Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
File: 0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa (raw, json)
Hash identifier: KIZA2nrFdij+kSDs18OgP1d9VgtmAWRRNJcogHrNUYE=
Subject key identifier: 04:BC:DD:42:CB:C8:34:6E:D6:65:80:F3:8E:3F:66:90:2A:2D:7B:D1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E4A1228DABE1BEF71279AA14BA89E58DF2CF06B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
Signing time: Fri 25 Apr 2025 20:10:43 +0000
ROA not before: Fri 25 Apr 2025 20:10:43 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:4a:12:28:da:be:1b:ef:71:27:9a:a1:4b:a8:9e:58:df:2c:f0:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:10:43 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=3f036ee069b175a35a07a3cb93da5887856ba295f0541b2ee2cbe4713c11e82f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e4:12:e6:17:f4:fe:9e:52:0a:8c:d2:c5:40:
55:5b:09:0c:21:a3:28:14:ab:24:5d:e9:85:47:e4:
17:3a:e9:af:bf:ff:eb:dd:ea:cb:a7:0d:73:b1:b9:
63:94:fe:61:2d:8e:81:3b:b9:04:79:01:26:01:40:
cc:34:ff:59:3a:03:1e:f7:27:c8:4e:84:81:4d:f4:
b2:7f:9f:0f:15:d2:9c:78:09:85:fc:ad:fa:21:c6:
f6:c6:4a:e2:69:5b:4f:41:5e:00:8c:e8:90:3d:a4:
74:41:69:1e:fa:51:e6:b6:4d:2b:11:05:19:e0:20:
45:82:38:ac:53:be:a8:71:29:8a:66:18:e6:78:59:
e9:ee:5f:a9:6f:fa:9b:36:47:5b:07:6c:35:ab:d9:
90:46:ea:e9:50:1a:b9:f4:bd:05:31:96:8e:ae:26:
f6:bf:84:11:f1:6b:ab:98:7a:24:36:56:a6:a6:c6:
2d:a7:85:00:a6:b6:59:90:b1:be:5b:f7:eb:12:2a:
80:01:83:85:0d:85:c5:de:ab:79:b3:38:78:aa:35:
37:28:d7:30:5a:a7:e7:1c:ca:77:48:e9:0d:9b:c5:
f3:fd:20:7b:10:06:e0:82:3d:2b:31:29:ed:0d:ec:
73:8c:07:e8:52:b3:60:53:22:db:6a:c0:6a:b9:f9:
ac:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:BC:DD:42:CB:C8:34:6E:D6:65:80:F3:8E:3F:66:90:2A:2D:7B:D1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:e000::/40
Signature Algorithm: sha256WithRSAEncryption
9c:ed:48:d1:7c:f6:a1:5d:a8:f7:e6:39:7c:e4:b9:98:4a:2a:
f4:d5:1f:1f:13:4a:05:bc:27:30:c8:31:15:6c:d4:ba:70:48:
b6:5e:ec:fe:87:fc:66:6c:2e:f6:0c:b3:45:36:64:cb:8f:73:
9e:66:c8:ee:16:94:3b:7f:5e:9a:36:f6:8b:c4:0d:c1:52:34:
1d:0b:4f:0f:20:1d:54:17:d7:de:39:62:5f:6b:00:ae:b9:40:
fb:cd:e0:8b:1c:c9:c9:dc:3c:a8:5d:ee:b6:59:19:b5:6a:54:
c1:83:de:1a:c2:0c:41:57:11:34:be:62:a8:2c:9d:29:4e:87:
2e:17:0c:52:36:6c:43:5e:33:00:7c:a7:e4:4b:b1:ef:ad:92:
38:10:79:25:12:28:63:3c:20:f4:02:29:04:48:24:cd:69:fe:
88:b1:48:ce:7f:a7:52:22:a9:07:b6:0f:28:b4:dd:de:86:02:
9f:38:69:f4:1b:67:6a:c2:8f:8c:cb:d1:1b:2b:01:31:2f:24:
58:7c:07:f6:06:f7:1f:39:4e:6f:d5:38:7c:b3:48:9c:c9:bc:
0f:44:ed:f7:28:e2:35:dc:53:b4:d4:8b:f4:63:6b:ea:3a:6a:
c4:fc:d4:50:2f:ec:ae:b1:13:ca:3a:60:ca:93:1c:75:14:57:
1d:c2:34:19
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfkoSKNq+G+9xJ5qhS6ieWN8s8GswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDEwNDNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmMDM2ZWUwNjliMTc1YTM1YTA3YTNjYjkzZGE1ODg3ODU2YmEyOTVmMDU0
MWIyZWUyY2JlNDcxM2MxMWU4MmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMLkEuYX9P6eUgqM0sVAVVsJDCGjKBSrJF3phUfkFzrpr7//693qy6cNc7G5
Y5T+YS2OgTu5BHkBJgFAzDT/WToDHvcnyE6EgU30sn+fDxXSnHgJhfyt+iHG9sZK
4mlbT0FeAIzokD2kdEFpHvpR5rZNKxEFGeAgRYI4rFO+qHEpimYY5nhZ6e5fqW/6
mzZHWwdsNavZkEbq6VAaufS9BTGWjq4m9r+EEfFrq5h6JDZWpqbGLaeFAKa2WZCx
vlv36xIqgAGDhQ2Fxd6rebM4eKo1NyjXMFqn5xzKd0jpDZvF8/0gexAG4II9KzEp
7Q3sc4wH6FKzYFMi22rAarn5rIUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQEvN1C
y8g0btZlgPOOP2aQKi170TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGUwODI1MzctNmUzNi00NzRhLTlmZjgtYjdkM2JjYWFiYjY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Drg
MA0GCSqGSIb3DQEBCwUAA4IBAQCc7UjRfPahXaj35jl85LmYSir01R8fE0oFvCcw
yDEVbNS6cEi2Xuz+h/xmbC72DLNFNmTLj3OeZsjuFpQ7f16aNvaLxA3BUjQdC08P
IB1UF9feOWJfawCuuUD7zeCLHMnJ3DyoXe62WRm1alTBg94awgxBVxE0vmKoLJ0p
TocuFwxSNmxDXjMAfKfkS7HvrZI4EHklEihjPCD0AikESCTNaf6IsUjOf6dSIqkH
tg8otN3ehgKfOGn0G2dqwo+My9EbKwExLyRYfAf2BvcfOU5v1Th8s0icybwPRO33
KOI13FO01Iv0Y2vqOmrE/NRQL+yusRPKOmDKkxx1FFcdwjQZ
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:35:40 2025 by rpki-client