Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1f07adbd-573b-4a8c-861a-930797d8dcc7.roa
File: 1f07adbd-573b-4a8c-861a-930797d8dcc7.roa (raw, json)
Hash identifier: d0gLz0dVm2rF55Ey7PTsi/98kthNb3TiTx7nOyoz8Yk=
Subject key identifier: 0D:52:2B:C5:35:95:12:8F:2E:41:BE:1E:D5:4A:73:14:B6:92:38:30
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5A9048B33177E45201ACDB2D4AC9A1D19F429DF4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1f07adbd-573b-4a8c-861a-930797d8dcc7.roa
Signing time: Fri 25 Apr 2025 19:31:34 +0000
ROA not before: Fri 25 Apr 2025 19:31:34 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:40c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:90:48:b3:31:77:e4:52:01:ac:db:2d:4a:c9:a1:d1:9f:42:9d:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 19:31:34 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=f2ce304043ac45a4deeb109068da426aeb13675ced755f86ff9842cfd155b493, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3d:ea:3b:9b:58:39:fd:45:b6:88:81:c1:af:
2f:6f:46:05:80:9a:d1:b5:76:29:ec:95:33:70:ef:
62:bb:f7:6a:57:a9:19:e0:f1:97:6e:ee:12:04:a7:
61:f3:aa:6e:ba:77:ca:8a:c1:c8:97:68:c4:71:ea:
da:8b:41:f7:40:8b:0d:b9:8d:47:5e:b1:65:1c:32:
9f:29:a2:ff:53:55:e2:dd:78:49:91:45:e9:5f:44:
f6:f4:21:c3:2e:4e:ed:81:f3:5c:34:b8:67:ca:97:
7a:33:30:29:1c:53:38:93:5f:c7:49:65:36:27:5f:
d3:97:56:4c:ed:d7:77:ba:0b:18:73:e5:7d:a9:15:
a2:4f:ab:5c:fd:5a:f5:08:09:14:20:13:3b:b0:0d:
20:72:3a:2d:ce:a8:6f:c5:83:e9:4d:c0:ad:76:f7:
92:24:a4:b3:f8:d5:a0:84:5c:2d:4d:67:eb:fa:17:
27:04:f4:6b:b1:60:de:7b:e3:03:21:20:0b:4a:04:
96:68:8c:8d:25:42:b6:03:dc:b3:68:1c:f9:37:bf:
48:43:c1:03:66:a5:fb:a1:b3:9f:ea:1e:1c:12:32:
fc:0f:43:00:5d:a5:9d:a0:e9:59:ff:0c:6f:14:c8:
36:11:3c:38:b4:b3:31:23:82:0d:c8:54:b9:05:ae:
99:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:52:2B:C5:35:95:12:8F:2E:41:BE:1E:D5:4A:73:14:B6:92:38:30
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1f07adbd-573b-4a8c-861a-930797d8dcc7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:40c0::/46
Signature Algorithm: sha256WithRSAEncryption
7e:02:82:76:3f:dc:72:67:49:64:c9:48:ed:9f:00:01:97:ca:
0d:85:da:da:71:2a:3e:cd:04:e0:0d:03:0d:f3:79:78:b0:53:
55:05:a1:69:6b:de:26:08:e3:db:a7:30:16:d7:8f:3e:8b:93:
1c:75:54:6c:af:3c:1d:cf:22:bb:74:46:47:b7:78:db:7e:60:
e5:da:2a:b7:42:fb:15:aa:d5:19:7d:59:99:c4:20:4f:4b:4b:
5f:c6:dc:51:8e:35:60:f2:0a:25:ca:3e:91:f3:16:4f:73:54:
10:11:77:ee:2b:34:99:22:bd:93:1f:a8:b8:f5:d6:de:12:cc:
1d:89:9d:10:ba:e4:fe:76:b9:a3:ac:d6:f1:4b:8f:3d:82:fb:
fb:b8:07:b4:5f:33:79:cf:42:26:b4:ae:ad:b5:5c:ed:5f:01:
db:50:87:dd:de:96:fb:6d:aa:b9:46:43:2f:7a:91:fb:b7:3c:
07:6e:2a:e6:f9:65:c4:94:1b:02:d8:db:91:30:cc:5d:2b:84:
6f:ad:a5:92:9e:6e:ef:f9:0f:56:93:2c:90:99:fc:d6:fc:b0:
55:dd:3b:67:b3:15:46:6b:80:92:10:7c:5f:42:9f:85:5b:11:
aa:cb:0f:c6:12:1a:ff:eb:47:4d:f3:82:a0:53:35:25:b6:e8:
dc:5a:4f:8f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWpBIszF35FIBrNstSsmh0Z9CnfQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxOTMxMzRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyY2UzMDQwNDNhYzQ1YTRkZWViMTA5MDY4ZGE0MjZhZWIxMzY3NWNlZDc1
NWY4NmZmOTg0MmNmZDE1NWI0OTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAME96jubWDn9RbaIgcGvL29GBYCa0bV2KeyVM3DvYrv3alepGeDxl27uEgSn
YfOqbrp3yorByJdoxHHq2otB90CLDbmNR16xZRwynymi/1NV4t14SZFF6V9E9vQh
wy5O7YHzXDS4Z8qXejMwKRxTOJNfx0llNidf05dWTO3Xd7oLGHPlfakVok+rXP1a
9QgJFCATO7ANIHI6Lc6ob8WD6U3ArXb3kiSks/jVoIRcLU1n6/oXJwT0a7Fg3nvj
AyEgC0oElmiMjSVCtgPcs2gc+Te/SEPBA2al+6Gzn+oeHBIy/A9DAF2lnaDpWf8M
bxTINhE8OLSzMSOCDchUuQWumbMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQNUivF
NZUSjy5Bvh7VSnMUtpI4MDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWYwN2FkYmQtNTczYi00YThjLTg2MWEtOTMwNzk3ZDhkY2M3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HdA
wDANBgkqhkiG9w0BAQsFAAOCAQEAfgKCdj/ccmdJZMlI7Z8AAZfKDYXa2nEqPs0E
4A0DDfN5eLBTVQWhaWveJgjj26cwFtePPouTHHVUbK88Hc8iu3RGR7d4235g5doq
t0L7FarVGX1ZmcQgT0tLX8bcUY41YPIKJco+kfMWT3NUEBF37is0mSK9kx+ouPXW
3hLMHYmdELrk/na5o6zW8UuPPYL7+7gHtF8zec9CJrSurbVc7V8B21CH3d6W+22q
uUZDL3qR+7c8B24q5vllxJQbAtjbkTDMXSuEb62lkp5u7/kPVpMskJn81vywVd07
Z7MVRmuAkhB8X0KfhVsRqssPxhIa/+tHTfOCoFM1Jbbo3FpPjw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:12 2025 by rpki-client