Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0cadec3e-a35e-4321-b172-825de7a521d7.roa
File: 0cadec3e-a35e-4321-b172-825de7a521d7.roa (raw, json)
Hash identifier: brxIZxNTew88dYygu+t4D3FHQMNtsK4xXPWrHQ1Lo8g=
Subject key identifier: 49:B8:55:60:8A:37:17:63:A3:C6:D2:ED:4E:DF:21:48:0D:74:89:04
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4027228A7C46085F49468EBA934C4F765B68F332
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0cadec3e-a35e-4321-b172-825de7a521d7.roa
Signing time: Fri 25 Apr 2025 18:30:11 +0000
ROA not before: Fri 25 Apr 2025 18:30:11 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:90c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:27:22:8a:7c:46:08:5f:49:46:8e:ba:93:4c:4f:76:5b:68:f3:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:30:11 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=acef9c1d04c0889ee15da87a00c05c835e8adfa41ba80c3d85ac6d2978a88d40, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:0d:3a:bd:b4:09:86:1d:a7:59:10:14:61:2c:
ce:35:6b:6f:95:43:7c:cb:01:b8:1e:ed:64:a7:79:
ad:c9:c5:b9:dd:56:d0:05:af:8a:a4:49:64:a6:6e:
38:1b:49:ed:4f:55:32:93:0a:c1:cd:02:6c:6a:bf:
4c:0f:c3:b5:b1:56:a3:a5:40:cb:29:ef:10:ac:55:
10:4d:42:a8:a2:2f:09:07:d0:6c:56:d4:36:12:f5:
06:c1:4e:f3:e0:52:89:1c:12:de:67:d0:8f:c2:08:
02:02:35:a3:bf:2a:fb:40:67:20:ce:01:fc:03:8f:
f9:5c:e4:87:af:6b:25:55:1d:44:13:36:b5:7b:91:
5d:35:e8:65:0c:8a:eb:5c:38:97:e5:22:f6:f4:ff:
9d:ce:87:95:cd:79:b8:d9:9c:3f:56:6e:b5:e3:c4:
30:d2:8a:75:7f:ea:99:80:e7:6c:9e:45:f6:41:f1:
3d:8a:7e:cf:29:f2:62:82:e4:dc:33:5a:3a:04:bb:
cb:3a:a0:98:d2:dd:ed:ee:d5:b9:aa:33:5c:0f:87:
87:11:27:f5:f6:f0:b5:ac:d7:c7:53:07:59:2e:89:
0c:c7:b8:39:04:f8:24:e2:7a:06:97:87:bb:7c:ff:
d1:86:b6:90:7b:cc:85:01:f1:ac:03:ff:00:5c:43:
c0:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:B8:55:60:8A:37:17:63:A3:C6:D2:ED:4E:DF:21:48:0D:74:89:04
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0cadec3e-a35e-4321-b172-825de7a521d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:90c0::/48
Signature Algorithm: sha256WithRSAEncryption
74:5e:e2:d5:c7:0d:27:17:f9:83:a8:38:9e:6d:9a:26:46:64:
f5:ab:70:56:f5:dc:5b:b4:70:90:6f:fc:c9:a1:04:95:29:68:
f4:4c:06:c6:30:d9:d9:cf:57:a5:16:c3:93:1a:e3:6c:f0:2f:
33:2a:51:1e:49:be:a9:41:74:c8:c8:ba:14:07:6e:9a:83:f5:
f0:13:46:f0:5a:28:f8:4a:34:4a:17:d6:0c:5b:b5:e9:9a:8c:
3b:e2:3e:8b:2c:f0:14:3b:e7:f2:34:7d:9a:28:cc:aa:50:d3:
38:46:75:b7:95:98:70:39:4c:ce:47:c3:9d:fd:80:ab:ff:43:
d3:62:97:3d:0c:31:87:ba:83:9f:5b:d7:56:58:b3:22:04:ca:
6b:af:d1:32:69:65:e9:6a:88:e8:91:64:7f:b7:c2:85:19:5e:
d4:57:d7:d6:2e:7f:a0:c7:d1:b4:5f:d4:22:7d:e3:ef:40:a0:
3f:97:b8:00:be:6a:7d:cf:30:b4:9f:06:32:6a:f0:3d:be:f1:
b8:6c:58:3c:bf:9d:79:17:4b:8c:98:0a:f9:40:c4:f3:a4:f0:
25:ea:94:df:d3:92:a5:08:ae:43:d5:fb:09:c1:7b:38:80:ed:
20:ec:e2:fc:0f:55:ca:c3:87:74:73:fd:7e:5f:0b:44:de:47:
62:f3:4b:d6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQCciinxGCF9JRo66k0xPdlto8zIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODMwMTFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjZWY5YzFkMDRjMDg4OWVlMTVkYTg3YTAwYzA1YzgzNWU4YWRmYTQxYmE4
MGMzZDg1YWM2ZDI5NzhhODhkNDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKoNOr20CYYdp1kQFGEszjVrb5VDfMsBuB7tZKd5rcnFud1W0AWviqRJZKZu
OBtJ7U9VMpMKwc0CbGq/TA/DtbFWo6VAyynvEKxVEE1CqKIvCQfQbFbUNhL1BsFO
8+BSiRwS3mfQj8IIAgI1o78q+0BnIM4B/AOP+Vzkh69rJVUdRBM2tXuRXTXoZQyK
61w4l+Ui9vT/nc6Hlc15uNmcP1ZutePEMNKKdX/qmYDnbJ5F9kHxPYp+zynyYoLk
3DNaOgS7yzqgmNLd7e7VuaozXA+HhxEn9fbwtazXx1MHWS6JDMe4OQT4JOJ6BpeH
u3z/0Ya2kHvMhQHxrAP/AFxDwG8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRJuFVg
ijcXY6PG0u1O3yFIDXSJBDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGNhZGVjM2UtYTM1ZS00MzIxLWIxNzItODI1ZGU3YTUyMWQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAdF7i1ccNJxf5g6g4nm2aJkZk9atwVvXcW7Rw
kG/8yaEElSlo9EwGxjDZ2c9XpRbDkxrjbPAvMypRHkm+qUF0yMi6FAdumoP18BNG
8Foo+Eo0ShfWDFu16ZqMO+I+iyzwFDvn8jR9mijMqlDTOEZ1t5WYcDlMzkfDnf2A
q/9D02KXPQwxh7qDn1vXVlizIgTKa6/RMmll6WqI6JFkf7fChRle1FfX1i5/oMfR
tF/UIn3j70CgP5e4AL5qfc8wtJ8GMmrwPb7xuGxYPL+deRdLjJgK+UDE86TwJeqU
39OSpQiuQ9X7CcF7OIDtIOzi/A9VysOHdHP9fl8LRN5HYvNL1g==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:42 2025 by rpki-client