Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d9a8425-e89b-4598-a680-84c5b341edfd.roa
File: 1d9a8425-e89b-4598-a680-84c5b341edfd.roa (raw, json)
Hash identifier: HjVJRuuRBZ1jZqvNn0/TvkDbUbtDPxw8Dv/wZRZAi7I=
Subject key identifier: 6C:84:40:ED:FC:7A:B5:D5:0C:43:A1:F6:6E:04:8E:E2:2D:B7:25:E8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 55F21323023FCD1B48431EB4AAD374556FA7443F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d9a8425-e89b-4598-a680-84c5b341edfd.roa
Signing time: Fri 25 Apr 2025 19:50:13 +0000
ROA not before: Fri 25 Apr 2025 19:50:13 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:f2:13:23:02:3f:cd:1b:48:43:1e:b4:aa:d3:74:55:6f:a7:44:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:50:13 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=0743b7f896fe096f24f79cad68c20daebecc1b89c5a7f3e5409cc4afdbd5abc5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:64:ee:fb:c4:ca:3b:52:f8:9e:8c:b8:ba:2f:
fe:fa:db:9b:6b:42:b1:ce:c0:d7:15:32:f9:61:57:
b3:f7:8a:61:a9:f6:16:f3:f5:6c:6f:8c:ee:94:53:
f9:bc:1f:ac:96:f6:bb:e4:b7:cd:a8:0d:75:29:5b:
2f:31:c9:a3:54:f9:62:c8:10:84:fa:63:41:52:1c:
a8:c9:15:2c:2a:77:0e:b0:34:81:16:f0:21:74:18:
a2:19:22:0e:29:89:57:a6:24:dc:33:70:f7:5a:06:
47:bd:47:8a:d6:6c:ca:91:2d:a8:a2:08:94:39:ad:
3c:7b:fd:e0:6f:09:d2:d9:22:2c:13:42:66:38:f1:
9e:e7:5d:24:a7:3d:51:c8:53:42:b1:0d:d4:ef:14:
3f:84:40:51:2a:b2:e3:f6:b7:8f:ce:00:2e:ce:e9:
65:0e:26:85:d0:40:76:16:05:69:3a:c5:9c:d9:f0:
fd:94:92:c8:91:7a:ad:32:62:86:d4:6b:cf:b5:7c:
a3:98:0b:4a:3e:50:6c:de:29:a3:21:f8:1c:1b:10:
b6:dc:20:c8:f4:7d:13:f4:d6:04:5e:23:4d:d6:b5:
7c:91:18:6b:e7:af:c3:62:08:29:8e:ed:0c:a0:b8:
91:2b:51:f4:d7:f4:1d:4e:b5:c9:1e:a1:9e:9f:cf:
fa:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:84:40:ED:FC:7A:B5:D5:0C:43:A1:F6:6E:04:8E:E2:2D:B7:25:E8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d9a8425-e89b-4598-a680-84c5b341edfd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:2000::/40
Signature Algorithm: sha256WithRSAEncryption
bc:c6:98:80:41:c0:21:1f:fe:60:ff:f3:38:19:8c:78:72:32:
c8:59:f7:a6:48:46:e3:fb:2e:04:0c:2b:db:14:4b:dc:53:98:
36:51:41:76:00:13:5a:41:07:fd:fd:0e:ee:7e:c0:0b:10:a6:
e0:fc:b0:b6:36:93:97:51:1b:5c:69:7b:52:f8:a3:44:09:69:
28:f1:88:e1:44:5c:18:e5:71:d8:2e:cd:25:b9:e4:cc:1a:60:
84:05:f8:52:ac:10:6a:90:6f:da:5a:db:a7:cd:3a:71:05:59:
f2:19:11:e5:df:11:dd:9e:61:dc:08:dd:da:8c:8e:1a:3c:cb:
da:93:71:54:35:64:cc:56:b9:aa:66:78:1c:49:0f:7f:ec:8c:
c7:c1:4e:9e:5f:27:8d:6b:a2:02:60:07:6c:8f:cf:33:00:7f:
6d:84:1e:80:bf:0c:d2:4f:d6:b4:de:cf:01:38:c2:05:f4:fd:
f1:8b:1e:1c:38:d1:73:7a:81:9e:54:08:9a:25:2d:58:f5:b0:
09:db:4f:88:27:2e:db:0e:b7:f2:0a:01:90:01:d7:f7:89:a6:
b0:62:cf:b8:cd:ab:ed:33:8a:8a:bd:bc:b8:5d:98:74:f3:45:
31:a2:73:6a:ea:fe:e5:d4:67:f6:25:15:0c:ed:0e:81:d0:4c:
a5:dc:22:d7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVfITIwI/zRtIQx60qtN0VW+nRD8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTUwMTNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDA3NDNiN2Y4OTZmZTA5NmYyNGY3OWNhZDY4YzIwZGFlYmVjYzFiODljNWE3
ZjNlNTQwOWNjNGFmZGJkNWFiYzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKtk7vvEyjtS+J6MuLov/vrbm2tCsc7A1xUy+WFXs/eKYan2FvP1bG+M7pRT
+bwfrJb2u+S3zagNdSlbLzHJo1T5YsgQhPpjQVIcqMkVLCp3DrA0gRbwIXQYohki
DimJV6Yk3DNw91oGR71HitZsypEtqKIIlDmtPHv94G8J0tkiLBNCZjjxnuddJKc9
UchTQrEN1O8UP4RAUSqy4/a3j84ALs7pZQ4mhdBAdhYFaTrFnNnw/ZSSyJF6rTJi
htRrz7V8o5gLSj5QbN4poyH4HBsQttwgyPR9E/TWBF4jTda1fJEYa+evw2IIKY7t
DKC4kStR9Nf0HU61yR6hnp/P+rcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRshEDt
/Hq11QxDofZuBI7iLbcl6DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWQ5YTg0MjUtZTg5Yi00NTk4LWE2ODAtODRjNWIzNDFlZGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FAg
MA0GCSqGSIb3DQEBCwUAA4IBAQC8xpiAQcAhH/5g//M4GYx4cjLIWfemSEbj+y4E
DCvbFEvcU5g2UUF2ABNaQQf9/Q7ufsALEKbg/LC2NpOXURtcaXtS+KNECWko8Yjh
RFwY5XHYLs0lueTMGmCEBfhSrBBqkG/aWtunzTpxBVnyGRHl3xHdnmHcCN3ajI4a
PMvak3FUNWTMVrmqZngcSQ9/7IzHwU6eXyeNa6ICYAdsj88zAH9thB6AvwzST9a0
3s8BOMIF9P3xix4cONFzeoGeVAiaJS1Y9bAJ20+IJy7bDrfyCgGQAdf3iaawYs+4
zavtM4qKvby4XZh080UxonNq6v7l1Gf2JRUM7Q6B0Eyl3CLX
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:48:56 2025 by rpki-client