbycG4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDExMDlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGM1Nzc4NTAwZjYxNzBjY2NiNzNhMjY4M2RjMjJmM2M1ZDliMmMzYTBmZTM4
M2M5MTZlYzdhY2E1YWE1NzQ4OTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMs/HJtc9PBGRJi37PwDiRdPQaCaGGAtGNqUPrqTSMYezsL1VjUvINmL5jxt
Ia0ewslj5We4BugbXD/d6T2oiMliAHxsKZIqqEJTedFDqoCz2n3zJHlSaIJOjbvF
Dx/5LYLKvv+2pYAex9Ks0WCeg2b34rp5+izaxWm6JBvO7P0bHG6IoJ03wiVVGjxH
dULw82amH9qsPRjQHRrT8gRJ9JVAVhm8u76Ll52FVE43Ao+N4FA1vwPBUVeQ4Fx0
7Evg3Maf+ngOmqHNOgRD5O4djus7mRIUzBdgPIC9+hpCNn2AVqNoF7rfP40M+l8u
r5S1vTFGW66PJK8ktk0JB0I8vCUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRMg4fO
YTc4ZcK3ugp/64X+hP2NDjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGI1MGI1MTYtYjkwYS00ZjY5LWFjZTItOGU5MDRmMjQwZjFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BoM
MA0GCSqGSIb3DQEBCwUAA4IBAQAOPiwEaGlU+6VMTkxBEPAD/N2TTu1N2lNDblOH
Dyb+bkyVPKWlHFMnZ4CK29rojbDcvz1Od/9jMyvK0ZPC8G2u5DYBR19JCgxRoEhL
PCO/VSeYNcuzHIz1HtjSlBMmGiuf196ICTpDxXnNggTgtoJ0te6HBmFnJq/NiK+F
29myKyLpc4abW8okQeupoT7MwbpH18UMHhLxwhh/e0AXwNK4R9f78vB0OteIGj+q
PqjDIIYQsaQVrS0UXETfaTLY164U51iMup3UnQyOoSoHpiHmGH9koYZW4vfDKb43
/VPubtMHXXhxPR+vajI6OfIfu3RRSkIrozEneR1Fmc4h/ya6
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:50 2025 by rpki-client