Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1aa38486-cd53-4f48-891d-a0191edf04a1.roa
File: 1aa38486-cd53-4f48-891d-a0191edf04a1.roa (raw, json)
Hash identifier: O2KynAVzRpXVpsexWTQlmsbzke1xQyq5e+aw62qpLB0=
Subject key identifier: 5F:D9:A2:80:20:1A:18:3F:36:6E:DF:59:96:75:56:C1:23:12:A3:1B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 56B8AB93336F74F3145F2E1EE956CA5ECA21A817
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1aa38486-cd53-4f48-891d-a0191edf04a1.roa
Signing time: Fri 25 Apr 2025 18:30:53 +0000
ROA not before: Fri 25 Apr 2025 18:30:53 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:90c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:b8:ab:93:33:6f:74:f3:14:5f:2e:1e:e9:56:ca:5e:ca:21:a8:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:30:53 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=20e5f5e188bbec7c950c6f75fca89fad9d736285c9c754ba06c211b53c24061c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:6f:d3:3f:65:bb:51:bb:77:0e:73:46:51:40:
a4:f2:de:2e:4a:b8:6b:06:13:68:87:f1:cc:aa:44:
12:a5:b3:33:50:a1:4a:e5:ce:82:61:00:35:07:d2:
6e:1a:c9:e5:6d:43:f1:8a:64:72:1c:04:ac:6b:87:
96:41:58:17:ee:90:14:de:f8:c1:e2:c1:b5:60:a8:
30:8c:29:d8:3a:a2:5e:8b:79:a3:c7:a1:47:3c:59:
c4:e2:5e:be:fe:0c:99:e2:65:b8:bd:44:ce:f0:8f:
a4:f7:2c:a4:1e:e8:e2:96:61:1d:da:c1:01:6a:5a:
37:26:c1:e4:ce:e9:e9:23:eb:f2:25:93:dd:5f:ec:
35:f4:5d:73:55:89:a9:5f:59:4f:26:a5:1a:92:f5:
61:8d:9d:26:34:0d:53:a8:89:30:a7:ee:3e:d6:21:
cb:fd:bf:70:a7:67:38:50:64:9a:02:d4:4b:48:11:
78:fa:c8:23:7d:24:3e:ea:1c:30:d8:ae:2f:ce:08:
3f:e3:c9:e8:a3:e6:91:fc:c5:ba:1b:c0:d1:f0:e5:
f6:7c:5a:5c:e1:06:d6:45:d7:4d:74:ac:53:e5:45:
38:0d:74:f3:05:91:5f:1f:69:6f:36:cc:03:a4:96:
3f:4e:d5:ce:a7:f1:ef:0a:cc:25:2c:00:71:43:f2:
06:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:D9:A2:80:20:1A:18:3F:36:6E:DF:59:96:75:56:C1:23:12:A3:1B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1aa38486-cd53-4f48-891d-a0191edf04a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:90c0::/48
Signature Algorithm: sha256WithRSAEncryption
02:cb:55:73:35:f6:be:43:8b:b2:3b:ef:a0:54:0c:d9:96:21:
0c:dc:0d:f2:ba:86:ce:7e:37:68:86:9a:9a:12:f2:1c:45:40:
b5:21:85:e2:1c:1a:e2:10:2e:f1:5c:28:69:05:da:90:e1:ba:
48:a7:25:05:c2:0f:2e:72:f5:0d:47:b6:60:0b:69:3f:95:57:
f8:ea:05:71:d0:04:13:e5:8d:d2:c3:a7:8c:f0:1d:b4:14:44:
6e:66:a3:54:de:a4:5d:a6:07:74:7f:87:0a:13:95:1e:a7:34:
17:83:d9:86:e9:d9:60:f4:06:08:89:a5:30:c1:41:99:90:d4:
fe:dd:ba:8b:51:a5:8a:f3:99:dd:3a:a9:77:40:e2:94:4c:a5:
ea:ff:b0:ed:76:eb:d8:de:21:b0:cc:b0:c3:21:5c:f9:fc:e9:
8e:a1:55:6f:09:03:a8:0f:ed:89:54:2b:69:f0:b4:ef:2b:3f:
cb:ff:a9:af:2f:c0:1d:c2:67:7b:d0:be:c0:73:0a:99:2b:f3:
d4:fd:19:30:c4:0c:43:46:44:47:5e:4f:80:6e:be:ac:eb:d0:
58:df:84:b7:da:7e:bf:4b:d7:d0:4d:f6:9a:36:c5:7f:85:64:
99:9a:1b:44:2e:c2:de:9b:83:ef:49:1a:e0:63:b9:d2:e1:19:
21:fb:a5:d5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVrirkzNvdPMUXy4e6VbKXsohqBcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODMwNTNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDIwZTVmNWUxODhiYmVjN2M5NTBjNmY3NWZjYTg5ZmFkOWQ3MzYyODVjOWM3
NTRiYTA2YzIxMWI1M2MyNDA2MWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANRv0z9lu1G7dw5zRlFApPLeLkq4awYTaIfxzKpEEqWzM1ChSuXOgmEANQfS
bhrJ5W1D8YpkchwErGuHlkFYF+6QFN74weLBtWCoMIwp2DqiXot5o8ehRzxZxOJe
vv4MmeJluL1EzvCPpPcspB7o4pZhHdrBAWpaNybB5M7p6SPr8iWT3V/sNfRdc1WJ
qV9ZTyalGpL1YY2dJjQNU6iJMKfuPtYhy/2/cKdnOFBkmgLUS0gRePrII30kPuoc
MNiuL84IP+PJ6KPmkfzFuhvA0fDl9nxaXOEG1kXXTXSsU+VFOA108wWRXx9pbzbM
A6SWP07Vzqfx7wrMJSwAcUPyBv0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRf2aKA
IBoYPzZu31mWdVbBIxKjGzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWFhMzg0ODYtY2Q1My00ZjQ4LTg5MWQtYTAxOTFlZGYwNGExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAAstVczX2vkOLsjvvoFQM2ZYhDNwN8rqGzn43
aIaamhLyHEVAtSGF4hwa4hAu8VwoaQXakOG6SKclBcIPLnL1DUe2YAtpP5VX+OoF
cdAEE+WN0sOnjPAdtBREbmajVN6kXaYHdH+HChOVHqc0F4PZhunZYPQGCImlMMFB
mZDU/t26i1GlivOZ3Tqpd0DilEyl6v+w7Xbr2N4hsMywwyFc+fzpjqFVbwkDqA/t
iVQrafC07ys/y/+pry/AHcJne9C+wHMKmSvz1P0ZMMQMQ0ZER15PgG6+rOvQWN+E
t9p+v0vX0E32mjbFf4VkmZobRC7C3puD70ka4GO50uEZIful1Q==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:11 2025 by rpki-client