Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa
File: 1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa (raw, json)
Hash identifier: 3Pbf7lO74glSk5k8Wk9yqevPqFJPdz98dfZx+VafU+Y=
Subject key identifier: 81:79:AE:D0:9C:72:5D:74:54:95:54:C7:3A:FD:26:E3:FC:AA:13:08
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B08D0A9570CE35F4489684E8C8E8FB6494879DE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa
Signing time: Fri 25 Apr 2025 20:20:07 +0000
ROA not before: Fri 25 Apr 2025 20:20:07 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01d:800::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:08:d0:a9:57:0c:e3:5f:44:89:68:4e:8c:8e:8f:b6:49:48:79:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 20:20:07 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=838bd6430097466274df5c5b2d6e44d591f349ee99de56194e2e24b256c4a8db, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:37:bb:c6:4a:f2:74:6c:42:d2:c0:aa:00:c2:
05:4c:a7:c3:de:40:bd:a1:00:6c:ec:08:bb:56:15:
bd:6e:5b:53:14:81:c3:0b:f6:2d:22:42:80:75:a2:
96:07:6b:7e:4e:00:83:cb:06:95:ba:86:98:72:ac:
20:c3:4f:61:00:ea:72:6c:af:e5:71:2e:dc:86:a1:
51:8f:a4:17:69:9c:95:58:72:f4:61:25:8e:ea:99:
d5:ae:55:44:4b:41:b8:55:7c:2a:f0:b8:64:79:da:
27:90:1c:e2:c2:5e:63:d8:c0:1f:3e:79:d0:5c:6b:
ec:c2:d9:58:80:0a:75:48:fd:97:40:0d:5c:c3:6b:
64:c7:2c:12:6f:0e:31:c7:9a:64:2a:de:8d:83:0a:
54:a4:09:1b:1c:f9:f6:8c:e5:e6:d6:e3:a1:f1:0f:
5d:bc:de:31:e3:b7:47:39:c2:5d:77:ff:c3:15:a1:
8f:06:43:e6:20:d2:15:e3:a7:30:a2:54:87:23:a0:
01:7e:1f:0e:f9:ef:80:81:18:b5:bf:92:b0:54:d9:
ee:b5:6b:c7:ec:26:e0:2d:b4:f5:da:a7:10:30:f4:
25:45:60:26:f5:77:13:7f:75:89:dc:d3:30:2a:98:
5f:c6:98:21:dd:49:62:11:c6:cd:fd:96:ad:b5:e2:
d6:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:79:AE:D0:9C:72:5D:74:54:95:54:C7:3A:FD:26:E3:FC:AA:13:08
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01d:800::/37
Signature Algorithm: sha256WithRSAEncryption
a5:7c:70:c3:34:b7:16:c4:7b:91:01:39:9b:db:ee:5d:41:5e:
6d:50:70:e2:53:74:5f:e4:c9:7b:21:aa:09:cd:05:d2:f9:6b:
9c:04:8d:66:05:37:6f:68:eb:c4:38:ed:e8:80:23:1f:58:77:
ba:ad:34:16:f5:d7:23:75:cf:3c:8c:99:c9:d7:bf:f7:c7:c4:
58:e8:48:0e:f6:6c:15:fe:c2:2b:0c:11:15:3f:76:fe:34:35:
cf:5b:d8:38:9a:ce:48:bb:40:c5:9e:9c:4f:96:2c:7a:05:4e:
15:80:50:bb:34:70:91:4e:f8:b3:26:15:86:65:61:57:c6:75:
52:d8:03:31:60:58:1e:a4:62:2d:f2:a6:5d:cd:75:9f:b5:2c:
ea:2b:8a:c6:16:91:08:b8:48:50:68:7c:e7:31:d4:7f:ce:60:
64:ae:89:68:fc:0e:90:a7:20:54:2e:1d:38:f1:e3:92:00:f2:
ac:23:8b:2f:97:46:51:1c:8b:c3:be:70:8e:b7:b3:d0:93:26:
f1:5e:21:a5:23:6c:2a:25:23:bc:16:eb:db:90:aa:ea:ef:23:
da:f4:af:76:63:c6:ba:5f:ba:8f:e8:a3:fc:49:c1:63:4a:3d:
40:16:47:0c:22:3e:6b:cf:af:d9:90:0d:a3:29:c9:84:90:4d:
83:73:67:6c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCwjQqVcM419EiWhOjI6PtklIed4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUyMDIwMDdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDgzOGJkNjQzMDA5NzQ2NjI3NGRmNWM1YjJkNmU0NGQ1OTFmMzQ5ZWU5OWRl
NTYxOTRlMmUyNGIyNTZjNGE4ZGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ43u8ZK8nRsQtLAqgDCBUynw95AvaEAbOwIu1YVvW5bUxSBwwv2LSJCgHWi
lgdrfk4Ag8sGlbqGmHKsIMNPYQDqcmyv5XEu3IahUY+kF2mclVhy9GEljuqZ1a5V
REtBuFV8KvC4ZHnaJ5Ac4sJeY9jAHz550Fxr7MLZWIAKdUj9l0ANXMNrZMcsEm8O
MceaZCrejYMKVKQJGxz59ozl5tbjofEPXbzeMeO3RznCXXf/wxWhjwZD5iDSFeOn
MKJUhyOgAX4fDvnvgIEYtb+SsFTZ7rVrx+wm4C209dqnEDD0JUVgJvV3E391idzT
MCqYX8aYId1JYhHGzf2WrbXi1h0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSBea7Q
nHJddFSVVMc6/Sbj/KoTCDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWQ0ODBiNmQtMjVmYy00ZjM3LWIxMjUtZjQ1Y2UyMzZmNGVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0B0I
MA0GCSqGSIb3DQEBCwUAA4IBAQClfHDDNLcWxHuRATmb2+5dQV5tUHDiU3Rf5Ml7
IaoJzQXS+WucBI1mBTdvaOvEOO3ogCMfWHe6rTQW9dcjdc88jJnJ17/3x8RY6EgO
9mwV/sIrDBEVP3b+NDXPW9g4ms5Iu0DFnpxPlix6BU4VgFC7NHCRTvizJhWGZWFX
xnVS2AMxYFgepGIt8qZdzXWftSzqK4rGFpEIuEhQaHznMdR/zmBkrolo/A6QpyBU
Lh048eOSAPKsI4svl0ZRHIvDvnCOt7PQkybxXiGlI2wqJSO8FuvbkKrq7yPa9K92
Y8a6X7qP6KP8ScFjSj1AFkcMIj5rz6/ZkA2jKcmEkE2Dc2ds
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:47 2025 by rpki-client