Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa
File: 183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa (raw, json)
Hash identifier: ud4jVkSGdQQTJ5ubC87Ej7fkl3zadWZYFb9mv1Gy/is=
Subject key identifier: AC:01:AB:9A:C0:9D:86:61:25:BD:1D:B2:11:6F:ED:05:5B:F5:47:F2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4AC34B28A3D8DD06F4322E8BF417BFFCC27B6C56
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa
Signing time: Fri 25 Apr 2025 20:01:25 +0000
ROA not before: Fri 25 Apr 2025 20:01:25 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:c3:4b:28:a3:d8:dd:06:f4:32:2e:8b:f4:17:bf:fc:c2:7b:6c:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:01:25 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=820c094abd6b2d1ce256d6225ffdd18d6218d7ae72384d85d3a264ad80385f1b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:36:e4:61:3b:59:bf:b8:9e:47:70:30:ab:f8:
f9:11:3b:2c:80:16:2e:36:a6:45:05:95:07:32:a5:
57:eb:dc:84:0a:cf:42:2f:bf:9d:4d:25:e8:47:18:
39:a0:33:03:b2:6a:58:1d:7a:65:5a:39:ec:17:df:
eb:26:18:c4:f2:be:9c:78:60:84:5b:f7:03:0b:71:
80:d6:0a:07:a7:ed:31:cb:a9:bd:b6:38:4b:26:fd:
e8:e7:6c:fa:9b:59:94:d9:31:49:e8:7a:33:8b:f7:
a7:29:35:22:1d:f5:46:c8:6e:96:0d:40:08:c3:b4:
08:c7:c8:70:b0:49:23:fe:d3:6e:a3:1b:e3:db:3d:
c5:59:3e:20:96:0f:27:67:84:4d:76:b5:9a:65:d4:
b6:1b:64:40:3f:b7:8e:7c:91:5b:f7:d8:f7:68:a6:
9f:c6:1b:d2:8a:30:9e:3d:04:ef:08:e1:17:a1:51:
2e:31:3e:ec:75:56:f3:65:c8:c5:31:f5:e2:10:33:
5f:f3:ac:70:bc:8e:2f:aa:9b:45:72:64:d9:c0:8a:
a2:1d:33:b5:d2:d8:c8:13:e8:5e:11:3b:43:82:2c:
41:4d:18:c1:8a:22:1d:65:14:ae:17:72:e5:84:8b:
9b:57:f0:f3:14:ac:e2:ea:e1:4d:31:34:ec:dc:42:
09:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:01:AB:9A:C0:9D:86:61:25:BD:1D:B2:11:6F:ED:05:5B:F5:47:F2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:1000::/40
Signature Algorithm: sha256WithRSAEncryption
10:e0:93:07:5f:d1:03:68:04:3a:ab:b7:a0:be:a8:2a:33:a3:
be:fe:62:c5:a9:df:df:85:3c:fc:14:66:a7:d4:d3:7a:44:3f:
f9:2f:3e:5c:20:d0:33:ae:a9:b7:5e:26:63:8d:20:0c:b6:ee:
f9:ec:5a:35:48:d6:20:23:f4:13:5d:3d:13:1a:d3:80:1d:1b:
e9:84:9c:f0:27:7d:db:cd:ba:69:d8:12:5e:f0:1b:c0:0e:10:
37:21:cb:40:58:7c:46:cb:a5:9a:ba:52:3c:45:c7:4d:92:00:
34:d3:11:d2:f1:71:e6:27:db:7a:9e:fa:77:14:ed:fc:07:04:
b9:52:68:4d:3e:7d:45:d4:c2:40:0e:1c:30:7b:c1:3c:9a:6e:
9c:22:62:47:9f:4e:02:e1:76:27:c4:5e:15:e3:52:7e:c3:d0:
5a:c7:a6:45:bc:26:60:a1:8a:10:73:d2:07:76:38:1e:b7:90:
00:0f:eb:b4:d2:ac:e1:70:8d:57:78:0a:80:aa:d4:cc:a3:ce:
86:1c:bc:82:71:e7:b8:a4:e1:98:ef:ee:ac:d0:ff:48:7e:57:
9c:dc:26:38:4a:3d:48:63:a7:1d:96:44:c1:2e:c7:87:9f:95:
1b:f8:c2:c7:aa:e0:8e:3a:90:36:5b:aa:8a:98:f9:79:9f:0b:
ae:fe:9b:c9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSsNLKKPY3Qb0Mi6L9Be//MJ7bFYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDAxMjVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDgyMGMwOTRhYmQ2YjJkMWNlMjU2ZDYyMjVmZmRkMThkNjIxOGQ3YWU3MjM4
NGQ4NWQzYTI2NGFkODAzODVmMWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKc25GE7Wb+4nkdwMKv4+RE7LIAWLjamRQWVBzKlV+vchArPQi+/nU0l6EcY
OaAzA7JqWB16ZVo57Bff6yYYxPK+nHhghFv3AwtxgNYKB6ftMcupvbY4Syb96Ods
+ptZlNkxSeh6M4v3pyk1Ih31Rshulg1ACMO0CMfIcLBJI/7TbqMb49s9xVk+IJYP
J2eETXa1mmXUthtkQD+3jnyRW/fY92imn8Yb0oownj0E7wjhF6FRLjE+7HVW82XI
xTH14hAzX/OscLyOL6qbRXJk2cCKoh0ztdLYyBPoXhE7Q4IsQU0YwYoiHWUUrhdy
5YSLm1fw8xSs4urhTTE07NxCCWMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSsAaua
wJ2GYSW9HbIRb+0FW/VH8jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTgzZWI1ODMtM2ZiMy00YzNhLWJhZGItOWZlMGE0ZTUwZmQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAQ4JMHX9EDaAQ6q7egvqgqM6O+/mLFqd/fhTz8
FGan1NN6RD/5Lz5cINAzrqm3XiZjjSAMtu757Fo1SNYgI/QTXT0TGtOAHRvphJzw
J33bzbpp2BJe8BvADhA3IctAWHxGy6WaulI8RcdNkgA00xHS8XHmJ9t6nvp3FO38
BwS5UmhNPn1F1MJADhwwe8E8mm6cImJHn04C4XYnxF4V41J+w9Bax6ZFvCZgoYoQ
c9IHdjget5AAD+u00qzhcI1XeAqAqtTMo86GHLyCcee4pOGY7+6s0P9Iflec3CY4
Sj1IY6cdlkTBLseHn5Ub+MLHquCOOpA2W6qKmPl5nwuu/pvJ
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:11 2025 by rpki-client