Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17e30daf-f11a-4af6-8f47-661a735a22e9.roa
File: 17e30daf-f11a-4af6-8f47-661a735a22e9.roa (raw, json)
Hash identifier: pTyIvHDnpt5y06wd8o/4ncQDfm35fb9oq38ppam1SJw=
Subject key identifier: FA:08:1E:2A:97:1D:4F:27:39:59:1B:A1:D0:18:71:82:05:C7:5B:E4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 17D72DEF24E94EA418B22DFBD49430429511F688
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17e30daf-f11a-4af6-8f47-661a735a22e9.roa
Signing time: Fri 25 Apr 2025 19:40:04 +0000
ROA not before: Fri 25 Apr 2025 19:40:04 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:d7:2d:ef:24:e9:4e:a4:18:b2:2d:fb:d4:94:30:42:95:11:f6:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:40:04 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=b868eb2d89341fb4738fd80fc233f491b0250c1ed8002054ba03de1a534b4ae2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:69:de:ab:77:ec:d8:d0:4d:e3:c1:a5:2f:34:
f3:ff:32:5a:a4:6a:3e:79:68:f0:c9:bc:77:6a:f5:
12:8d:e7:2e:ab:83:5e:c5:88:09:db:56:4d:2c:14:
00:98:58:36:1a:d8:90:7f:b4:21:f9:fc:52:3a:2a:
f5:b8:49:93:1f:d6:6f:22:28:d4:6b:53:24:74:72:
14:ed:28:30:ff:a6:5b:99:31:09:82:77:60:c2:41:
2b:8b:48:69:53:a5:e0:a6:a0:42:a2:4e:66:59:6d:
31:ce:27:20:8d:fc:ab:e3:04:db:07:8b:3b:eb:ad:
cb:cb:83:cc:cc:31:a5:e7:ac:4b:05:38:2a:66:58:
5a:20:8c:aa:06:36:e9:e1:07:47:54:8b:bf:e7:4a:
7a:72:39:f7:1d:d8:26:3c:f2:d4:4c:a4:51:bf:db:
33:af:e6:ff:eb:11:7b:75:07:8e:04:48:df:d6:06:
dd:d7:23:1b:02:48:2f:66:b6:bb:2a:17:43:92:ff:
59:fe:7f:52:7f:39:0c:07:0b:9d:ac:32:b2:9e:6f:
4c:d4:31:79:8d:5b:cc:57:e3:17:de:06:66:97:9d:
b2:63:52:d9:cd:d5:77:d5:4c:1e:28:ea:f2:fd:fa:
1b:e1:67:a5:e9:a0:a5:be:57:f5:86:bd:da:0d:17:
b5:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:08:1E:2A:97:1D:4F:27:39:59:1B:A1:D0:18:71:82:05:C7:5B:E4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17e30daf-f11a-4af6-8f47-661a735a22e9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:5000::/40
Signature Algorithm: sha256WithRSAEncryption
ca:26:83:2a:26:4a:4b:64:f4:b8:d6:09:06:84:57:3c:97:c5:
13:67:eb:6e:ac:72:c1:56:42:32:a0:82:9a:78:24:34:29:b3:
ca:56:25:38:93:bc:6e:28:c4:51:d2:08:e4:b6:22:d1:e5:d6:
e2:b4:96:25:22:92:e8:86:3c:18:91:cf:8c:0b:6e:2f:00:d6:
5d:fc:57:2f:19:7f:a4:d4:a8:b0:e0:46:6d:ff:2c:42:a9:f7:
68:d9:0a:86:d0:38:71:20:c8:30:4f:b5:07:c9:ab:9b:ba:82:
9f:b4:7a:42:47:ef:4c:37:aa:a1:30:74:3b:05:94:5a:ca:e5:
6e:25:99:ea:b3:a9:38:74:9a:5c:12:f0:69:ae:48:90:a3:8d:
d4:a4:22:b8:54:44:39:8a:16:3c:e0:85:37:5b:94:f8:63:4b:
58:d8:1f:fc:05:fd:af:de:f5:e0:5d:a7:7e:36:d8:34:7b:40:
07:e0:03:78:37:35:00:26:a2:8f:16:eb:c6:bb:63:47:d3:cb:
ca:96:2f:eb:4f:fc:a8:37:ec:a7:73:c4:dd:e1:67:b5:3c:ef:
a0:8b:05:8e:a4:19:d1:2c:17:ed:4b:91:13:c7:1d:32:53:51:
d8:96:26:32:93:be:3d:38:a1:20:56:3f:37:4e:bd:55:f5:09:
be:f4:5c:33
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUF9ct7yTpTqQYsi371JQwQpUR9ogwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTQwMDRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4NjhlYjJkODkzNDFmYjQ3MzhmZDgwZmMyMzNmNDkxYjAyNTBjMWVkODAw
MjA1NGJhMDNkZTFhNTM0YjRhZTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALhp3qt37NjQTePBpS808/8yWqRqPnlo8Mm8d2r1Eo3nLquDXsWICdtWTSwU
AJhYNhrYkH+0Ifn8Ujoq9bhJkx/WbyIo1GtTJHRyFO0oMP+mW5kxCYJ3YMJBK4tI
aVOl4KagQqJOZlltMc4nII38q+ME2weLO+uty8uDzMwxpeesSwU4KmZYWiCMqgY2
6eEHR1SLv+dKenI59x3YJjzy1EykUb/bM6/m/+sRe3UHjgRI39YG3dcjGwJIL2a2
uyoXQ5L/Wf5/Un85DAcLnawysp5vTNQxeY1bzFfjF94GZpedsmNS2c3Vd9VMHijq
8v36G+Fnpemgpb5X9Ya92g0XtT8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT6CB4q
lx1PJzlZG6HQGHGCBcdb5DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTdlMzBkYWYtZjExYS00YWY2LThmNDctNjYxYTczNWEyMmU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FhQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDKJoMqJkpLZPS41gkGhFc8l8UTZ+turHLBVkIy
oIKaeCQ0KbPKViU4k7xuKMRR0gjktiLR5dbitJYlIpLohjwYkc+MC24vANZd/Fcv
GX+k1Kiw4EZt/yxCqfdo2QqG0DhxIMgwT7UHyaubuoKftHpCR+9MN6qhMHQ7BZRa
yuVuJZnqs6k4dJpcEvBprkiQo43UpCK4VEQ5ihY84IU3W5T4Y0tY2B/8Bf2v3vXg
Xad+Ntg0e0AH4AN4NzUAJqKPFuvGu2NH08vKli/rT/yoN+ync8Td4We1PO+giwWO
pBnRLBftS5ETxx0yU1HYliYyk749OKEgVj83Tr1V9Qm+9Fwz
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:34 2025 by rpki-client