Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/182e091e-259f-44bd-bb67-c5e36fa6958b.roa
File: 182e091e-259f-44bd-bb67-c5e36fa6958b.roa (raw, json)
Hash identifier: zYTvvW16XK5ngI0kVfcI++rx9M1l1jWupkQEIsk+FX4=
Subject key identifier: C4:98:28:05:D0:E8:CE:07:4B:2B:F2:6E:69:BA:48:F1:7D:A4:76:83
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 365554F91DA43CB4045F89A1895F5E4BD95863A9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/182e091e-259f-44bd-bb67-c5e36fa6958b.roa
Signing time: Fri 25 Apr 2025 20:21:16 +0000
ROA not before: Fri 25 Apr 2025 20:21:16 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01c:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:55:54:f9:1d:a4:3c:b4:04:5f:89:a1:89:5f:5e:4b:d9:58:63:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:21:16 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=caf48862e72dfc827485f7d7912b31eb6aacf971d4c0643ec93bb2b204532123, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:85:0c:d4:e8:4f:ee:95:24:5a:f9:a7:21:cc:
1b:18:7c:e1:6c:87:1d:f7:8a:a3:d8:96:c7:6b:6d:
83:b0:a0:b5:4b:05:67:7f:23:2e:a3:7c:2c:d6:b0:
c7:c0:00:a2:0a:91:d8:68:87:d2:36:5a:27:c1:af:
a5:81:e7:3a:fb:59:71:3f:08:87:3e:58:87:1c:10:
81:65:cb:6a:01:78:11:e7:ab:cf:c1:59:f5:83:e9:
df:26:22:da:73:f7:89:39:83:2e:3d:9f:2f:d1:7f:
10:2b:b7:ea:42:66:55:e0:d2:bb:d2:0c:7c:5b:d9:
49:ff:ce:3f:f0:34:3f:1a:e0:87:c6:63:f9:6b:0c:
0f:f2:66:a8:62:af:70:50:4e:37:ce:ba:af:e7:1b:
f1:1e:74:dc:f6:16:21:2d:e0:8f:7b:fd:ae:55:11:
59:27:6c:b7:e6:51:54:75:e0:f7:61:d5:83:f4:90:
80:ae:1a:71:30:76:a6:de:1e:2d:88:be:b3:37:93:
b3:f9:3a:8c:fa:8c:0b:b1:1f:a9:79:29:b3:9e:1a:
3b:d4:86:c0:45:a1:7a:e1:98:52:ec:50:73:bd:9b:
cb:d3:72:bd:8a:92:c9:e3:ba:2d:ba:02:cb:fb:59:
d1:d6:9e:d8:60:4f:99:dc:b6:61:73:23:8d:c7:84:
b2:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:98:28:05:D0:E8:CE:07:4B:2B:F2:6E:69:BA:48:F1:7D:A4:76:83
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/182e091e-259f-44bd-bb67-c5e36fa6958b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01c:400::/38
Signature Algorithm: sha256WithRSAEncryption
66:98:b5:5c:40:b6:14:31:a9:7f:8f:cc:3a:6b:52:0f:12:9e:
f8:6a:93:1d:10:ac:fb:d7:71:e5:cc:b4:53:78:67:8e:28:bc:
45:f2:c3:e1:0d:2f:4e:97:1f:31:d4:f4:54:ea:2b:de:4e:b0:
21:77:11:c9:f1:b9:d3:bf:51:01:a1:5e:a1:46:a7:26:27:b5:
2f:5a:da:1a:e2:e3:a6:4b:8a:79:72:2b:ef:4b:e4:63:4f:7c:
4b:d7:db:5c:8b:a0:f9:0f:1d:77:d7:ba:d8:41:53:00:ef:03:
66:b4:f0:3e:cf:44:02:e0:14:d4:8c:34:4a:92:74:e7:57:c7:
93:e9:13:d7:1f:d1:aa:9c:8d:17:39:69:c3:96:30:c7:58:2b:
db:da:82:24:33:dd:94:3a:53:fb:c6:9f:f6:1d:f9:24:a9:3b:
4d:d5:3c:04:01:81:e9:41:f2:b4:3f:28:37:24:0b:e2:27:20:
9e:d8:a8:fe:87:36:4d:71:5b:4f:a1:c0:f4:e1:ad:fd:07:ff:
6e:e4:9d:f5:4e:97:64:f1:8e:e8:f8:88:52:4c:75:b6:16:02:
80:67:ab:11:4a:16:0d:6b:f4:b6:24:dd:c2:0c:a9:a7:7b:5e:
1e:dc:1c:70:a7:18:cb:6b:3b:a5:5a:6b:11:c5:44:b1:20:5c:
cf:b0:49:38
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNlVU+R2kPLQEX4mhiV9eS9lYY6kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDIxMTZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGNhZjQ4ODYyZTcyZGZjODI3NDg1ZjdkNzkxMmIzMWViNmFhY2Y5NzFkNGMw
NjQzZWM5M2JiMmIyMDQ1MzIxMjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKKFDNToT+6VJFr5pyHMGxh84WyHHfeKo9iWx2ttg7CgtUsFZ38jLqN8LNaw
x8AAogqR2GiH0jZaJ8GvpYHnOvtZcT8Ihz5YhxwQgWXLagF4Eeerz8FZ9YPp3yYi
2nP3iTmDLj2fL9F/ECu36kJmVeDSu9IMfFvZSf/OP/A0Pxrgh8Zj+WsMD/JmqGKv
cFBON866r+cb8R503PYWIS3gj3v9rlURWSdst+ZRVHXg92HVg/SQgK4acTB2pt4e
LYi+szeTs/k6jPqMC7EfqXkps54aO9SGwEWheuGYUuxQc72by9NyvYqSyeO6LboC
y/tZ0dae2GBPmdy2YXMjjceEsgMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTEmCgF
0OjOB0sr8m5pukjxfaR2gzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTgyZTA5MWUtMjU5Zi00NGJkLWJiNjctYzVlMzZmYTY5NThiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BwE
MA0GCSqGSIb3DQEBCwUAA4IBAQBmmLVcQLYUMal/j8w6a1IPEp74apMdEKz713Hl
zLRTeGeOKLxF8sPhDS9Olx8x1PRU6iveTrAhdxHJ8bnTv1EBoV6hRqcmJ7UvWtoa
4uOmS4p5civvS+RjT3xL19tci6D5Dx1317rYQVMA7wNmtPA+z0QC4BTUjDRKknTn
V8eT6RPXH9GqnI0XOWnDljDHWCvb2oIkM92UOlP7xp/2HfkkqTtN1TwEAYHpQfK0
Pyg3JAviJyCe2Kj+hzZNcVtPocD04a39B/9u5J31Tpdk8Y7o+IhSTHW2FgKAZ6sR
ShYNa/S2JN3CDKmne14e3BxwpxjLazulWmsRxUSxIFzPsEk4
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:57 2025 by rpki-client